Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-23256 | 1 Microsoft | 1 Azure Data Explorer | 2025-01-02 | 4.3 MEDIUM | 8.1 HIGH |
|
Azure Data Explorer Spoofing Vulnerability
|
|||||
| CVE-2022-22713 | 1 Microsoft | 2 Windows 10, Windows Server | 2025-01-02 | 1.9 LOW | 5.6 MEDIUM |
|
Windows Hyper-V Denial of Service Vulnerability
|
|||||
| CVE-2022-22021 | 1 Microsoft | 1 Edge Chromium | 2025-01-02 | 5.1 MEDIUM | 8.3 HIGH |
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
|
|||||
| CVE-2022-22019 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2025-01-02 | 6.8 MEDIUM | 8.8 HIGH |
|
Remote Procedure Call Runtime Remote Code Execution Vulnerability
|
|||||
| CVE-2022-22018 | 1 Microsoft | 1 Hevc Video Extensions | 2025-01-02 | 6.8 MEDIUM | 7.8 HIGH |
|
HEVC Video Extensions Remote Code Execution Vulnerability
|
|||||
| CVE-2022-22016 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server and 2 more | 2025-01-02 | 4.4 MEDIUM | 7.0 HIGH |
|
Windows PlayToManager Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-22014 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2025-01-02 | 6.5 MEDIUM | 8.8 HIGH |
|
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
|
|||||
| CVE-2022-22013 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2025-01-02 | 6.5 MEDIUM | 8.8 HIGH |
|
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
|
|||||
| CVE-2022-22012 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2025-01-02 | 9.3 HIGH | 9.8 CRITICAL |
|
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
|
|||||
| CVE-2022-22011 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2025-01-02 | 2.1 LOW | 5.5 MEDIUM |
|
Windows Graphics Component Information Disclosure Vulnerability
|
|||||
| CVE-2022-21978 | 1 Microsoft | 1 Exchange Server | 2025-01-02 | 7.2 HIGH | 8.2 HIGH |
|
Microsoft Exchange Server Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21972 | 1 Microsoft | 11 Windows 10, Windows 11, Windows 7 and 8 more | 2025-01-02 | 9.3 HIGH | 8.1 HIGH |
|
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21965 | 1 Microsoft | 1 Teams | 2025-01-02 | 5.0 MEDIUM | 7.5 HIGH |
|
Microsoft Teams Denial of Service Vulnerability
|
|||||
| CVE-2024-29074 | 1 Openatom | 1 Openharmony | 2025-01-02 | N/A | 6.5 MEDIUM |
|
in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through improper input.
|
|||||
| CVE-2024-11111 | 1 Google | 1 Chrome | 2025-01-02 | N/A | 4.3 MEDIUM |
|
Inappropriate implementation in Autofill in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2024-11110 | 1 Google | 1 Chrome | 2025-01-02 | N/A | 6.5 MEDIUM |
|
Inappropriate implementation in Extensions in Google Chrome prior to 131.0.6778.69 allowed a remote attacker to bypass site isolation via a crafted Chrome Extension. (Chromium security severity: High)
|
|||||
| CVE-2024-11114 | 2 Google, Microsoft | 2 Chrome, Windows | 2025-01-02 | N/A | 8.3 HIGH |
|
Inappropriate implementation in Views in Google Chrome on Windows prior to 131.0.6778.69 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2024-11115 | 2 Apple, Google | 2 Iphone Os, Chrome | 2025-01-02 | N/A | 8.8 HIGH |
|
Insufficient policy enforcement in Navigation in Google Chrome on iOS prior to 131.0.6778.69 allowed a remote attacker to perform privilege escalation via a series of UI gestures. (Chromium security severity: Medium)
|
|||||
| CVE-2024-11116 | 1 Google | 1 Chrome | 2025-01-02 | N/A | 4.3 MEDIUM |
|
Inappropriate implementation in Blink in Google Chrome prior to 131.0.6778.69 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2024-11117 | 1 Google | 1 Chrome | 2025-01-02 | N/A | 4.3 MEDIUM |
|
Inappropriate implementation in FileSystem in Google Chrome prior to 131.0.6778.69 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Low)
|
|||||
| CVE-2024-28234 | 1 Contao | 1 Contao | 2025-01-02 | N/A | 4.3 MEDIUM |
|
Contao is an open source content management system. Starting in version 2.0.0 and prior to versions 4.13.40 and 5.3.4, it is possible to inject CSS styles via BBCode in comments. Installations are only affected if BBCode is enabled. Contao versions 4.13.40 and 5.3.4 have a patch for this issue. As a workaround, disable BBCode for comments.
|
|||||
| CVE-2024-7256 | 1 Google | 2 Android, Chrome | 2025-01-02 | N/A | 8.8 HIGH |
|
Insufficient data validation in Dawn in Google Chrome on Android prior to 127.0.6533.88 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2024-7023 | 2 Google, Microsoft | 2 Chrome, Windows | 2025-01-02 | N/A | 8.8 HIGH |
|
Insufficient data validation in Updater in Google Chrome prior to 128.0.6537.0 allowed a remote attacker to perform privilege escalation via a malicious file. (Chromium security severity: Medium)
|
|||||
| CVE-2024-27937 | 1 Glpi-project | 1 Glpi | 2025-01-02 | N/A | 6.5 MEDIUM |
|
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can obtain the email address of all GLPI users. This issue has been patched in version 10.0.13.
|
|||||
| CVE-2024-27930 | 1 Glpi-project | 1 Glpi | 2025-01-02 | N/A | 6.5 MEDIUM |
|
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. An authenticated user can access sensitive fields data from items on which he has read access. This issue has been patched in version 10.0.13.
|
|||||
| CVE-2023-38174 | 1 Microsoft | 1 Edge Chromium | 2025-01-01 | N/A | 4.3 MEDIUM |
|
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
|
|||||
| CVE-2023-36880 | 1 Microsoft | 1 Edge Chromium | 2025-01-01 | N/A | 4.8 MEDIUM |
|
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
|
|||||
| CVE-2023-36558 | 1 Microsoft | 3 .net, Asp.net Core, Visual Studio 2022 | 2025-01-01 | N/A | 6.2 MEDIUM |
|
ASP.NET Core Security Feature Bypass Vulnerability
|
|||||
| CVE-2023-36404 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2025-01-01 | N/A | 5.5 MEDIUM |
|
Windows Kernel Information Disclosure Vulnerability
|
|||||
| CVE-2023-36403 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-01-01 | N/A | 7.0 HIGH |
|
Windows Kernel Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-36034 | 1 Microsoft | 1 Edge Chromium | 2025-01-01 | N/A | 7.3 HIGH |
|
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
|
|||||
| CVE-2023-36029 | 1 Microsoft | 1 Edge | 2025-01-01 | N/A | 4.3 MEDIUM |
|
Microsoft Edge (Chromium-based) Spoofing Vulnerability
|
|||||
| CVE-2023-35644 | 1 Microsoft | 8 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 5 more | 2025-01-01 | N/A | 7.8 HIGH |
|
Windows Sysmain Service Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-35633 | 1 Microsoft | 3 Windows 10 1507, Windows Server 2008, Windows Server 2012 | 2025-01-01 | N/A | 7.8 HIGH |
|
Windows Kernel Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-35618 | 1 Microsoft | 1 Edge Chromium | 2025-01-01 | N/A | 9.6 CRITICAL |
|
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-38254 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-01-01 | N/A | 6.5 MEDIUM |
|
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
|
|||||
| CVE-2023-38172 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-01-01 | N/A | 7.5 HIGH |
|
Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability
|
|||||
| CVE-2023-38167 | 1 Microsoft | 1 Dynamics 365 Business Central | 2025-01-01 | N/A | 7.2 HIGH |
|
Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-38154 | 1 Microsoft | 2 Windows 10 1809, Windows Server 2019 | 2025-01-01 | N/A | 7.8 HIGH |
|
Windows Kernel Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-38146 | 1 Microsoft | 2 Windows 11 21h2, Windows 11 22h2 | 2025-01-01 | N/A | 8.8 HIGH |
|
Windows Themes Remote Code Execution Vulnerability
|
|||||