Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31913 | 1 Online Discussion Forum Site Project | 1 Online Discussion Forum Site | 2022-06-27 | 3.5 LOW | 4.8 MEDIUM |
| Online Discussion Forum Site v1.0 is vulnerable to Cross Site Scripting (XSS) via /odfs/classes/Master.php?f=save_category, name. | |||||
| CVE-2022-30167 | 1 Microsoft | 1 Av1 Video Extension | 2022-06-27 | 6.8 MEDIUM | 7.8 HIGH |
| AV1 Video Extension Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30193. | |||||
| CVE-2022-30143 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-06-27 | 5.1 MEDIUM | 7.5 HIGH |
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. | |||||
| CVE-2022-30153 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-06-27 | 6.8 MEDIUM | 8.8 HIGH |
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30161. | |||||
| CVE-2022-30161 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-06-27 | 6.8 MEDIUM | 8.8 HIGH |
| Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153. | |||||
| CVE-2022-20664 | 1 Cisco | 2 Email Security Appliance, Secure Email And Web Manager | 2022-06-27 | 3.5 LOW | 7.7 HIGH |
| A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an authenticated, remote attacker to retrieve sensitive information from a Lightweight Directory Access Protocol (LDAP) external authentication server connected to an affected device. This vulnerability is due to a lack of proper input sanitization while querying the external authentication server. An attacker could exploit this vulnerability by sending a crafted query through an external authentication web page. A successful exploit could allow the attacker to gain access to sensitive information, including user credentials from the external authentication server. To exploit this vulnerability, an attacker would need valid operator-level (or higher) credentials. | |||||
| CVE-2022-29453 | 1 Ayecode | 1 Api Key For Google Maps | 2022-06-27 | 4.3 MEDIUM | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in API KEY for Google Maps plugin <= 1.2.1 at WordPress leading to Google Maps API key update. | |||||
| CVE-2022-29442 | 1 Private Messages Project | 1 Private Messages | 2022-06-27 | 3.5 LOW | 5.4 MEDIUM |
| Authenticated (subscriber or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Messages For WordPress <= 2.1.10 at WordPress. | |||||
| CVE-2022-29441 | 1 Private Messages Project | 1 Private Messages | 2022-06-27 | 4.3 MEDIUM | 4.3 MEDIUM |
| Cross-Site Request Forgery (CSRF) vulnerability in Private Messages For WordPress plugin <= 2.1.10 at WordPress allows attackers to send messages. | |||||
| CVE-2022-29440 | 1 Promotion Slider Project | 1 Promotion Slider | 2022-06-27 | 3.5 LOW | 5.4 MEDIUM |
| Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Promotion Slider plugin <= 3.3.4 at WordPress. | |||||
| CVE-2021-30327 | 1 Qualcomm | 158 Apq8097, Apq8097 Firmware, Apq8098 and 155 more | 2022-06-26 | 7.2 HIGH | 6.8 MEDIUM |
| Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music | |||||
| CVE-2021-30281 | 1 Qualcomm | 294 Aqt1000, Aqt1000 Firmware, Ar8031 and 291 more | 2022-06-26 | 7.2 HIGH | 7.8 HIGH |
| Possible unauthorized access to secure space due to improper check of data allowed while flashing the no access control device configuration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2022-30932 | 2022-06-26 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2022-27092 | 2022-06-26 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2022-30158 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2022-06-25 | 6.0 MEDIUM | 8.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30157. | |||||
| CVE-2022-30157 | 1 Microsoft | 1 Sharepoint Server | 2022-06-25 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30158. | |||||
| CVE-2022-30159 | 1 Microsoft | 3 Office Online Server, Office Web Apps Server, Sharepoint Server | 2022-06-25 | 4.3 MEDIUM | 5.5 MEDIUM |
| Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30171, CVE-2022-30172. | |||||
| CVE-2022-30171 | 1 Microsoft | 3 Office Online Server, Office Web Apps Server, Sharepoint Server | 2022-06-25 | 4.3 MEDIUM | 5.5 MEDIUM |
| Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30172. | |||||
| CVE-2022-30172 | 1 Microsoft | 3 Office Online Server, Office Web Apps Server, Sharepoint Server | 2022-06-25 | 4.3 MEDIUM | 5.5 MEDIUM |
| Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30171. | |||||
| CVE-2022-30173 | 1 Microsoft | 2 Excel, Office Web Apps Server | 2022-06-24 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability. | |||||