Total
6504 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-40231 | 3 Ibm, Linux, Microsoft | 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more | 2023-03-01 | N/A | 8.8 HIGH |
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 could allow an authenticated user to perform unauthorized actions due to improper access controls. IBM X-Force ID: 235533. | |||||
CVE-2022-43930 | 2 Ibm, Microsoft | 2 Db2, Windows | 2023-03-01 | N/A | 7.5 HIGH |
IBM Db2 for Linux, UNIX and Windows 10.5, 11.1, and 11.5 is vulnerable to an Information Disclosure as sensitive information may be included in a log file. IBM X-Force ID: 241677. | |||||
CVE-2021-26334 | 3 Amd, Linux, Microsoft | 3 Amd Uprof, Linux Kernel, Windows | 2023-03-01 | 9.0 HIGH | 9.9 CRITICAL |
The AMDPowerProfiler.sys driver of AMD ?Prof tool may allow lower privileged users to access MSRs in kernel which may lead to privilege escalation and ring-0 code execution by the lower privileged user. | |||||
CVE-2021-36741 | 2 Microsoft, Trendmicro | 5 Windows, Apex One, Officescan and 2 more | 2023-03-01 | 6.5 MEDIUM | 8.8 HIGH |
An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the product?s management console in order to exploit this vulnerability. | |||||
CVE-2022-40232 | 3 Ibm, Linux, Microsoft | 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more | 2023-03-01 | N/A | 8.8 HIGH |
IBM Sterling B2B Integrator Standard Edition 6.1.0.0 through 6.1.1.1, and 6.1.2.0 could allow an authenticated user to perform actions they should not have access to due to improper permission controls. IBM X-Force ID: 235597. | |||||
CVE-2022-27674 | 4 Amd, Freebsd, Linux and 1 more | 4 Amd Uprof, Freebsd, Linux Kernel and 1 more | 2023-03-01 | N/A | 7.5 HIGH |
Insufficient validation in the IOCTL input/output buffer in AMD ?Prof may allow an attacker to bypass bounds checks potentially leading to a Windows kernel crash resulting in denial of service. | |||||
CVE-2022-23831 | 4 Amd, Freebsd, Linux and 1 more | 4 Amd Uprof, Freebsd, Linux Kernel and 1 more | 2023-03-01 | N/A | 7.5 HIGH |
Insufficient validation of the IOCTL input buffer in AMD ?Prof may allow an attacker to send an arbitrary buffer leading to a potential Windows kernel crash resulting in denial of service. | |||||
CVE-2023-22243 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2023-03-01 | N/A | 7.8 HIGH |
Adobe Animate versions 22.0.8 (and earlier) and 23.0.0 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2023-22244 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2023-03-01 | N/A | 7.8 HIGH |
Adobe Premiere Rush version 2.6 (and earlier) is affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2023-22246 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2023-03-01 | N/A | 7.8 HIGH |
Adobe Animate versions 22.0.8 (and earlier) and 23.0.0 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2019-4193 | 3 Ibm, Linux, Microsoft | 4 Aix, Jazz For Service Management, Linux Kernel and 1 more | 2023-03-01 | 5.0 MEDIUM | 7.5 HIGH |
IBM Jazz for Service Management 1.1.3 and 1.1.3.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-force ID: 159032. | |||||
CVE-2022-41552 | 3 Hitachi, Linux, Microsoft | 5 Infrastructure Analytics Advisor, Ops Center Analyzer, Ops Center Viewpoint and 2 more | 2023-03-01 | N/A | 9.8 CRITICAL |
Server-Side Request Forgery (SSRF) vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Data Center Analytics, Analytics probe components), Hitachi Ops Center Analyzer on Linux (Hitachi Ops Center Analyzer detail view, Hitachi Ops Center Analyzer probe components) allows Server Side Request Forgery. This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.0-00. | |||||
CVE-2020-36605 | 3 Hitachi, Linux, Microsoft | 5 Infrastructure Analytics Advisor, Ops Center Analyzer, Ops Center Viewpoint and 2 more | 2023-03-01 | N/A | 4.4 MEDIUM |
Incorrect Default Permissions vulnerability in Hitachi Infrastructure Analytics Advisor on Linux (Analytics probe component), Hitachi Ops Center Analyzer on Linux (Analyzer probe component), Hitachi Ops Center Viewpoint on Linux (Viewpoint RAID Agent component) allows local users to read and write specific files. This issue affects Hitachi Infrastructure Analytics Advisor: from 2.0.0-00 through 4.4.0-00; Hitachi Ops Center Analyzer: from 10.0.0-00 before 10.9.0-00; Hitachi Ops Center Viewpoint: from 10.8.0-00 before 10.9.0-00. | |||||
CVE-2019-14213 | 2 Foxitsoftware, Microsoft | 2 Phantompdf, Windows | 2023-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in Foxit PhantomPDF before 8.3.11. The application could crash due to the repeated release of the signature dictionary during CSG_SignatureF and CPDF_Document destruction. | |||||
CVE-2022-30634 | 3 Golang, Microsoft, Netapp | 3 Go, Windows, Cloud Insights Telegraf Agent | 2023-02-28 | N/A | 7.5 HIGH |
Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 on Windows allows attacker to cause an indefinite hang by passing a buffer larger than 1 << 32 - 1 bytes. | |||||
CVE-2023-21593 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2023-02-28 | N/A | 5.5 MEDIUM |
Adobe InDesign versions ID18.1 (and earlier) and ID17.4 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2022-43579 | 3 Ibm, Linux, Microsoft | 4 Aix, Sterling B2b Integrator, Linux Kernel and 1 more | 2023-02-28 | N/A | 5.4 MEDIUM |
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 238684. | |||||
CVE-2022-26509 | 3 Intel, Linux, Microsoft | 3 Sgx Sdk, Linux Kernel, Windows | 2023-02-28 | N/A | 5.5 MEDIUM |
Improper conditions check in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access. | |||||
CVE-2023-24960 | 3 Ibm, Linux, Microsoft | 4 Aix, Infosphere Information Server, Linux Kernel and 1 more | 2023-02-28 | N/A | 7.5 HIGH |
IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 246333 | |||||
CVE-2023-26020 | 4 Apple, Craftercms, Linux and 1 more | 4 Macos, Crafter Cms, Linux Kernel and 1 more | 2023-02-28 | N/A | 7.2 HIGH |
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crafter Studio on Linux, MacOS, Windows, x86, ARM, 64 bit allows SQL Injection.This issue affects CrafterCMS v4.0 from 4.0.0 through 4.0.1, and v3.1 from 3.1.0 through 3.1.26. |