Search
Total
6056 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-21958 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-21 | 7.2 HIGH | 6.8 MEDIUM |
| Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | |||||
| CVE-2022-21963 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-21 | 7.2 HIGH | 6.8 MEDIUM |
| Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | |||||
| CVE-2022-21894 | 1 Microsoft | 7 Windows 10, Windows 11, Windows 8.1 and 4 more | 2023-12-21 | 4.9 MEDIUM | 4.4 MEDIUM |
| Secure Boot Security Feature Bypass Vulnerability | |||||
| CVE-2022-21960 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-21 | 7.2 HIGH | 6.8 MEDIUM |
| Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | |||||
| CVE-2022-29123 | 1 Microsoft | 5 Windows Server, Windows Server 2012, Windows Server 2016 and 2 more | 2023-12-21 | 2.1 LOW | 6.5 MEDIUM |
| Windows Clustered Shared Volume Information Disclosure Vulnerability | |||||
| CVE-2022-26936 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Windows Server Service Information Disclosure Vulnerability | |||||
| CVE-2022-22015 | 1 Microsoft | 10 Remote Desktop, Windows 10, Windows 11 and 7 more | 2023-12-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | |||||
| CVE-2022-22713 | 1 Microsoft | 2 Windows 10, Windows Server | 2023-12-21 | 1.9 LOW | 5.6 MEDIUM |
| Windows Hyper-V Denial of Service Vulnerability | |||||
| CVE-2022-29127 | 1 Microsoft | 11 Windows 10, Windows 11, Windows 7 and 8 more | 2023-12-21 | 1.9 LOW | 4.2 MEDIUM |
| BitLocker Security Feature Bypass Vulnerability | |||||
| CVE-2022-29120 | 1 Microsoft | 5 Windows Server, Windows Server 2012, Windows Server 2016 and 2 more | 2023-12-21 | 4.9 MEDIUM | 6.5 MEDIUM |
| Windows Clustered Shared Volume Information Disclosure Vulnerability | |||||
| CVE-2022-29134 | 1 Microsoft | 5 Windows Server, Windows Server 2012, Windows Server 2016 and 2 more | 2023-12-21 | 2.1 LOW | 6.5 MEDIUM |
| Windows Clustered Shared Volume Information Disclosure Vulnerability | |||||
| CVE-2022-29114 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-21 | 2.1 LOW | 5.5 MEDIUM |
| Windows Print Spooler Information Disclosure Vulnerability | |||||
| CVE-2022-29107 | 1 Microsoft | 4 365 Apps, Office, Publisher and 1 more | 2023-12-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Microsoft Office Security Feature Bypass Vulnerability | |||||
| CVE-2022-26940 | 1 Microsoft | 3 Remote Desktop, Windows 11, Windows Server 2022 | 2023-12-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Remote Desktop Protocol Client Information Disclosure Vulnerability | |||||
| CVE-2022-24466 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2023-12-21 | 2.3 LOW | 4.1 MEDIUM |
| Windows Hyper-V Security Feature Bypass Vulnerability | |||||
| CVE-2022-22011 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-21 | 2.1 LOW | 5.5 MEDIUM |
| Windows Graphics Component Information Disclosure Vulnerability | |||||
| CVE-2022-29112 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Windows Graphics Component Information Disclosure Vulnerability | |||||
| CVE-2022-29122 | 1 Microsoft | 4 Windows Server, Windows Server 2012, Windows Server 2016 and 1 more | 2023-12-21 | 2.1 LOW | 6.5 MEDIUM |
| Windows Clustered Shared Volume Information Disclosure Vulnerability | |||||
| CVE-2022-26935 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-21 | 3.3 LOW | 6.5 MEDIUM |
| Windows WLAN AutoConfig Service Information Disclosure Vulnerability | |||||
| CVE-2022-29102 | 1 Microsoft | 5 Windows Server, Windows Server 2012, Windows Server 2016 and 2 more | 2023-12-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| Windows Failover Cluster Information Disclosure Vulnerability | |||||
| CVE-2022-29121 | 1 Microsoft | 11 Windows 10, Windows 11, Windows 7 and 8 more | 2023-12-21 | 3.3 LOW | 6.5 MEDIUM |
| Windows WLAN AutoConfig Service Denial of Service Vulnerability | |||||
| CVE-2022-26933 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| Windows NTFS Information Disclosure Vulnerability | |||||
| CVE-2022-26930 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-21 | 2.1 LOW | 5.5 MEDIUM |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | |||||
| CVE-2022-29140 | 1 Microsoft | 6 Windows 10, Windows 11, Windows Server and 3 more | 2023-12-21 | 2.1 LOW | 5.5 MEDIUM |
| Windows Print Spooler Information Disclosure Vulnerability | |||||
| CVE-2022-26934 | 1 Microsoft | 19 365 Apps, Office, Windows 10 1507 and 16 more | 2023-12-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| Windows Graphics Component Information Disclosure Vulnerability | |||||
| CVE-2022-30172 | 1 Microsoft | 3 Office Online Server, Office Web Apps Server, Sharepoint Server | 2023-12-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| Microsoft Office Information Disclosure Vulnerability | |||||
| CVE-2022-30171 | 1 Microsoft | 3 Office Online Server, Office Web Apps Server, Sharepoint Server | 2023-12-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| Microsoft Office Information Disclosure Vulnerability | |||||
| CVE-2022-30154 | 1 Microsoft | 5 Windows 10, Windows Server 2012, Windows Server 2016 and 2 more | 2023-12-20 | 2.1 LOW | 5.3 MEDIUM |
| Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability | |||||
| CVE-2022-30184 | 3 Apple, Fedoraproject, Microsoft | 7 Macos, Fedora, .net and 4 more | 2023-12-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| .NET and Visual Studio Information Disclosure Vulnerability | |||||
| CVE-2022-30189 | 1 Microsoft | 1 Windows 10 | 2023-12-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability | |||||
| CVE-2022-30137 | 1 Microsoft | 1 Service Fabric | 2023-12-20 | 4.6 MEDIUM | 6.7 MEDIUM |
| <p><strong>Executive Summary</strong></p> <p>An Elevation of Privilege (EOP) vulnerability has been identified within Service Fabric clusters that run Docker containers. Exploitation of this EOP vulnerability requires an attacker to gain remote code execution within a container. All Service Fabric and Docker versions are impacted.</p> | |||||
| CVE-2022-30162 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-20 | 2.1 LOW | 5.5 MEDIUM |
| Windows Kernel Information Disclosure Vulnerability | |||||
| CVE-2022-38043 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 5.5 MEDIUM |
| Windows Security Support Provider Interface Information Disclosure Vulnerability | |||||
| CVE-2022-37996 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-20 | N/A | 5.5 MEDIUM |
| Windows Kernel Memory Information Disclosure Vulnerability | |||||
| CVE-2022-38025 | 1 Microsoft | 2 Windows 11, Windows Server 2022 | 2023-12-20 | N/A | 5.5 MEDIUM |
| Windows Distributed File System (DFS) Information Disclosure Vulnerability | |||||
| CVE-2022-35829 | 1 Microsoft | 1 Azure Service Fabric | 2023-12-20 | N/A | 4.8 MEDIUM |
| Service Fabric Explorer Spoofing Vulnerability | |||||
| CVE-2022-37977 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 6.5 MEDIUM |
| Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability | |||||
| CVE-2022-37965 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-20 | N/A | 5.9 MEDIUM |
| Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability | |||||
| CVE-2022-38026 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 5.5 MEDIUM |
| Windows DHCP Client Information Disclosure Vulnerability | |||||
| CVE-2022-37985 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 5.5 MEDIUM |
| Windows Graphics Component Information Disclosure Vulnerability | |||||
| CVE-2022-37981 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 4.3 MEDIUM |
| Windows Event Logging Service Denial of Service Vulnerability | |||||
| CVE-2022-37974 | 1 Microsoft | 2 Windows 10, Windows 11 | 2023-12-20 | N/A | 6.5 MEDIUM |
| Windows Mixed Reality Developer Tools Information Disclosure Vulnerability | |||||
| CVE-2022-38030 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server 2019 and 1 more | 2023-12-20 | N/A | 4.3 MEDIUM |
| Windows USB Serial Driver Information Disclosure Vulnerability | |||||
| CVE-2022-38032 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 6.6 MEDIUM |
| Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability | |||||
| CVE-2022-38017 | 1 Microsoft | 4 Storsimple 8010, Storsimple 8010 Firmware, Storsimple 8020 and 1 more | 2023-12-20 | N/A | 6.8 MEDIUM |
| StorSimple 8000 Series Elevation of Privilege Vulnerability | |||||
| CVE-2022-38033 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 6.5 MEDIUM |
| Windows Server Remotely Accessible Registry Keys Information Disclosure Vulnerability | |||||
| CVE-2022-38001 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2023-12-20 | N/A | 6.5 MEDIUM |
| Microsoft Office Spoofing Vulnerability | |||||
| CVE-2023-50443 | 2 Microsoft, Primx | 2 Windows, Cryhod | 2023-12-20 | N/A | 4.6 MEDIUM |
| Encrypted disks created by PRIMX CRYHOD for Windows before Q.2020.4 (ANSSI qualification submission) or CRYHOD for Windows before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger outbound network traffic from computers on which disks are opened. | |||||
| CVE-2023-6660 | 1 Freebsd | 1 Freebsd | 2023-12-20 | N/A | 6.5 MEDIUM |
| When a program running on an affected system appends data to a file via an NFS client mount, the bug can cause the NFS client to fail to copy in the data to be written but proceed as though the copy operation had succeeded. This means that the data to be written is instead replaced with whatever data had been in the packet buffer previously. Thus, an unprivileged user with access to an affected system may abuse the bug to trigger disclosure of sensitive information. In particular, the leak is limited to data previously stored in mbufs, which are used for network transmission and reception, and for certain types of inter-process communication. The bug can also be triggered unintentionally by system applications, in which case the data written by the application to an NFS mount may be corrupted. Corrupted data is written over the network to the NFS server, and thus also susceptible to being snooped by other hosts on the network. Note that the bug exists only in the NFS client; the version and implementation of the server has no effect on whether a given system is affected by the problem. | |||||
| CVE-2023-45725 | 1 Apache | 1 Couchdb | 2023-12-20 | N/A | 5.7 MEDIUM |
| Design document functions which receive a user http request object may expose authorization or session cookie headers of the user who accesses the document. These design document functions are: * list * show * rewrite * update An attacker can leak the session component using an HTML-like output, insert the session as an external resource (such as an image), or store the credential in a _local document with an "update" function. For the attack to succeed the attacker has to be able to insert the design documents into the database, then manipulate a user to access a function from that design document. Workaround: Avoid using design documents from untrusted sources which may attempt to access or manipulate request object's headers | |||||