Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-34968 | 1 Percona | 1 Percona Server | 2022-08-09 | N/A | 7.5 HIGH |
| An issue in the fetch_step function in Percona Server for MySQL v8.0.28-19 allows attackers to cause a Denial of Service (DoS) via a SQL query. | |||||
| CVE-2022-36800 | 1 Atlassian | 1 Jira Service Management | 2022-08-09 | N/A | 4.3 MEDIUM |
| Affected versions of Atlassian Jira Service Management Server and Data Center allow remote attackers without the "Browse Users" permission to view groups via an Information Disclosure vulnerability in the browsegroups.action endpoint. The affected versions are before version 4.22.2. | |||||
| CVE-2022-36336 | 2 Microsoft, Trendmicro | 4 Windows, Apex One, Worry-free Business Security and 1 more | 2022-08-09 | N/A | 7.8 HIGH |
| A link following vulnerability in the scanning function of Trend Micro Apex One and Worry-Free Business Security agents could allow a local attacker to escalate privileges on affected installations. The resolution for this issue has been deployed automatically via ActiveUpdate to customers in an updated Spyware pattern. Customers who are up-to-date on detection patterns are not required to take any additional steps to mitigate this issue. | |||||
| CVE-2022-35867 | 1 Xhyve Project | 1 Xhyve | 2022-08-09 | N/A | 6.7 MEDIUM |
| This vulnerability allows local attackers to escalate privileges on affected installations of xhyve. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the e1000 virtual device. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-15056. | |||||
| CVE-2022-36987 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2022-08-09 | N/A | 6.5 MEDIUM |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write files to a NetBackup Primary server. | |||||
| CVE-2022-34871 | 1 Centreon | 1 Centreon | 2022-08-09 | N/A | 7.2 HIGH |
| This vulnerability allows remote attackers to escalate privileges on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the configuration of poller resources. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to escalate privileges to the level of an administrator. Was ZDI-CAN-16335. | |||||
| CVE-2022-36986 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2022-08-09 | N/A | 9.8 CRITICAL |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with unauthenticated access could remotely execute arbitrary commands on a NetBackup Primary server. | |||||
| CVE-2022-36988 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2022-08-09 | N/A | 8.8 HIGH |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup OpsCenter server, NetBackup Primary server, or NetBackup Media server could remotely execute arbitrary commands on a NetBackup Primary server or NetBackup Media server. | |||||
| CVE-2022-36989 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2022-08-09 | N/A | 8.8 HIGH |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server. | |||||
| CVE-2022-34872 | 1 Centreon | 1 Centreon | 2022-08-09 | N/A | 6.5 MEDIUM |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of Centreon. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of Virtual Metrics. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-16336. | |||||
| CVE-2022-36990 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2022-08-09 | N/A | 6.5 MEDIUM |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely write arbitrary files to arbitrary locations from any Client to any other Client via a Primary server. | |||||
| CVE-2022-35864 | 1 Bmc | 1 Track-it\! | 2022-08-09 | N/A | 6.5 MEDIUM |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of BMC Track-It! 20.21.02.109. Authentication is required to exploit this vulnerability. The specific flaw exists within the GetPopupSubQueryDetails endpoint. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-16690. | |||||
| CVE-2022-36991 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2022-08-09 | N/A | 6.5 MEDIUM |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily write content to a partially controlled path on a NetBackup Primary server. | |||||
| CVE-2022-35865 | 1 Bmc | 1 Track-it\! | 2022-08-09 | N/A | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of BMC Track-It! 20.21.2.109. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authorization of HTTP requests. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-16709. | |||||
| CVE-2022-36992 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2022-08-09 | N/A | 8.8 HIGH |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely execute arbitrary commands on a NetBackup Primary server (in specific notify conditions). | |||||
| CVE-2022-36995 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2022-08-09 | N/A | 4.3 MEDIUM |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could arbitrarily create directories on a NetBackup Primary server. | |||||
| CVE-2022-36997 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2022-08-09 | N/A | 8.8 HIGH |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger impacts that include arbitrary file read, Server-Side Request Forgery (SSRF), and denial of service. | |||||
| CVE-2022-36998 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2022-08-09 | N/A | 6.5 MEDIUM |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a stack-based buffer overflow on the NetBackup Primary server, resulting in a denial of service. | |||||
| CVE-2022-36999 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2022-08-09 | N/A | 6.5 MEDIUM |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). Under certain conditions, an attacker with authenticated access to a NetBackup Client could remotely read files on a NetBackup Primary server. | |||||
| CVE-2022-34567 | 1 Uthscsa | 1 Multi-image Analysis Gui | 2022-08-09 | N/A | 8.8 HIGH |
| An issue in \Roaming\Mango\Plugins of University of Texas Multi-image Analysis GUI (Mango) 4.1 allows attackers to escalate privileges via crafted plugins. | |||||