Total
6504 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-29907 | 3 Ibm, Linux, Microsoft | 3 Openpages With Watson, Linux Kernel, Windows | 2022-08-01 | 6.5 MEDIUM | 8.8 HIGH |
| IBM OpenPages with Watson 8.1 and 8.2 could allow an authenticated user to upload a file that could execute arbitrary code on the system. IBM X-Force ID: 207633. | |||||
| CVE-2022-22389 | 4 Ibm, Linux, Microsoft and 1 more | 4 Db2, Linux Kernel, Windows and 1 more | 2022-07-29 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service as the server may terminate abnormally when executing specially crafted SQL statements by an authenticated user. IBM X-Force ID: 2219740. | |||||
| CVE-2022-22390 | 4 Ibm, Linux, Microsoft and 1 more | 4 Db2, Linux Kernel, Windows and 1 more | 2022-07-29 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Db2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, 11.1, and 11.5 may be vulnerable to an information disclosure caused by improper privilege management when table function is used. IBM X-Force ID: 221973. | |||||
| CVE-2022-28878 | 3 Apple, F-secure, Microsoft | 9 Macos, Atlant, Cloud Protection For Salesforce and 6 more | 2022-07-28 | N/A | 7.5 HIGH |
| A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed APK file it is possible that can crash the scanning engine. | |||||
| CVE-2022-28877 | 2 F-secure, Microsoft | 2 Elements Endpoint Protection, Windows | 2022-07-27 | N/A | 6.7 MEDIUM |
| This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure & WithSecure windows endpoint products. An attacker must have code execution rights on the victim machine prior to successful exploitation. | |||||
| CVE-2021-43940 | 2 Atlassian, Microsoft | 3 Confluence Data Center, Confluence Server, Windows | 2022-07-27 | 6.9 MEDIUM | 7.8 HIGH |
| Affected versions of Atlassian Confluence Server and Data Center allow authenticated local attackers to achieve elevated privileges on the local system via a DLL Hijacking vulnerability in the Confluence installer. This vulnerability only affects installations of Confluence Server and Data Center on Windows. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3. | |||||
| CVE-2020-9668 | 3 Adobe, Apple, Microsoft | 3 Genuine Service, Macos, Windows | 2022-07-26 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Genuine Service version 6.6 (and earlier) is affected by an Improper Access control vulnerability when handling symbolic links. An unauthenticated attacker could exploit this to elevate privileges in the context of the current user. | |||||
| CVE-2021-42923 | 2 Microsoft, Showmypc | 2 Windows, Showmypc | 2022-07-25 | N/A | 7.3 HIGH |
| ShowMyPC 3606 on Windows suffers from a DLL hijack vulnerability. If an attacker overwrites the file %temp%\ShowMyPC\-ShowMyPC3606\wodVPN.dll, it will run any malicious code contained in that file. The code will run with normal user privileges unless the user specifically runs ShowMyPC as administrator. | |||||
| CVE-2016-15003 | 2 Filezilla-project, Microsoft | 2 Filezilla Client, Windows | 2022-07-25 | N/A | 7.8 HIGH |
| A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The manipulation leads to unquoted search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2021-1258 | 3 Cisco, Mcafee, Microsoft | 3 Anyconnect Secure Mobility Client, Agent Epolicy Orchestrator Extension, Windows | 2022-07-25 | 2.1 LOW | 5.5 MEDIUM |
| A vulnerability in the upgrade component of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker with low privileges to read arbitrary files on the underlying operating system (OS) of an affected device. The vulnerability is due to insufficient file permission restrictions. An attacker could exploit this vulnerability by sending a crafted command from the local CLI to the application. A successful exploit could allow the attacker to read arbitrary files on the underlying OS of the affected device. The attacker would need to have valid user credentials to exploit this vulnerability. | |||||
| CVE-2022-34875 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2022-07-22 | N/A | 3.3 LOW |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of ADBC objects. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-16981. | |||||
| CVE-2022-34874 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2022-07-22 | N/A | 3.3 LOW |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.2.53575. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-17474. | |||||
| CVE-2022-28683 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2022-07-22 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the deletePages method. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16828. | |||||
| CVE-2022-34873 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2022-07-22 | N/A | 3.3 LOW |
| This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-16777. | |||||
| CVE-2022-28682 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2022-07-22 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. By performing actions in JavaScript, an attacker can trigger a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16778. | |||||
| CVE-2022-28677 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2022-07-22 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16663. | |||||
| CVE-2022-28676 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2022-07-22 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16643. | |||||
| CVE-2022-28675 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2022-07-22 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16642. | |||||
| CVE-2022-28674 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2022-07-22 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16644. | |||||
| CVE-2022-28673 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2022-07-22 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16641. | |||||