Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Total 210374 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-35276 1 Intel 10 Nuc 8 Compute Element Cm8ccb, Nuc 8 Compute Element Cm8ccb Firmware, Nuc 8 Compute Element Cm8i3cb and 7 more 2022-11-16 N/A 6.7 MEDIUM
Improper access control in BIOS firmware for some Intel(R) NUC 8 Compute Elements before version CBWHL357.0096 may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2022-34152 1 Intel 4 Nuc Board De3815tybe, Nuc Board De3815tybe Firmware, Nuc Kit De3815tykhe and 1 more 2022-11-16 N/A 6.7 MEDIUM
Improper input validation in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC Kits before version TY0070 may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2022-40127 1 Apache 1 Airflow 2022-11-16 N/A 8.8 HIGH
A vulnerability in Example Dags of Apache Airflow allows an attacker with UI access who can trigger DAGs, to execute arbitrary commands via manually provided run_id parameter. This issue affects Apache Airflow Apache Airflow versions prior to 2.4.0.
CVE-2022-37860 1 Tp-link 2 M7350, M7350 Firmware 2022-11-16 N/A 9.8 CRITICAL
The web configuration interface of the TP-Link M7350 V3 with firmware version 190531 is affected by a pre-authentication command injection vulnerability.
CVE-2022-27949 1 Apache 1 Airflow 2022-11-16 N/A 7.5 HIGH
A vulnerability in UI of Apache Airflow allows an attacker to view unmasked secrets in rendered template values for tasks which were not executed (for example when they were depending on past and previous instances of the task failed). This issue affects Apache Airflow prior to 2.3.1.
CVE-2022-45184 1 Ironmansoftware 1 Powershell Universal 2022-11-16 N/A 7.2 HIGH
The Web Server in Ironman Software PowerShell Universal v3.x and v2.x allows for directory traversal outside of the configuration directory, which allows a remote attacker with administrator privilege to create, delete, update, and display files outside of the configuration directory via a crafted HTTP request to particular endpoints in the web server. Patched Versions are 3.5.3 and 3.4.7.
CVE-2022-30945 1 Jenkins 1 Pipeline\ 2022-11-16 6.8 MEDIUM 8.5 HIGH
Jenkins Pipeline: Groovy Plugin 2689.v434009a_31b_f1 and earlier allows loading any Groovy source files on the classpath of Jenkins and Jenkins plugins in sandboxed pipelines.
CVE-2021-38828 1 Xiongmaitech 2 Xm-jpr2-lx, Xm-jpr2-lx Firmware 2022-11-16 N/A 5.3 MEDIUM
Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to plain-text traffic sniffing.
CVE-2021-38827 1 Xiongmaitech 2 Xm-jpr2-lx, Xm-jpr2-lx Firmware 2022-11-16 N/A 7.5 HIGH
Xiongmai Camera XM-JPR2-LX V4.02.R12.A6420987.10002.147502.00000 is vulnerable to account takeover.
CVE-2022-45183 1 Ironmansoftware 1 Powershell Universal 2022-11-16 N/A 8.8 HIGH
Escalation of privileges in the Web Server in Ironman Software PowerShell Universal 2.x and 3.x allows an attacker with a valid app token to retrieve other app tokens by ID via an HTTP web request. Patched Versions are 3.5.3, 3.4.7, and 2.12.6.
CVE-2022-33973 2 Intel, Microsoft 3 Wlan Authentication And Privacy Infrastructure, Windows 10, Windows 11 2022-11-16 N/A 3.3 LOW
Improper access control in the Intel(R) WAPI Security software for Windows 10/11 before version 22.2150.0.1 may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2022-45194 1 Bruhn-newtech 1 Cbrn-analysis 2022-11-16 N/A 4.7 MEDIUM
CBRN-Analysis before 22 allows XXE attacks via am mws XML document, leading to NTLMv2-SSP hash disclosure.
CVE-2022-26079 1 Intel 2 Xmm 7560, Xmm 7560 Firmware 2022-11-16 N/A 8.2 HIGH
Improper conditions check in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2022-26045 1 Intel 2 Xmm 7560, Xmm 7560 Firmware 2022-11-16 N/A 7.2 HIGH
Improper buffer restrictions in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via physical access.
CVE-2022-45193 1 Bruhn-newtech 1 Cbrn-analysis 2022-11-16 N/A 8.8 HIGH
CBRN-Analysis before 22 has weak file permissions under Public Profile, leading to disclosure of file contents or privilege escalation.
CVE-2022-3559 2 Exim, Fedoraproject 2 Exim, Fedora 2022-11-16 N/A 7.5 HIGH
A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issue. The identifier VDB-211073 was assigned to this vulnerability.
CVE-2022-45182 1 Pistar 1 Pi-star Digital Voice Dashboard 2022-11-16 N/A 9.8 CRITICAL
Pi-Star_DV_Dash (for Pi-Star DV) before 5aa194d mishandles the module parameter.
CVE-2022-41905 1 Wsgidav Project 1 Wsgidav 2022-11-16 N/A 6.1 MEDIUM
WsgiDAV is a generic and extendable WebDAV server based on WSGI. Implementations using this library with directory browsing enabled may be susceptible to Cross Site Scripting (XSS) attacks. This issue has been patched, users can upgrade to version 4.1.0. As a workaround, set `dir_browser.enable = False` in the configuration.
CVE-2022-26513 1 Intel 2 Xmm 7560, Xmm 7560 Firmware 2022-11-16 N/A 9.6 CRITICAL
Out-of-bounds write in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
CVE-2022-26369 1 Intel 2 Xmm 7560, Xmm 7560 Firmware 2022-11-16 N/A 8.1 HIGH
Out-of-bounds read in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via adjacent access.