Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-21152 | 1 Intel | 1 Edge Insights For Industrial | 2022-08-19 | N/A | 5.5 MEDIUM |
| Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2022-22730 | 1 Intel | 1 Edge Insights For Industrial | 2022-08-19 | N/A | 9.8 CRITICAL |
| Improper authentication in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | |||||
| CVE-2022-21148 | 1 Intel | 1 Edge Insights For Industrial | 2022-08-19 | N/A | 7.8 HIGH |
| Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-37025 | 1 Mcafee | 1 Security Scan Plus | 2022-08-19 | N/A | 7.8 HIGH |
| An improper privilege management vulnerability in McAfee Security Scan Plus (MSS+) before 4.1.262.1 could allow a local user to modify a configuration file and perform a LOLBin (Living off the land) attack. This could result in the user gaining elevated permissions and being able to execute arbitrary code due to lack of an integrity check of the configuration file. | |||||
| CVE-2022-35212 | 1 Oscommerce | 1 Oscommerce | 2022-08-19 | N/A | 6.1 MEDIUM |
| osCommerce2 before v2.3.4.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the function tep_db_error(). | |||||
| CVE-2022-23747 | 1 Sony | 6 Xperia 1, Xperia 1 Firmware, Xperia 5 and 3 more | 2022-08-19 | N/A | 9.8 CRITICAL |
| In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback. | |||||
| CVE-2022-35204 | 1 Vitejs | 1 Vite | 2022-08-19 | N/A | 4.3 MEDIUM |
| Vitejs Vite before v2.9.13 was discovered to allow attackers to perform a directory traversal via a crafted URL to the victim's service. | |||||
| CVE-2022-36722 | 1 Library Management System Project | 1 Library Management System | 2022-08-19 | N/A | 9.8 CRITICAL |
| Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the title parameter at /librarian/history.php. | |||||
| CVE-2022-36725 | 1 Library Management System Project | 1 Library Management System | 2022-08-19 | N/A | 9.8 CRITICAL |
| Library Management System v1.0 was discovered to contain a SQL injection vulnerability via the M_Id parameter at /student/dele.php. | |||||
| CVE-2022-35000 | 1 Bitbanksoftware | 1 Jpegdec | 2022-08-19 | N/A | 5.5 MEDIUM |
| JPEGDEC commit be4843c was discovered to contain a segmentation fault via fseek at /libio/fseek.c. | |||||
| CVE-2022-35540 | 1 Dotnetcore | 1 Agileconfig | 2022-08-19 | N/A | 9.8 CRITICAL |
| Hardcoded JWT Secret in AgileConfig <1.6.8 Server allows remote attackers to use the generated JWT token to gain administrator access. | |||||
| CVE-2021-46778 | 1 Amd | 358 Athlon 3050ge, Athlon 3050ge Firmware, Athlon 3150g and 355 more | 2022-08-19 | N/A | 5.6 MEDIUM |
| Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed “Zen 1”, “Zen 2” and “Zen 3” that use simultaneous multithreading (SMT). By measuring the contention level on scheduler queues an attacker may potentially leak sensitive information. | |||||
| CVE-2020-23466 | 1 Online Marriage Registration System Project | 1 Online Marriage Registration System | 2022-08-19 | N/A | 5.4 MEDIUM |
| Cross Site Scripting (XSS) vulnerability exists in the phpgurukul Online Marriage Registration System 1.0 allows attackers to run arbitrary code via the wzipcode field. | |||||
| CVE-2022-35004 | 1 Bitbanksoftware | 1 Jpegdec | 2022-08-19 | N/A | 5.5 MEDIUM |
| JPEGDEC commit be4843c was discovered to contain a FPE via TIFFSHORT at /src/jpeg.inl. | |||||
| CVE-2022-35003 | 1 Bitbanksoftware | 1 Jpegdec | 2022-08-19 | N/A | 7.8 HIGH |
| JPEGDEC commit be4843c was discovered to contain a global buffer overflow via ucDitherBuffer at /src/jpeg.inl. | |||||
| CVE-2022-35002 | 1 Bitbanksoftware | 1 Jpegdec | 2022-08-19 | N/A | 5.5 MEDIUM |
| JPEGDEC commit be4843c was discovered to contain a segmentation fault via TIFFSHORT at /src/jpeg.inl. | |||||
| CVE-2022-34999 | 1 Bitbanksoftware | 1 Jpegdec | 2022-08-19 | N/A | 5.5 MEDIUM |
| JPEGDEC commit be4843c was discovered to contain a FPE via DecodeJPEG at /src/jpeg.inl. | |||||
| CVE-2022-21123 | 5 Debian, Fedoraproject, Intel and 2 more | 7 Debian Linux, Fedora, Sgx Dcap and 4 more | 2022-08-19 | 2.1 LOW | 5.5 MEDIUM |
| Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2022-31813 | 3 Apache, Fedoraproject, Netapp | 3 Http Server, Fedora, Clustered Data Ontap | 2022-08-19 | 7.5 HIGH | 9.8 CRITICAL |
| Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded-* headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application. | |||||
| CVE-2022-34998 | 1 Bitbanksoftware | 1 Jpegdec | 2022-08-19 | N/A | 7.8 HIGH |
| JPEGDEC commit be4843c was discovered to contain a global buffer overflow via JPEGDecodeMCU at /src/jpeg.inl. | |||||