Export limit exceeded: 35047 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35047 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-27983 | 1 Ruijienetworks | 2 Rg-nbr2100g-e, Rg-nbr2100g-e Firmware | 2024-11-21 | 7.5 High |
| RG-NBR-E Enterprise Gateway RG-NBR2100G-E was discovered to contain an arbitrary file read vulnerability via the url parameter in check.php. | ||||
| CVE-2022-27982 | 1 Ruijienetworks | 2 Rg-nbr2100g-e, Rg-nbr2100g-e Firmware | 2024-11-21 | 9.8 Critical |
| RG-NBR-E Enterprise Gateway RG-NBR2100G-E was discovered to contain a remote code execution (RCE) vulnerability via the fileName parameter at /guest_auth/cfg/upLoadCfg.php. | ||||
| CVE-2022-27969 | 1 Cynet | 1 Cynet 360 | 2024-11-21 | 5.3 Medium |
| Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of decoy users via a crafted GET request sent to /WebApp/DeceptionUser/GetAllDeceptionUsers. | ||||
| CVE-2022-27968 | 1 Cynet | 1 Cynet 360 | 2024-11-21 | 5.3 Medium |
| Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of monitored files and profiles via a crafted GET request sent to /WebApp/SettingsFileMonitor/GetFileMonitorProfiles. | ||||
| CVE-2022-27967 | 1 Cynet | 1 Cynet 360 | 2024-11-21 | 5.3 Medium |
| Cynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of excluded files and profiles via a crafted GET request sent to /WebApp/SettingsExclusion/GetExclusionsProfiles. | ||||
| CVE-2022-27948 | 1 Tesla | 6 Model 3, Model 3 Firmware, Model S and 3 more | 2024-11-21 | 7.2 High |
| Certain Tesla vehicles through 2022-03-26 allow attackers to open the charging port via a 315 MHz RF signal containing a fixed sequence of approximately one hundred symbols. NOTE: the vendor's perspective is that the behavior is as intended | ||||
| CVE-2022-27936 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via H.323. | ||||
| CVE-2022-27935 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via Epic Telehealth. | ||||
| CVE-2022-27934 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP. | ||||
| CVE-2022-27933 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 8.2 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. | ||||
| CVE-2022-27932 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. | ||||
| CVE-2022-27931 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. | ||||
| CVE-2022-27930 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 5.9 Medium |
| Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via single-sign-on if a random Universally Unique Identifier is guessed. | ||||
| CVE-2022-27929 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP. | ||||
| CVE-2022-27928 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. | ||||
| CVE-2022-27813 | 1 Motorola | 4 Mtm5400, Mtm5400 Firmware, Mtm5500 and 1 more | 2024-11-21 | 8.1 High |
| Motorola MTM5000 series firmwares lack properly configured memory protection of pages shared between the OMAP-L138 ARM and DSP cores. The SoC provides two memory protection units, MPU1 and MPU2, to enforce the trust boundary between the two cores. Since both units are left unconfigured by the firmwares, an adversary with control over either core can trivially gain code execution on the other, by overwriting code located in shared RAM or DDR2 memory regions. | ||||
| CVE-2022-27812 | 1 Stormshield | 1 Stormshield Network Security | 2024-11-21 | 7.5 High |
| Flooding SNS firewall versions 3.7.0 to 3.7.29, 3.11.0 to 3.11.17, 4.2.0 to 4.2.10, and 4.3.0 to 4.3.6 with specific forged traffic, can lead to SNS DoS. | ||||
| CVE-2022-27775 | 6 Brocade, Debian, Haxx and 3 more | 18 Fabric Operating System, Debian Linux, Curl and 15 more | 2024-11-21 | 7.5 High |
| An information disclosure vulnerability exists in curl 7.65.0 to 7.82.0 are vulnerable that by using an IPv6 address that was in the connection pool but with a different zone id it could reuse a connection instead. | ||||
| CVE-2022-27664 | 3 Fedoraproject, Golang, Redhat | 19 Fedora, Go, Acm and 16 more | 2024-11-21 | 7.5 High |
| In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attackers can cause a denial of service because an HTTP/2 connection can hang during closing if shutdown were preempted by a fatal error. | ||||
| CVE-2022-27578 | 1 Sick | 1 Overall Equipment Effectiveness | 2024-11-21 | 7.8 High |
| An attacker can perform a privilege escalation through the SICK OEE if the application is installed in a directory where non authenticated or low privilege users can modify its content. | ||||