Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-21862 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
|
Windows Application Model Core API Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21861 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2024-11-21 | 7.2 HIGH | 7.0 HIGH |
|
Task Flow Data Engine Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21860 | 1 Microsoft | 4 Windows 10, Windows Server, Windows Server 2016 and 1 more | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
Windows AppContracts API Server Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21859 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
|
Windows Accounts Control Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21858 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Windows Bind Filter Driver Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21857 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
|
Active Directory Domain Services Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21855 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 7.7 HIGH | 9.0 CRITICAL |
|
Microsoft Exchange Server Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21851 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
Remote Desktop Client Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21850 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 9.3 HIGH | 8.8 HIGH |
|
Remote Desktop Client Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21849 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server and 2 more | 2024-11-21 | 9.3 HIGH | 9.8 CRITICAL |
|
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21848 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 7.1 HIGH | 7.5 HIGH |
|
Windows Internet Key Exchange (IKE) Extension Denial of Service Vulnerability
|
|||||
| CVE-2022-21847 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2024-11-21 | 4.9 MEDIUM | 6.5 MEDIUM |
|
Windows Hyper-V Denial of Service Vulnerability
|
|||||
| CVE-2022-21846 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 8.3 HIGH | 9.0 CRITICAL |
|
Microsoft Exchange Server Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21845 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-11-21 | 4.7 MEDIUM | 4.7 MEDIUM |
|
Windows Kernel Information Disclosure Vulnerability
|
|||||
| CVE-2022-21844 | 1 Microsoft | 1 Hevc Video Extensions | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
HEVC Video Extensions Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21843 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
|
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21842 | 1 Microsoft | 2 Sharepoint Enterprise Server, Word | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Microsoft Word Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21841 | 1 Microsoft | 2 365 Apps, Office | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Microsoft Excel Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21840 | 1 Microsoft | 6 Excel, Office, Office Online Server and 3 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Microsoft Office Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21839 | 1 Microsoft | 2 Windows 10, Windows Server 2019 | 2024-11-21 | 2.1 LOW | 6.1 MEDIUM |
|
Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability
|
|||||
| CVE-2022-21837 | 1 Microsoft | 2 Sharepoint Foundation, Sharepoint Server | 2024-11-21 | 9.0 HIGH | 8.3 HIGH |
|
Microsoft SharePoint Server Remote Code Execution Vulnerability
|
|||||
| CVE-2022-21835 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Microsoft Cryptographic Services Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21834 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 7.2 HIGH | 7.0 HIGH |
|
Windows User-mode Driver Framework Reflector Driver Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21833 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Virtual Machine IDE Drive Elevation of Privilege Vulnerability
|
|||||
| CVE-2022-21828 | 1 Ivanti | 1 Incapptic Connect | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
A user with high privilege access to the Incapptic Connect web console can remotely execute code on the Incapptic Connect server using a unspecified attack vector in Incapptic Connect version 1.40.0, 1.39.1, 1.39.0, 1.38.1, 1.38.0, 1.37.1, 1.37.0, 1.36.0, 1.35.5, 1.35.4 and 1.35.3.
|
|||||
| CVE-2022-21817 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Omniverse Launcher | 2024-11-21 | 5.8 MEDIUM | 9.3 CRITICAL |
|
NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can get user to browse malicious site, to acquire access tokens allowing them to access resources in other security domains, which may lead to code execution, escalation of privileges, and impact to confidentiality and integrity.
|
|||||
| CVE-2022-21797 | 3 Debian, Fedoraproject, Joblib Project | 3 Debian Linux, Fedora, Joblib | 2024-11-21 | N/A | 7.3 HIGH |
|
The package joblib from 0 and before 1.2.0 are vulnerable to Arbitrary Code Execution via the pre_dispatch flag in Parallel() class due to the eval() statement.
|
|||||
| CVE-2022-21788 | 2 Google, Mediatek | 4 Android, Mt6879, Mt6895 and 1 more | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In scp, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06988728; Issue ID: ALPS06988728.
|
|||||
| CVE-2022-21721 | 1 Vercel | 1 Next.js | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
|
Next.js is a React framework. Starting with version 12.0.0 and prior to version 12.0.9, vulnerable code could allow a bad actor to trigger a denial of service attack for anyone using i18n functionality. In order to be affected by this CVE, one must use next start or a custom server and the built-in i18n support. Deployments on Vercel, along with similar environments where invalid requests are filtered before reaching Next.js, are not affected. A patch has been released, `[email protected]`, that mitig ...
Show More |
|||||
| CVE-2022-21641 | 2 Netapp, Oracle | 3 Oncommand Insight, Oncommand Workflow Automation, Mysql | 2024-11-21 | N/A | 4.9 MEDIUM |
|
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: ...
Show More |
|||||
| CVE-2022-21640 | 2 Netapp, Oracle | 3 Oncommand Insight, Oncommand Workflow Automation, Mysql | 2024-11-21 | N/A | 4.9 MEDIUM |
|
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: ...
Show More |
|||||
| CVE-2022-21638 | 2 Netapp, Oracle | 3 Oncommand Insight, Oncommand Workflow Automation, Mysql | 2024-11-21 | N/A | 4.9 MEDIUM |
|
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: ...
Show More |
|||||
| CVE-2022-21637 | 2 Netapp, Oracle | 3 Oncommand Insight, Oncommand Workflow Automation, Mysql | 2024-11-21 | N/A | 4.9 MEDIUM |
|
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/ ...
Show More |
|||||
| CVE-2022-21636 | 1 Oracle | 1 Applications Framework | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Session Management). Supported versions that are affected are 12.2.6-12.2.11. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Applications Framework accessible data. CVSS 3.1 Base Score 6 ...
Show More |
|||||
| CVE-2022-21635 | 2 Netapp, Oracle | 3 Oncommand Insight, Oncommand Workflow Automation, Mysql | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatab ...
Show More |
|||||
| CVE-2022-21634 | 1 Oracle | 1 Graalvm | 2024-11-21 | N/A | 7.5 HIGH |
|
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: LLVM Interpreter). Supported versions that are affected are Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (comp ...
Show More |
|||||
| CVE-2022-21633 | 2 Netapp, Oracle | 3 Oncommand Insight, Oncommand Workflow Automation, Mysql | 2024-11-21 | N/A | 4.9 MEDIUM |
|
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vecto ...
Show More |
|||||
| CVE-2022-21632 | 2 Netapp, Oracle | 3 Oncommand Insight, Oncommand Workflow Automation, Mysql | 2024-11-21 | N/A | 4.9 MEDIUM |
|
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.30 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). C ...
Show More |
|||||
| CVE-2022-21630 | 1 Oracle | 1 Jd Edwards Enterpriseone Tools | 2024-11-21 | N/A | 6.1 MEDIUM |
|
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are 9.2.6.4 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in JD Edwards EnterpriseOne Tools, attacks may significantly impact additio ...
Show More |
|||||
| CVE-2022-21629 | 1 Oracle | 1 Jd Edwards Enterpriseone Tools | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime SEC). Supported versions that are affected are 9.2.6.4 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in JD Edwards EnterpriseOne Tools, attacks may significantly impact addition ...
Show More |
|||||