Total
29058 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-47524 | 1 F-secure | 1 Safe | 2024-11-21 | N/A | 5.4 MEDIUM |
| F-Secure SAFE Browser 19.1 before 19.2 for Android allows an IDN homograph attack. | |||||
| CVE-2022-47411 | 1 Fp Newsletter Project | 1 Fp Newsletter | 2024-11-21 | N/A | 9.1 CRITICAL |
| An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via unsubscribeAction operations. | |||||
| CVE-2022-47410 | 1 Fp Newsletter Project | 1 Fp Newsletter | 2024-11-21 | N/A | 9.1 CRITICAL |
| An issue was discovered in the fp_newsletter (aka Newsletter subscriber management) extension before 1.1.1, 1.2.0, 2.x before 2.1.2, 2.2.1 through 2.4.0, and 3.x before 3.2.6 for TYPO3. Data about subscribers may be obtained via createAction operations. | |||||
| CVE-2022-47070 | 1 Nvs365 | 2 Nvs-365-v01, Nvs-365-v01 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| NVS365 V01 is vulnerable to Incorrect Access Control. After entering a wrong password, the url will be sent to the server twice. In the second package, the server will return the correct password information. | |||||
| CVE-2022-47003 | 1 Murasoftware | 1 Mura Cms | 2024-11-21 | N/A | 9.8 CRITICAL |
| A vulnerability in the Remember Me function of Mura CMS before v10.0.580 allows attackers to bypass authentication via a crafted web request. | |||||
| CVE-2022-46967 | 1 Revenue Collection System Project | 1 Revenue Collection System | 2024-11-21 | N/A | 9.8 CRITICAL |
| An access control issue in Revenue Collection System v1.0 allows unauthenticated attackers to view the contents of /admin/DBbackup/ directory. | |||||
| CVE-2022-46908 | 1 Sqlite | 1 Sqlite | 2024-11-21 | N/A | 7.3 HIGH |
| SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE. | |||||
| CVE-2022-46892 | 1 Amperecomputing | 4 Ampere Altra, Ampere Altra Firmware, Ampere Altra Max and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| In Ampere AltraMax and Ampere Altra before 2.10c, improper access controls allows the OS to reinitialize a disabled root complex. | |||||
| CVE-2022-46890 | 1 Nexusphp | 1 Nexusphp | 2024-11-21 | N/A | 4.3 MEDIUM |
| Weak access control in NexusPHP before 1.7.33 allows a remote authenticated user to edit any post in the forum (this is caused by a lack of checks performed by the /forums.php?action=post page). | |||||
| CVE-2022-46755 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | N/A | 4.9 MEDIUM |
| Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized. | |||||
| CVE-2022-46754 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | N/A | 8.7 HIGH |
| Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user might access certain pro license features for which this admin is not authorized in order to configure user controlled external entities. | |||||
| CVE-2022-46752 | 1 Dell | 150 Inspiron 14 Plus 7420, Inspiron 14 Plus 7420 Firmware, Inspiron 14 Plus 7620 and 147 more | 2024-11-21 | N/A | 4.6 MEDIUM |
| Dell BIOS contains an Improper Authorization vulnerability. An unauthenticated physical attacker may potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2022-46705 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2024-11-21 | N/A | 4.3 MEDIUM |
| A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, Safari 16.2. Visiting a malicious website may lead to address bar spoofing. | |||||
| CVE-2022-46679 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | N/A | 6.5 MEDIUM |
| Dell PowerScale OneFS 8.2.x, 9.0.0.x - 9.4.0.x, contain an insufficient resource pool vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service. | |||||
| CVE-2022-46678 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | N/A | 4.9 MEDIUM |
| Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A authenticated malicious admin user can edit general client policy for which the user is not authorized. | |||||
| CVE-2022-46677 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | N/A | 6.8 MEDIUM |
| Wyse Management Suite 3.8 and below contain an improper access control vulnerability with which an custom group admin can create a subgroup under a group for which the admin is not authorized. | |||||
| CVE-2022-46676 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | N/A | 4.9 MEDIUM |
| Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A malicious admin user can disable or delete users under administration and unassigned admins for which the group admin is not authorized. | |||||
| CVE-2022-46663 | 2 Fedoraproject, Gnu | 2 Fedora, Less | 2024-11-21 | N/A | 7.5 HIGH |
| In GNU Less before 609, crafted data can result in "less -R" not filtering ANSI escape sequences sent to the terminal. | |||||
| CVE-2022-46397 | 1 Lfprojects | 1 Vector Packet Processor | 2024-11-21 | N/A | 7.5 HIGH |
| FP.io VPP (Vector Packet Processor) 22.10, 22.06, 22.02, 21.10, 21.06, 21.01, 20.09, 20.05, 20.01, 19.08, and 19.04 Generates a Predictable IV with CBC Mode. | |||||
| CVE-2022-46383 | 1 Rackn | 1 Digital Rebar | 2024-11-21 | N/A | 9.8 CRITICAL |
| RackN Digital Rebar through 4.6.14, 4.7 through 4.7.22, 4.8 through 4.8.5, 4.9 through 4.9.12, and 4.10 through 4.10.8 has exposed a privileged token via a public API endpoint (Incorrect Access Control). The token can be used to escalate privileges within the Digital Rebar system and grant full administrative access. | |||||