Total
29483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-34061 | 1 Catly Translate Project | 1 Catly Translate | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Catly-Translate package in PyPI v0.0.3 to v0.0.5 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | |||||
| CVE-2022-34060 | 1 Togglee | 1 Togglee | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Togglee package in PyPI version v0.0.8 was discovered to contain a code execution backdoor. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | |||||
| CVE-2022-34059 | 1 Sixfab-tool Project | 1 Sixfab-tool | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Sixfab-Tool in PyPI v0.0.2 to v0.0.3 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | |||||
| CVE-2022-34057 | 1 Scoptrial Project | 1 Scoptrial | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Scoptrial package in PyPI version v0.0.5 was discovered to contain a code execution backdoor via the request package. This vulnerability allows attackers to access sensitive user information and digital currency keys, as well as escalate privileges. | |||||
| CVE-2022-33990 | 1 Dproxy-nexgen Project | 1 Dproxy-nexgen | 2024-11-21 | N/A | 7.5 HIGH |
| Misinterpretation of special domain name characters in dproxy-nexgen (aka dproxy nexgen) leads to cache poisoning because domain names and their associated IP addresses are cached in their misinterpreted form. | |||||
| CVE-2022-33970 | 1 Oxilab | 1 Shortcode Addons | 2024-11-21 | N/A | 7.2 HIGH |
| Authenticated WordPress Options Change vulnerability in Biplob018 Shortcode Addons plugin <= 3.1.2 at WordPress. | |||||
| CVE-2022-33969 | 1 Oxilab | 1 Flipbox | 2024-11-21 | N/A | 7.2 HIGH |
| Authenticated WordPress Options Change vulnerability in Biplob Adhikari's Flipbox plugin <= 2.6.0 at WordPress. | |||||
| CVE-2022-33932 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | N/A | 5.3 MEDIUM |
| Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, contain an unprotected primary channel vulnerability. An unauthenticated network malicious attacker may potentially exploit this vulnerability, leading to a denial of filesystem services. | |||||
| CVE-2022-33931 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | N/A | 6.3 MEDIUM |
| Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An attacker with no access to Alert Classification page could potentially exploit this vulnerability, leading to the change the alert categories. | |||||
| CVE-2022-33926 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | N/A | 7.1 HIGH |
| Dell Wyse Management Suite 3.6.1 and below contains an improper access control vulnerability. A remote malicious user could exploit this vulnerability in order to retain access to a file repository after it has been revoked. | |||||
| CVE-2022-33925 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | N/A | 6.5 MEDIUM |
| Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An remote authenticated attacker could potentially exploit this vulnerability by bypassing access controls in order to download reports containing sensitive information. | |||||
| CVE-2022-33924 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | N/A | 4.3 MEDIUM |
| Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability with which an attacker with no access to create rules could potentially exploit this vulnerability and create rules. | |||||
| CVE-2022-33919 | 1 Dell | 1 Geodrive | 2024-11-21 | N/A | 7.8 HIGH |
| Dell GeoDrive, versions 2.1 - 2.2, contains an information disclosure vulnerability in GUI. An authenticated non-admin user could potentially exploit this vulnerability and view sensitive information. | |||||
| CVE-2022-33902 | 1 Intel | 1 Quartus Prime | 2024-11-21 | N/A | 7.3 HIGH |
| Insufficient control flow management in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-33879 | 1 Apache | 1 Tika | 2024-11-21 | 2.6 LOW | 3.3 LOW |
| The initial fixes in CVE-2022-30126 and CVE-2022-30973 for regexes in the StandardsExtractingContentHandler were insufficient, and we found a separate, new regex DoS in a different regex in the StandardsExtractingContentHandler. These are now fixed in 1.28.4 and 2.4.1. | |||||
| CVE-2022-33734 | 1 Samsung | 1 Charm | 2024-11-21 | N/A | 6.2 MEDIUM |
| Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. | |||||
| CVE-2022-33733 | 1 Samsung | 1 Charm | 2024-11-21 | N/A | 6.2 MEDIUM |
| Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. | |||||
| CVE-2022-33732 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.2 MEDIUM |
| Improper access control vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows local attackers to scan and connect to PC by unprotected binder call. | |||||
| CVE-2022-33731 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.1 MEDIUM |
| Improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1 allows attackers to enable and disable arbitrary components. | |||||
| CVE-2022-33721 | 1 Google | 1 Android | 2024-11-21 | N/A | 4.4 MEDIUM |
| A vulnerability using PendingIntent in DeX for PC prior to SMR Aug-2022 Release 1 allows attackers to access files with system privilege. | |||||