Total
210374 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-0946 | 1 Showdoc | 1 Showdoc | 2022-03-18 | 3.5 LOW | 5.4 MEDIUM |
Stored XSS viva cshtm file upload in GitHub repository star7th/showdoc prior to v2.10.4. | |||||
CVE-2022-26847 | 2 Debian, Spip | 2 Debian Linux, Spip | 2022-03-18 | 5.0 MEDIUM | 5.3 MEDIUM |
SPIP before 3.2.14 and 4.x before 4.0.5 allows unauthenticated access to information about editorial objects. | |||||
CVE-2022-25830 | 1 Samsung | 1 Galaxy Watch 3 Plugin | 2022-03-18 | 2.1 LOW | 3.3 LOW |
Information Exposure vulnerability in Galaxy Watch3 Plugin prior to version 2.2.09.22012751 allows attacker to access password information of connected WiFiAp in the log | |||||
CVE-2022-0822 | 1 Orchardcore | 1 Orchardcore | 2022-03-18 | 3.5 LOW | 5.4 MEDIUM |
Cross-site Scripting (XSS) - Reflected in GitHub repository orchardcms/orchardcore prior to 1.3.0. | |||||
CVE-2022-0820 | 1 Orchardcore | 1 Orchardcore | 2022-03-18 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site Scripting (XSS) - Stored in GitHub repository orchardcms/orchardcore prior to 1.3.0. | |||||
CVE-2022-25829 | 1 Samsung | 1 Watch Active2 Plugin | 2022-03-18 | 2.1 LOW | 3.3 LOW |
Information Exposure vulnerability in Watch Active2 Plugin prior to version 2.2.08.22012751 allows attacker to access password information of connected WiFiAp in the log | |||||
CVE-2022-25828 | 1 Samsung | 1 Watch Active Plugin | 2022-03-18 | 2.1 LOW | 3.3 LOW |
Information Exposure vulnerability in Watch Active Plugin prior to version 2.2.07.22012751 allows attacker to access password information of connected WiFiAp in the log | |||||
CVE-2022-25827 | 1 Samsung | 1 Galaxy Watch Plugin | 2022-03-18 | 2.1 LOW | 3.3 LOW |
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.22012751 allows attacker to access password information of connected WiFiAp in the log | |||||
CVE-2022-25826 | 1 Samsung | 1 Galaxy Watch 3 Plugin | 2022-03-18 | 2.1 LOW | 3.3 LOW |
Information Exposure vulnerability in Galaxy S3 Plugin prior to version 2.2.03.22012751 allows attacker to access password information of connected WiFiAp in the log | |||||
CVE-2022-25825 | 1 Samasung | 1 Account | 2022-03-18 | 2.1 LOW | 5.5 MEDIUM |
Improper access control vulnerability in Samsung Account prior to version 13.1.0.1 allows attackers to access to the authcode for sign-in. | |||||
CVE-2022-25824 | 1 Samsung | 1 Bixby Touch | 2022-03-18 | 2.1 LOW | 3.3 LOW |
Improper access control vulnerability in BixbyTouch prior to version 2.2.00.6 in China models allows untrusted applications to load arbitrary URL and local files in webview. | |||||
CVE-2022-25823 | 1 Samsung | 1 Galaxy Watch Plugin | 2022-03-18 | 2.1 LOW | 3.3 LOW |
Information Exposure vulnerability in Galaxy Watch Plugin prior to version 2.2.05.220126741 allows attackers to access user information in log. | |||||
CVE-2022-25561 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2022-03-18 | 7.8 HIGH | 7.5 HIGH |
Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42DE00. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter. | |||||
CVE-2022-25560 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2022-03-18 | 7.8 HIGH | 7.5 HIGH |
Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_4327CC. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter. | |||||
CVE-2022-25556 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2022-03-18 | 7.8 HIGH | 7.5 HIGH |
Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42E328. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter. | |||||
CVE-2022-25294 | 2 Microsoft, Proofpoint | 2 Windows, Insider Threat Management | 2022-03-18 | 7.2 HIGH | 7.8 HIGH |
Proofpoint Insider Threat Management Agent for Windows relies on an inherently dangerous function that could enable an unprivileged local Windows user to run arbitrary code with SYSTEM privileges. All versions prior to 7.12.1 are affected. Agents for MacOS and Linux and Cloud are unaffected. Proofpoint has released fixed software version 7.12.1. The fixed software versions are available through the customer support portal. | |||||
CVE-2022-25244 | 1 Hashicorp | 1 Vault | 2022-03-18 | 4.0 MEDIUM | 6.5 MEDIUM |
Vault Enterprise clusters using the tokenization transform feature can expose the tokenization key through the tokenization key configuration endpoint to authorized operators with `read` permissions on this endpoint. Fixed in Vault Enterprise 1.9.4, 1.8.9 and 1.7.10. | |||||
CVE-2022-0821 | 1 Orchardcore | 1 Orchardcore | 2022-03-18 | 4.0 MEDIUM | 6.5 MEDIUM |
Improper Authorization in GitHub repository orchardcms/orchardcore prior to 1.3.0. | |||||
CVE-2022-0932 | 1 Saleor | 1 Saleor | 2022-03-18 | 4.0 MEDIUM | 6.5 MEDIUM |
Improper Authorization in GitHub repository saleor/saleor prior to 3.1.2. | |||||
CVE-2022-26846 | 2 Debian, Spip | 2 Debian Linux, Spip | 2022-03-18 | 6.5 MEDIUM | 8.8 HIGH |
SPIP before 3.2.14 and 4.x before 4.0.5 allows remote authenticated editors to execute arbitrary code. |