Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-34771 | 1 Tabit | 1 Tabit | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Tabit - arbitrary SMS send on Tabits behalf. The resend OTP API of tabit allows an adversary to send messages on tabits behalf to anyone registered on the system - the API receives the parameters: phone number, and CustomMessage, We can use that API to craft malicious messages to any user of the system. In addition, the API probably has some kind of template injection potential. When entering {{OTP}} in the custom message field it is formatted into an OTP.
|
|||||
| CVE-2022-34768 | 1 Supersmart | 1 Supersmart.me - Walk Through | 2024-11-21 | N/A | 6.5 MEDIUM |
|
insert HTML / js code inside input how to get to the vulnerable input : Workers > worker nickname > inject in this input the code.
|
|||||
| CVE-2022-34739 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The fingerprint module has a vulnerability of overflow in arithmetic addition. Successful exploitation of this vulnerability may result in the acquisition of data from unknown addresses in address mappings.
|
|||||
| CVE-2022-34738 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The SystemUI module has a vulnerability in permission control. If this vulnerability is successfully exploited, users are unaware of the service running in the background.
|
|||||
| CVE-2022-34734 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 8.8 HIGH |
|
Microsoft ODBC Driver Remote Code Execution Vulnerability
|
|||||
| CVE-2022-34733 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 8.8 HIGH |
|
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2022-34732 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 8.8 HIGH |
|
Microsoft ODBC Driver Remote Code Execution Vulnerability
|
|||||
| CVE-2022-34731 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 8.8 HIGH |
|
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
|
|||||
| CVE-2022-34730 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 8.8 HIGH |
|
Microsoft ODBC Driver Remote Code Execution Vulnerability
|
|||||
| CVE-2022-34729 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows GDI Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-34728 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Windows Graphics Component Information Disclosure Vulnerability
|
|||||
| CVE-2022-34727 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 8.8 HIGH |
|
Microsoft ODBC Driver Remote Code Execution Vulnerability
|
|||||
| CVE-2022-34726 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 8.8 HIGH |
|
Microsoft ODBC Driver Remote Code Execution Vulnerability
|
|||||
| CVE-2022-34724 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Windows DNS Server Denial of Service Vulnerability
|
|||||
| CVE-2022-34723 | 1 Microsoft | 1 Windows 11 | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Windows DPAPI (Data Protection Application Programming Interface) Information Disclosure Vulnerability
|
|||||
| CVE-2022-34722 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
|
|||||
| CVE-2022-34721 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
|
|||||
| CVE-2022-34720 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
|
|||||
| CVE-2022-34719 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Distributed File System (DFS) Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-34718 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Windows TCP/IP Remote Code Execution Vulnerability
|
|||||
| CVE-2022-34717 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2024-11-21 | N/A | 8.8 HIGH |
|
Microsoft Office Remote Code Execution Vulnerability
|
|||||
| CVE-2022-34711 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Windows Defender Credential Guard Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-34690 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | N/A | 7.1 HIGH |
|
Windows Fax Service Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-34687 | 1 Microsoft | 1 Azure Real Time Operating System Guix Studio | 2024-11-21 | N/A | 7.8 HIGH |
|
Azure RTOS GUIX Studio Remote Code Execution Vulnerability
|
|||||
| CVE-2022-34686 | 1 Microsoft | 1 Azure Real Time Operating System Guix Studio | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Azure RTOS GUIX Studio Information Disclosure Vulnerability
|
|||||
| CVE-2022-34685 | 1 Microsoft | 1 Azure Real Time Operating System Guix Studio | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Azure RTOS GUIX Studio Information Disclosure Vulnerability
|
|||||
| CVE-2022-34674 | 6 Citrix, Debian, Linux and 3 more | 13 Hypervisor, Debian Linux, Linux Kernel and 10 more | 2024-11-21 | N/A | 6.8 MEDIUM |
|
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical pages than were requested, which may lead to undefined behavior or an information leak.
|
|||||
| CVE-2022-34642 | 1 Riscv | 1 Spike Risc-v Isa Simulator | 2024-11-21 | N/A | 5.5 MEDIUM |
|
The component mcontrol.action in RISCV ISA Sim commit ac466a21df442c59962589ba296c702631e041b5 contains the incorrect mask which can cause a Denial of Service (DoS).
|
|||||
| CVE-2022-34640 | 1 Openhwgroup | 1 Cva6 | 2024-11-21 | N/A | 5.5 MEDIUM |
|
The *tval of ecall/ebreak in CVA6 commit d315ddd0f1be27c1b3f27eb0b8daf471a952299a was discovered to be incorrect.
|
|||||
| CVE-2022-34598 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
The udpserver in H3C Magic R100 V200R004 and V100R005 has the 9034 port opened, allowing attackers to execute arbitrary commands.
|
|||||
| CVE-2022-34593 | 1 Dptech | 1 Dptech Vpn | 2024-11-21 | N/A | 7.5 HIGH |
|
DPTech VPN v8.1.28.0 was discovered to contain an arbitrary file read vulnerability.
|
|||||
| CVE-2022-34577 | 1 Wavlink | 2 Wn535g3, Wn535g3 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
A vulnerability in adm.cgi of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request.
|
|||||
| CVE-2022-34576 | 1 Wavlink | 2 Wn535g3, Wn535g3 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to execute arbitrary code via a crafted POST request.
|
|||||
| CVE-2022-34567 | 1 Uthscsa | 1 Multi-image Analysis Gui | 2024-11-21 | N/A | 8.8 HIGH |
|
An issue in \Roaming\Mango\Plugins of University of Texas Multi-image Analysis GUI (Mango) 4.1 allows attackers to escalate privileges via crafted plugins.
|
|||||
| CVE-2022-34558 | 4 Global-workqueue Project, Reqmgr2 Project, Reqmon Project and 1 more | 4 Global-workqueue, Reqmgr2, Reqmon and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
WMAgent v1.3.3rc2 and 1.3.3rc1, reqmgr 2 1.4.1rc5 and 1.4.0rc2, reqmon 1.4.1rc5, and global-workqueue 1.4.1rc5 allows attackers to execute arbitrary code via a crafted dbs-client package.
|
|||||
| CVE-2022-34555 | 1 Tp-link | 2 Tl-r473g, Tl-r473g Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
TP-LINK TL-R473G 2.0.1 Build 220529 Rel.65574n was discovered to contain a remote code execution vulnerability which is exploited via a crafted packet.
|
|||||
| CVE-2022-34534 | 1 Dw | 2 Spectrum Server, Spectrum Server Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
Digital Watchdog DW Spectrum Server 4.2.0.32842 allows attackers to access sensitive infromation via a crafted API call.
|
|||||
| CVE-2022-34531 | 1 Dedecms | 1 Dedecms | 2024-11-21 | N/A | 9.8 CRITICAL |
|
DedeCMS v5.7.95 was discovered to contain a remote code execution (RCE) vulnerability via the component mytag_ main.php.
|
|||||
| CVE-2022-34509 | 1 Wikifaces Project | 1 Wikifaces | 2024-11-21 | N/A | 9.8 CRITICAL |
|
The wikifaces package in PyPI v1.0 included a code execution backdoor inserted by a third party.
|
|||||
| CVE-2022-34501 | 1 Pypi | 1 Pypi | 2024-11-21 | N/A | 9.8 CRITICAL |
|
The bin-collection package in PyPI before v0.1 included a code execution backdoor inserted by a third party.
|
|||||