Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-43343 | 1 N-prolog Project | 1 N-prolog | 2022-11-08 | N/A | 7.5 HIGH |
| N-Prolog v1.91 was discovered to contain a global buffer overflow vulnerability in the function gettoken() at Main.c. | |||||
| CVE-2022-44746 | 1 Acronis | 1 Cyber Protect Home Office | 2022-11-08 | N/A | 5.5 MEDIUM |
| Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107. | |||||
| CVE-2022-2042 | 2 Apple, Vim | 2 Macos, Vim | 2022-11-08 | 6.8 MEDIUM | 7.8 HIGH |
| Use After Free in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-44745 | 1 Acronis | 1 Cyber Protect Home Office | 2022-11-08 | N/A | 5.5 MEDIUM |
| Sensitive information leak through log files. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107. | |||||
| CVE-2022-44744 | 1 Acronis | 1 Cyber Protect Home Office | 2022-11-08 | N/A | 7.3 HIGH |
| Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40107. | |||||
| CVE-2022-44733 | 1 Acronis | 1 Cyber Protect Home Office | 2022-11-08 | N/A | 7.8 HIGH |
| Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 39900. | |||||
| CVE-2022-44048 | 1 Democritus | 1 D8s-urls | 2022-11-08 | N/A | 9.8 CRITICAL |
| The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-domains package. The affected version of d8s-htm is 0.1.0. | |||||
| CVE-2022-44049 | 1 Democritus | 1 D8s-python | 2022-11-08 | N/A | 9.8 CRITICAL |
| The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-grammars package. The affected version of d8s-htm is 0.1.0. | |||||
| CVE-2022-43306 | 1 Democritus | 1 D8s-timer | 2022-11-08 | N/A | 8.8 HIGH |
| The d8s-timer for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-dates package. The affected version of d8s-htm is 0.1.0. | |||||
| CVE-2022-43305 | 1 Democritus | 1 D8s-python | 2022-11-08 | N/A | 9.8 CRITICAL |
| The d8s-python for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-algorithms package. The affected version of d8s-htm is 0.1.0. | |||||
| CVE-2022-37710 | 1 Pattersondental | 1 Eaglesoft | 2022-11-08 | N/A | 7.8 HIGH |
| Patterson Dental Eaglesoft 21 has AES-256 encryption but there are two ways to obtain a keyfile: (1) keybackup.data > License > Encryption Key or (2) Eaglesoft.Server.Configuration.data > DbEncryptKeyPrimary > Encryption Key. Applicable files are encrypted with keys and salt that are hardcoded into a DLL or EXE file. | |||||
| CVE-2022-43304 | 1 Democritus | 1 D8s-timer | 2022-11-08 | N/A | 9.8 CRITICAL |
| The d8s-timer for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-uuids package. The affected version of d8s-htm is 0.1.0. | |||||
| CVE-2022-43303 | 1 Democritus | 1 D8s-strings | 2022-11-08 | N/A | 9.8 CRITICAL |
| The d8s-strings for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-uuids package. The affected version of d8s-htm is 0.1.0. | |||||
| CVE-2022-44050 | 1 Democritus | 1 D8s-networking | 2022-11-08 | N/A | 9.8 CRITICAL |
| The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-json package. The affected version of d8s-htm is 0.1.0. | |||||
| CVE-2022-43317 | 1 Human Resource Management System Project | 1 Human Resource Management System | 2022-11-08 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in /hrm/index.php?msg of Human Resource Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | |||||
| CVE-2022-43318 | 1 Human Resource Management System Project | 1 Human Resource Management System | 2022-11-08 | N/A | 8.8 HIGH |
| Human Resource Management System v1.0 was discovered to contain a SQL injection vulnerability via the stateedit parameter at /hrm/state.php. | |||||
| CVE-2022-37865 | 1 Apache | 1 Ivy | 2022-11-08 | N/A | 9.1 CRITICAL |
| With Apache Ivy 2.4.0 an optional packaging attribute has been introduced that allows artifacts to be unpacked on the fly if they used pack200 or zip packaging. For artifacts using the "zip", "jar" or "war" packaging Ivy prior to 2.5.1 doesn't verify the target path when extracting the archive. An archive containing absolute paths or paths that try to traverse "upwards" using ".." sequences can then write files to any location on the local fie system that the user executing Ivy has write access to. Ivy users of version 2.4.0 to 2.5.0 should upgrade to Ivy 2.5.1. | |||||
| CVE-2022-44053 | 1 Democritus | 1 D8s-networking | 2022-11-08 | N/A | 9.8 CRITICAL |
| The d8s-networking for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-user-agents package. The affected version of d8s-htm is 0.1.0. | |||||
| CVE-2022-44054 | 1 Democritus | 1 D8s-xml | 2022-11-08 | N/A | 9.8 CRITICAL |
| The d8s-xml for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-utility package. The affected version of d8s-htm is 0.1.0. | |||||
| CVE-2022-44051 | 1 Democritus | 1 D8s-stats | 2022-11-08 | N/A | 9.8 CRITICAL |
| The d8s-stats for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. A potential code execution backdoor inserted by third parties is the democritus-math package. The affected version of d8s-htm is 0.1.0. | |||||