Export limit exceeded: 348483 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 348483 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 35019 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35019 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-24611 | 1 Silabs | 10 Sd3502, Sd3502 Firmware, Sd3503 and 7 more | 2024-11-21 | 6.5 Medium |
| Denial of Service (DoS) in the Z-Wave S0 NonceGet protocol specification in Silicon Labs Z-Wave 500 series allows local attackers to block S0/S2 protected Z-Wave network via crafted S0 NonceGet Z-Wave packages, utilizing included but absent NodeIDs. | ||||
| CVE-2022-24434 | 1 Dicer Project | 1 Dicer | 2024-11-21 | 7.5 High |
| This affects all versions of package dicer. A malicious attacker can send a modified form to server, and crash the nodejs service. An attacker could sent the payload again and again so that the service continuously crashes. | ||||
| CVE-2022-24398 | 1 Sap | 1 Business Objects Business Intelligence Platform | 2024-11-21 | 6.5 Medium |
| Under certain conditions SAP Business Objects Business Intelligence Platform - versions 420, 430, allows an authenticated attacker to access information which would otherwise be restricted. | ||||
| CVE-2022-24379 | 1 Intel | 4 Server Board M70klp2sb, Server Board M70klp2sb Firmware, Server System M70klp4s2uhh and 1 more | 2024-11-21 | 7.5 High |
| Improper input validation in some Intel(R) Server System M70KLP Family BIOS firmware before version 01.04.0029 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-24346 | 1 Jetbrains | 1 Intellij Idea | 2024-11-21 | 7.8 High |
| In JetBrains IntelliJ IDEA before 2021.3.1, local code execution via RLO (Right-to-Left Override) characters was possible. | ||||
| CVE-2022-24345 | 1 Jetbrains | 1 Intellij Idea | 2024-11-21 | 7.8 High |
| In JetBrains IntelliJ IDEA before 2021.2.4, local code execution (without permission from a user) upon opening a project was possible. | ||||
| CVE-2022-24336 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 5.3 Medium |
| In JetBrains TeamCity before 2021.2.1, an unauthenticated attacker can cancel running builds via an XML-RPC request to the TeamCity server. | ||||
| CVE-2022-24334 | 1 Jetbrains | 1 Teamcity | 2024-11-21 | 5.3 Medium |
| In JetBrains TeamCity before 2021.2.1, the Agent Push feature allowed selection of any private key on the server. | ||||
| CVE-2022-24328 | 1 Jetbrains | 1 Hub | 2024-11-21 | 6.5 Medium |
| In JetBrains Hub before 2021.1.13956, an unprivileged user could perform DoS. | ||||
| CVE-2022-24308 | 4 Apple, Automox, Linux and 1 more | 4 Macos, Automox, Linux Kernel and 1 more | 2024-11-21 | 5.5 Medium |
| Automox Agent prior to version 37 on Windows and Linux and Version 36 on OSX could allow for a non privileged user to obtain sensitive information during the install process. | ||||
| CVE-2022-24305 | 1 Zohocorp | 1 Manageengine Sharepoint Manager Plus | 2024-11-21 | 9.8 Critical |
| Zoho ManageEngine SharePoint Manager Plus before 4329 is vulnerable to a sensitive data leak that leads to privilege escalation. | ||||
| CVE-2022-24303 | 2 Fedoraproject, Python | 2 Fedora, Pillow | 2024-11-21 | 9.1 Critical |
| Pillow before 9.0.1 allows attackers to delete files because spaces in temporary pathnames are mishandled. | ||||
| CVE-2022-24293 | 1 Hp | 136 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 133 more | 2024-11-21 | 9.8 Critical |
| Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution. | ||||
| CVE-2022-24292 | 1 Hp | 136 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 133 more | 2024-11-21 | 9.8 Critical |
| Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution. | ||||
| CVE-2022-24291 | 1 Hp | 136 Laserjet Pro M304-m305 W1a46a, Laserjet Pro M304-m305 W1a46a Firmware, Laserjet Pro M304-m305 W1a47a and 133 more | 2024-11-21 | 7.5 High |
| Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution. | ||||
| CVE-2022-24218 | 1 Elitecms | 1 Elite Cms | 2024-11-21 | 9.1 Critical |
| An issue in /admin/delete_image.php of eliteCMS v1.0 allows attackers to delete arbitrary files. | ||||
| CVE-2022-24141 | 1 Iobit | 1 Itop Vpn | 2024-11-21 | 5.4 Medium |
| The iTopVPNmini.exe component of iTop VPN 3.2 will try to connect to datastate_iTopVPN_Pipe_Server on a loop. An attacker that opened a named pipe with the same name can use it to gain the token of another user by listening for connections and abusing ImpersonateNamedPipeClient(). | ||||
| CVE-2022-24132 | 1 Phpshe | 1 Phpshe | 2024-11-21 | 7.5 High |
| phpshe V1.8 is affected by a denial of service (DoS) attack in the registry's verification code, which can paralyze the target service. | ||||
| CVE-2022-24110 | 1 Accellion | 1 Managed File Transfer | 2024-11-21 | 6.5 Medium |
| Kiteworks MFT 7.5 may allow an unauthorized user to reset other users' passwords. This is fixed in version 7.6 and later. | ||||
| CVE-2022-24073 | 1 Navercorp | 1 Whale | 2024-11-21 | 7.1 High |
| The Web Request API in Whale browser before 3.12.129.18 allowed to deny access to the extension store or redirect to any URL when users access the store. | ||||