Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-43786 | 2022-12-31 | N/A | N/A | ||
| To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | |||||
| CVE-2022-43785 | 2022-12-31 | N/A | N/A | ||
| To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | |||||
| CVE-2022-43784 | 2022-12-31 | N/A | N/A | ||
| To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | |||||
| CVE-2022-43783 | 2022-12-31 | N/A | N/A | ||
| To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | |||||
| CVE-2022-36827 | 2022-12-31 | N/A | N/A | ||
| To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | |||||
| CVE-2022-36816 | 2022-12-31 | N/A | N/A | ||
| To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. | |||||
| CVE-2022-22746 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2022-12-30 | N/A | 5.9 MEDIUM |
| A race condition could have allowed bypassing the fullscreen notification which could have lead to a fullscreen window spoof being unnoticed.<br>*This bug only affects Firefox for Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 91.5, Firefox < 96, and Thunderbird < 91.5. | |||||
| CVE-2022-35646 | 4 Ibm, Linux, Microsoft and 1 more | 5 Aix, Security Verify Governance, Linux Kernel and 2 more | 2022-12-30 | N/A | 5.3 MEDIUM |
| IBM Security Verify Governance, Identity Manager 10.0.1 software component could allow an authenticated user to modify or cancel any other user's access request using man-in-the-middle techniques. IBM X-Force ID: 231096. | |||||
| CVE-2022-22449 | 2 Ibm, Linux | 2 Security Verify Governance, Linux Kernel | 2022-12-30 | N/A | 5.3 MEDIUM |
| IBM Security Verify Governance, Identity Manager 10.01 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 224915. | |||||
| CVE-2022-40011 | 1 Typora | 1 Typora | 2022-12-30 | N/A | 6.1 MEDIUM |
| Cross Site Scripting (XSS) vulnerability in typora through 1.38 allows remote attackers to run arbitrary code via export from editor. | |||||
| CVE-2022-43860 | 1 Ibm | 1 I | 2022-12-30 | N/A | 4.3 MEDIUM |
| IBM Navigator for i 7.3, 7.4, and 7.5 could allow an authenticated user to obtain sensitive information they are authorized to but not while using this interface. By performing an SQL injection an attacker could see user profile attributes through this interface. IBM X-Force ID: 239305. | |||||
| CVE-2022-43849 | 1 Ibm | 2 Aix, Vios | 2022-12-30 | N/A | 6.2 MEDIUM |
| IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX pfcdd kernel extension to cause a denial of service. IBM X-Force ID: 239170. | |||||
| CVE-2022-4692 | 1 Usememos | 1 Memos | 2022-12-30 | N/A | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.0. | |||||
| CVE-2022-39164 | 1 Ibm | 2 Aix, Vios | 2022-12-30 | N/A | 6.2 MEDIUM |
| IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX kernel to cause a denial of service. IBM X-Force ID: 235181. | |||||
| CVE-2022-41290 | 1 Ibm | 2 Aix, Vios | 2022-12-30 | N/A | 8.4 HIGH |
| IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the rm_rlcache_file command to obtain root privileges. IBM X-Force ID: 236690. | |||||
| CVE-2022-38478 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2022-12-30 | N/A | 8.8 HIGH |
| Members the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103, Firefox ESR 102.1, and Firefox ESR 91.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104. | |||||
| CVE-2022-34479 | 2 Linux, Mozilla | 4 Linux Kernel, Firefox, Firefox Esr and 1 more | 2022-12-30 | N/A | 6.5 MEDIUM |
| A malicious website that could create a popup could have resized the popup to overlay the address bar with its own content, resulting in potential user confusion or spoofing attacks. <br>*This bug only affects Thunderbird for Linux. Other operating systems are unaffected.*. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. | |||||
| CVE-2022-46642 | 1 Dlink | 2 Dir-846, Dir-846 Firmware | 2022-12-30 | N/A | 9.9 CRITICAL |
| D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the auto_upgrade_hour parameter in the SetAutoUpgradeInfo function. | |||||
| CVE-2022-46641 | 1 Dlink | 2 Dir-846, Dir-846 Firmware | 2022-12-30 | N/A | 9.9 CRITICAL |
| D-Link DIR-846 A1_FW100A43 was discovered to contain a command injection vulnerability via the lan(0)_dhcps_staticlist parameter in the SetIpMacBindSettings function. | |||||
| CVE-2022-4683 | 1 Usememos | 1 Memos | 2022-12-30 | N/A | 6.5 MEDIUM |
| Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0. | |||||