Total
29699 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-34175 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 7.5 High |
| Jenkins 2.335 through 2.355 (both inclusive) allows attackers in some cases to bypass a protection mechanism, thereby directly accessing some view fragments containing sensitive information, bypassing any permission checks in the corresponding view. | ||||
| CVE-2022-34102 | 1 Crestron | 1 Airmedia | 2024-11-21 | 8.8 High |
| Insufficient access control vulnerability was discovered in the Crestron AirMedia Windows Application, version 4.3.1.39, in which a user can pause the uninstallation of an executable to gain a SYSTEM level command prompt. | ||||
| CVE-2022-34066 | 1 Texercise Project | 1 Texercise | 2024-11-21 | 9.8 Critical |
| The Texercise package in PyPI v0.0.1 to v0.0.12 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | ||||
| CVE-2022-34065 | 1 Rondolu-yt-concate Project | 1 Rondolu-yt-concate | 2024-11-21 | 9.8 Critical |
| The Rondolu-YT-Concate package in PyPI v0.1.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | ||||
| CVE-2022-34064 | 1 Zibal Project | 1 Zibal | 2024-11-21 | 9.8 Critical |
| The Zibal package in PyPI v1.0.0 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | ||||
| CVE-2022-34061 | 1 Catly Translate Project | 1 Catly Translate | 2024-11-21 | 9.8 Critical |
| The Catly-Translate package in PyPI v0.0.3 to v0.0.5 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | ||||
| CVE-2022-34060 | 1 Togglee | 1 Togglee | 2024-11-21 | 9.8 Critical |
| The Togglee package in PyPI version v0.0.8 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | ||||
| CVE-2022-34059 | 1 Sixfab-tool Project | 1 Sixfab-tool | 2024-11-21 | 9.8 Critical |
| The Sixfab-Tool in PyPI v0.0.2 to v0.0.3 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | ||||
| CVE-2022-34057 | 1 Scoptrial Project | 1 Scoptrial | 2024-11-21 | 9.8 Critical |
| The Scoptrial package in PyPI version v0.0.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | ||||
| CVE-2022-33990 | 1 Dproxy-nexgen Project | 1 Dproxy-nexgen | 2024-11-21 | 7.5 High |
| Misinterpretation of special domain name characters in dproxy-nexgen (aka dproxy nexgen) leads to cache poisoning because domain names and their associated IP addresses are cached in their misinterpreted form. | ||||
| CVE-2022-33932 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | 5.3 Medium |
| Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker may potentially exploit this vulnerability, leading to a denial of filesystem services. | ||||
| CVE-2022-33931 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | 6.3 Medium |
| Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An attacker with no access to Alert Classification page could potentially exploit this vulnerability, leading to the change the alert categories. | ||||
| CVE-2022-33926 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | 7.1 High |
| Dell Wyse Management Suite 3.6.1 and below contains an improper access control vulnerability. A remote malicious user could exploit this vulnerability in order to retain access to a file repository after it has been revoked. | ||||
| CVE-2022-33925 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | 6.5 Medium |
| Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An remote authenticated attacker could potentially exploit this vulnerability by bypassing access controls in order to download reports containing sensitive information. | ||||
| CVE-2022-33924 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | 4.3 Medium |
| Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability with which an attacker with no access to create rules could potentially exploit this vulnerability and create rules. | ||||
| CVE-2022-33879 | 1 Apache | 1 Tika | 2024-11-21 | 3.3 Low |
| The initial fixes in CVE-2022-30126 and CVE-2022-30973 for regexes in the StandardsExtractingContentHandler were insufficient, and we found a separate, new regex DoS in a different regex in the StandardsExtractingContentHandler. These are now fixed in 1.28.4 and 2.4.1. | ||||
| CVE-2022-33734 | 1 Samsung | 1 Charm | 2024-11-21 | 6.2 Medium |
| Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. | ||||
| CVE-2022-33733 | 1 Samsung | 1 Charm | 2024-11-21 | 6.2 Medium |
| Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. | ||||
| CVE-2022-33732 | 1 Google | 1 Android | 2024-11-21 | 6.2 Medium |
| Improper access control vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows local attackers to scan and connect to PC by unprotected binder call. | ||||
| CVE-2022-33731 | 1 Google | 1 Android | 2024-11-21 | 5.1 Medium |
| Improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1 allows attackers to enable and disable arbitrary components. | ||||