Total
11506 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-34851 | 1 F5 | 12 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 9 more | 2024-11-21 | N/A | 4.3 MEDIUM |
| In BIG-IP Versions 17.0.x before 17.0.0.1, 16.1.x before 16.1.3.1, 15.1.x before 15.1.6.1, 14.1.x before 14.1.5.1, and all versions of 13.1.x, and BIG-IQ Centralized Management all versions of 8.x, an authenticated attacker may cause iControl SOAP to become unavailable through undisclosed requests. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2022-34844 | 1 F5 | 12 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 9 more | 2024-11-21 | N/A | 5.9 MEDIUM |
| In BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, and all versions of BIG-IQ 8.x, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP or BIG-IQ on Amazon Web Services (AWS) systems, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Successful exploitation relies on conditions outside of the attacker's control. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2022-34758 | 1 Schneider-electric | 2 Easergy P5, Easergy P5 Firmware | 2024-11-21 | N/A | 5.1 MEDIUM |
| A CWE-20: Improper Input Validation vulnerability exists that could cause the device watchdog function to be disabled if the attacker had access to privileged user credentials. Affected Products: Easergy P5 (V01.401.102 and prior) | |||||
| CVE-2022-34657 | 1 Intel | 31 Pcsd Bios, R1208wfqysr, R1208wftys and 28 more | 2024-11-21 | N/A | 6.0 MEDIUM |
| Improper input validation in firmware for some Intel(R) PCSD BIOS before version 02.01.0013 may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2022-34460 | 1 Dell | 52 G5 Se 5505, G5 Se 5505 Firmware, Inspiron 27 7775 and 49 more | 2024-11-21 | N/A | 7.5 HIGH |
| Prior Dell BIOS versions contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | |||||
| CVE-2022-34443 | 1 Dell | 1 Rugged Control Center | 2024-11-21 | N/A | 7.8 HIGH |
| Dell Rugged Control Center, versions prior to 4.5, contain an Improper Input Validation in the Service EndPoint. A Local Low Privilege attacker could potentially exploit this vulnerability, leading to an Escalation of privileges. | |||||
| CVE-2022-34436 | 1 Dell | 2 Idrac8, Idrac8 Firmware | 2024-11-21 | N/A | 2.7 LOW |
| Dell iDRAC8 version 2.83.83.83 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update. | |||||
| CVE-2022-34435 | 1 Dell | 2 Idrac9, Idrac9 Firmware | 2024-11-21 | N/A | 2.7 LOW |
| Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update. | |||||
| CVE-2022-34393 | 1 Dell | 52 G5 Se 5505, G5 Se 5505 Firmware, Inspiron 27 7775 and 49 more | 2024-11-21 | N/A | 7.5 HIGH |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | |||||
| CVE-2022-34350 | 1 Ibm | 1 Api Connect | 2024-11-21 | N/A | 5.3 MEDIUM |
| IBM API Connect 10.0.0.0 through 10.0.5.0, 10.0.1.0 through 10.0.1.7, and 2018.4.1.0 through 2018.4.1.20 is vulnerable to External Service Interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP requests to arbitrary domain names. By submitting suitable payloads, an attacker can cause the application server to attack other systems that it can interact with. IBM X-Force ID: 230264. | |||||
| CVE-2022-34164 | 1 Ibm | 1 Cics Tx | 2024-11-21 | N/A | 5.5 MEDIUM |
| IBM CICS TX 11.1 could allow a local user to impersonate another legitimate user due to improper input validation. IBM X-Force ID: 229338. | |||||
| CVE-2022-34147 | 1 Intel | 82 Cm8ccb4r, Cm8ccb4r Firmware, Cm8i3cb4n and 79 more | 2024-11-21 | N/A | 7.5 HIGH |
| Improper input validation in BIOS firmware for some Intel(R) NUC 9 Extreme Laptop Kits, Intel(R) NUC Performance Kits, Intel(R) NUC Performance Mini PC, Intel(R) NUC 8 Compute Element, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board, and Intel(R) NUC Compute Element may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-34146 | 1 Qualcomm | 194 Csr8811, Csr8811 Firmware, Ipq5010 and 191 more | 2024-11-21 | N/A | 7.5 HIGH |
| Transient DOS due to improper input validation in WLAN Host while parsing frame during defragmentation. | |||||
| CVE-2022-33964 | 1 Intel | 1 System Usage Report | 2024-11-21 | N/A | 7.4 HIGH |
| Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | |||||
| CVE-2022-33945 | 1 Intel | 66 Compute Module Hns2600bpb, Compute Module Hns2600bpb24, Compute Module Hns2600bpb24 Firmware and 63 more | 2024-11-21 | N/A | 8.2 HIGH |
| Improper input validation in some Intel(R) Server board and Intel(R) Server System BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-33894 | 1 Intel | 546 Core I3-1000g1, Core I3-1000g1 Firmware, Core I3-1000g4 and 543 more | 2024-11-21 | N/A | 7.5 HIGH |
| Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-33876 | 1 Fortinet | 1 Fortiadc | 2024-11-21 | N/A | 5.4 MEDIUM |
| Multiple instances of improper input validation vulnerability in Fortinet FortiADC version 7.1.0, version 7.0.0 through 7.0.2 and version 6.2.4 and below allows an authenticated attacker to retrieve files with specific extension from the underlying Linux system via crafted HTTP requests. | |||||
| CVE-2022-33754 | 1 Broadcom | 1 Ca Automic Automation | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. | |||||
| CVE-2022-33752 | 1 Broadcom | 1 Ca Automic Automation | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. | |||||
| CVE-2022-33729 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.9 MEDIUM |
| Improper restriction of broadcasting Intent in ConfirmConnectActivity of?NFC prior to SMR Aug-2022 Release 1 leaks MAC address of the connected Bluetooth device. | |||||