Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2013-0888 | 5 Apple, Google, Linux and 2 more | 5 Mac Os X, Chrome, Linux Kernel and 2 more | 2022-11-18 | 5.0 MEDIUM | N/A |
| Skia, as used in Google Chrome before 25.0.1364.97 on Windows and Linux, and before 25.0.1364.99 on Mac OS X, allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to a "user gesture check for dangerous file downloads." | |||||
| CVE-2016-6987 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2022-11-18 | 9.3 HIGH | 8.8 HIGH |
| Use-after-free vulnerability in Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-6981. | |||||
| CVE-2016-6986 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2022-11-18 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6989, and CVE-2016-6990. | |||||
| CVE-2016-6985 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2022-11-18 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990. | |||||
| CVE-2022-38385 | 2 Ibm, Linux | 2 Cloud Pak For Security, Linux Kernel | 2022-11-18 | N/A | 8.1 HIGH |
| IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.2.0 could allow an authenticated user to obtain highly sensitive information or perform unauthorized actions due to improper input validation. IBM X-Force ID: 233777. | |||||
| CVE-2016-6984 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2022-11-18 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990. | |||||
| CVE-2018-4934 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2022-11-18 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2022-21198 | 1 Intel | 894 Celeron 1000m, Celeron 1000m Firmware, Celeron 1005m and 891 more | 2022-11-18 | N/A | 6.4 MEDIUM |
| Time-of-check time-of-use race condition in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2016-6992 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2022-11-18 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code by leveraging an unspecified "type confusion." | |||||
| CVE-2016-6990 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2022-11-18 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6983, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, and CVE-2016-6989. | |||||
| CVE-2022-26047 | 1 Intel | 353 Converged Security And Manageability Engine, Core I3-1000g1 Firmware, Core I3-1000g4 Firmware and 350 more | 2022-11-18 | N/A | 6.5 MEDIUM |
| Improper input validation for some Intel(R) PROSet/Wireless WiFi, Intel vPro(R) CSME WiFi and Killer(TM) WiFi products may allow unauthenticated user to potentially enable denial of service via local access. | |||||
| CVE-2018-4937 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2022-11-18 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2018-4936 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2022-11-18 | 4.3 MEDIUM | 6.5 MEDIUM |
| Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Heap Overflow vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-4935 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2022-11-18 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2022-45384 | 1 Jenkins | 1 Reverse Proxy Auth | 2022-11-18 | N/A | 6.5 MEDIUM |
| Jenkins Reverse Proxy Auth Plugin 1.7.3 and earlier stores the LDAP manager password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system. | |||||
| CVE-2022-42128 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2022-11-18 | N/A | 5.3 MEDIUM |
| The Hypermedia REST APIs module in Liferay Portal 7.4.1 through 7.4.3.4, and Liferay DXP 7.4 GA does not properly check permissions, which allows remote attackers to obtain a WikiNode object via the WikiNodeResource.getSiteWikiNodeByExternalReferenceCode API. | |||||
| CVE-2022-42127 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2022-11-18 | N/A | 5.3 MEDIUM |
| The Friendly Url module in Liferay Portal 7.4.3.5 through 7.4.3.36, and Liferay DXP 7.4 update 1 though 36 does not properly check user permissions, which allows remote attackers to obtain the history of all friendly URLs that was assigned to a page. | |||||
| CVE-2022-42126 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2022-11-18 | N/A | 4.3 MEDIUM |
| The Asset Libraries module in Liferay Portal 7.3.5 through 7.4.3.28, and Liferay DXP 7.3 before update 8, and DXP 7.4 before update 29 does not properly check permissions of asset libraries, which allows remote authenticated users to view asset libraries via the UI. | |||||
| CVE-2022-42125 | 1 Liferay | 2 Digital Experience Platform, Liferay Portal | 2022-11-18 | N/A | 7.5 HIGH |
| Zip slip vulnerability in FileUtil.unzip in Liferay Portal 7.4.3.5 through 7.4.3.35 and Liferay DXP 7.4 update 1 through update 34 allows attackers to create or overwrite existing files on the filesystem via the deployment of a malicious plugin/module. | |||||
| CVE-2016-6983 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2022-11-18 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player before 18.0.0.382 and 19.x through 23.x before 23.0.0.185 on Windows and OS X and before 11.2.202.637 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4273, CVE-2016-6982, CVE-2016-6984, CVE-2016-6985, CVE-2016-6986, CVE-2016-6989, and CVE-2016-6990. | |||||