Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-24512 | 2 Fedoraproject, Microsoft | 6 Fedora, .net, .net Core and 3 more | 2023-12-21 | 6.8 MEDIUM | 6.3 MEDIUM |
| .NET and Visual Studio Remote Code Execution Vulnerability | |||||
| CVE-2022-27210 | 1 Jenkins | 1 Kubernetes Continuous Deploy | 2023-12-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Kubernetes Continuous Deploy Plugin 2.3.1 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | |||||
| CVE-2020-2281 | 1 Jenkins | 1 Lockable Resources | 2023-12-21 | 5.8 MEDIUM | 5.4 MEDIUM |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources. | |||||
| CVE-2023-38559 | 4 Artifex, Debian, Fedoraproject and 1 more | 4 Ghostscript, Debian Linux, Fedora and 1 more | 2023-12-21 | N/A | 5.5 MEDIUM |
| A buffer overflow flaw was found in base/gdevdevn.c:1973 in devn_pcx_write_rle() in ghostscript. This issue may allow a local attacker to cause a denial of service via outputting a crafted PDF file for a DEVN device with gs. | |||||
| CVE-2023-31431 | 1 Broadcom | 1 Brocade Fabric Operating System | 2023-12-21 | N/A | 5.5 MEDIUM |
| A buffer overflow vulnerability in “diagstatus” command in Brocade Fabric OS before Brocade Fabric v9.2.0 and v9.1.1c could allow an authenticated user to crash the Brocade Fabric OS switch leading to a denial of service. | |||||
| CVE-2023-42787 | 1 Fortinet | 2 Fortianalyzer, Fortimanager | 2023-12-21 | N/A | 6.5 MEDIUM |
| A client-side enforcement of server-side security [CWE-602] vulnerability in Fortinet FortiManager version 7.4.0 and before 7.2.3 and FortiAnalyzer version 7.4.0 and before 7.2.3 may allow a remote attacker with low privileges to access a privileged web console via client side code execution. | |||||
| CVE-2023-31430 | 1 Broadcom | 1 Brocade Fabric Operating System | 2023-12-21 | N/A | 5.5 MEDIUM |
| A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service. | |||||
| CVE-2023-44766 | 1 Concretecms | 1 Concrete Cms | 2023-12-21 | N/A | 4.8 MEDIUM |
| A Cross Site Scripting (XSS) vulnerability in Concrete CMS v.9.2.1 allows an attacker to execute arbitrary code via a crafted script to the SEO - Extra from Page Settings. NOTE: the vendor disputes this because this SEO-related header change can only be made by an admin, and allowing an admin to place JavaScript there is an intentional customization feature. | |||||
| CVE-2023-22940 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2023-12-21 | N/A | 5.7 MEDIUM |
| In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, aliases of the ‘collect’ search processing language (SPL) command, including ‘summaryindex’, ‘sumindex’, ‘stash’,’ mcollect’, and ‘meventcollect’, were not designated as safeguarded commands. The commands could potentially allow for the exposing of data to a summary index that unprivileged users could access. The vulnerability requires a higher privileged user to initiate a request within their browser, and only affects instances with Splunk Web enabled. | |||||
| CVE-2023-22937 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2023-12-21 | N/A | 4.3 MEDIUM |
| In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the lookup table upload feature let a user upload lookup tables with unnecessary filename extensions. Lookup table file extensions may now be one of the following only: .csv, .csv.gz, .kmz, .kml, .mmdb, or .mmdb.gzl. | |||||
| CVE-2022-23256 | 1 Microsoft | 1 Azure Data Explorer | 2023-12-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| Azure Data Explorer Spoofing Vulnerability | |||||
| CVE-2022-21970 | 1 Microsoft | 1 Edge Chromium | 2023-12-21 | 8.3 HIGH | 6.1 MEDIUM |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2022-21964 | 1 Microsoft | 1 Windows 10 | 2023-12-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| Remote Desktop Licensing Diagnoser Information Disclosure Vulnerability | |||||
| CVE-2022-21963 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-21 | 7.2 HIGH | 6.8 MEDIUM |
| Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | |||||
| CVE-2022-21962 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-21 | 7.2 HIGH | 6.8 MEDIUM |
| Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | |||||
| CVE-2022-21961 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-21 | 7.2 HIGH | 6.8 MEDIUM |
| Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | |||||
| CVE-2022-21960 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-21 | 7.2 HIGH | 6.8 MEDIUM |
| Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | |||||
| CVE-2022-21959 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-21 | 7.2 HIGH | 6.8 MEDIUM |
| Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | |||||
| CVE-2022-21958 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-21 | 7.2 HIGH | 6.8 MEDIUM |
| Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | |||||
| CVE-2022-21954 | 1 Microsoft | 1 Edge Chromium | 2023-12-21 | 5.8 MEDIUM | 6.1 MEDIUM |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2022-21932 | 1 Microsoft | 1 Dynamics 365 | 2023-12-21 | 3.5 LOW | 5.4 MEDIUM |
| Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability | |||||
| CVE-2022-21931 | 1 Microsoft | 1 Edge Chromium | 2023-12-21 | 4.0 MEDIUM | 4.2 MEDIUM |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||
| CVE-2022-21930 | 1 Microsoft | 1 Edge Chromium | 2023-12-21 | 4.0 MEDIUM | 4.2 MEDIUM |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | |||||
| CVE-2022-21928 | 1 Microsoft | 7 Windows 10, Windows 11, Windows 8.1 and 4 more | 2023-12-21 | 6.9 MEDIUM | 6.4 MEDIUM |
| Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | |||||
| CVE-2022-21925 | 1 Microsoft | 2 Windows 7, Windows Server 2008 | 2023-12-21 | 5.4 MEDIUM | 5.3 MEDIUM |
| Windows BackupKey Remote Protocol Security Feature Bypass Vulnerability | |||||
| CVE-2022-21924 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2023-12-21 | 5.4 MEDIUM | 5.3 MEDIUM |
| Workstation Service Remote Protocol Security Feature Bypass Vulnerability | |||||
| CVE-2022-21921 | 1 Microsoft | 3 Windows 10, Windows 11, Windows Server | 2023-12-21 | 4.9 MEDIUM | 4.4 MEDIUM |
| Windows Defender Credential Guard Security Feature Bypass Vulnerability | |||||
| CVE-2022-21918 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2023-12-21 | 4.9 MEDIUM | 6.5 MEDIUM |
| DirectX Graphics Kernel File Denial of Service Vulnerability | |||||
| CVE-2022-21915 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Windows GDI+ Information Disclosure Vulnerability | |||||
| CVE-2022-21906 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2023-12-21 | 2.1 LOW | 5.5 MEDIUM |
| Windows Defender Application Control Security Feature Bypass Vulnerability | |||||
| CVE-2022-21900 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2023-12-21 | 3.8 LOW | 4.6 MEDIUM |
| Windows Hyper-V Security Feature Bypass Vulnerability | |||||
| CVE-2022-21899 | 1 Microsoft | 6 Windows 10, Windows 7, Windows 8.1 and 3 more | 2023-12-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| Windows Extensible Firmware Interface Security Feature Bypass Vulnerability | |||||
| CVE-2022-21894 | 1 Microsoft | 7 Windows 10, Windows 11, Windows 8.1 and 4 more | 2023-12-21 | 4.9 MEDIUM | 4.4 MEDIUM |
| Secure Boot Security Feature Bypass Vulnerability | |||||
| CVE-2022-21892 | 1 Microsoft | 7 Windows 10, Windows 11, Windows 8.1 and 4 more | 2023-12-21 | 7.2 HIGH | 6.8 MEDIUM |
| Windows Resilient File System (ReFS) Remote Code Execution Vulnerability | |||||
| CVE-2022-21891 | 1 Microsoft | 1 Dynamics 365 Sales | 2023-12-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability | |||||
| CVE-2022-21877 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2023-12-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| Storage Spaces Controller Information Disclosure Vulnerability | |||||
| CVE-2022-21876 | 1 Microsoft | 6 Windows 10, Windows 11, Windows Server and 3 more | 2023-12-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| Win32k Information Disclosure Vulnerability | |||||
| CVE-2022-21847 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2023-12-21 | 4.9 MEDIUM | 6.5 MEDIUM |
| Windows Hyper-V Denial of Service Vulnerability | |||||
| CVE-2022-21839 | 1 Microsoft | 2 Windows 10, Windows Server 2019 | 2023-12-21 | 2.1 LOW | 5.5 MEDIUM |
| Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability | |||||
| CVE-2023-22933 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2023-12-21 | N/A | 6.1 MEDIUM |
| In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, a View allows for Cross-Site Scripting (XSS) in an extensible mark-up language (XML) View through the ‘layoutPanel’ attribute in the ‘module’ tag’. | |||||
| CVE-2023-44249 | 1 Fortinet | 2 Fortianalyzer, Fortimanager | 2023-12-21 | N/A | 6.5 MEDIUM |
| An authorization bypass through user-controlled key [CWE-639] vulnerability in Fortinet FortiManager version 7.4.0 and before 7.2.3 and FortiAnalyzer version 7.4.0 and before 7.2.3 allows a remote attacker with low privileges to read sensitive information via crafted HTTP requests. | |||||
| CVE-2022-26905 | 1 Microsoft | 1 Edge Chromium | 2023-12-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | |||||
| CVE-2022-29140 | 1 Microsoft | 6 Windows 10, Windows 11, Windows Server and 3 more | 2023-12-21 | 2.1 LOW | 5.5 MEDIUM |
| Windows Print Spooler Information Disclosure Vulnerability | |||||
| CVE-2022-29134 | 1 Microsoft | 5 Windows Server, Windows Server 2012, Windows Server 2016 and 2 more | 2023-12-21 | 2.1 LOW | 6.5 MEDIUM |
| Windows Clustered Shared Volume Information Disclosure Vulnerability | |||||
| CVE-2022-29127 | 1 Microsoft | 11 Windows 10, Windows 11, Windows 7 and 8 more | 2023-12-21 | 1.9 LOW | 4.2 MEDIUM |
| BitLocker Security Feature Bypass Vulnerability | |||||
| CVE-2022-29123 | 1 Microsoft | 5 Windows Server, Windows Server 2012, Windows Server 2016 and 2 more | 2023-12-21 | 2.1 LOW | 6.5 MEDIUM |
| Windows Clustered Shared Volume Information Disclosure Vulnerability | |||||
| CVE-2022-29122 | 1 Microsoft | 4 Windows Server, Windows Server 2012, Windows Server 2016 and 1 more | 2023-12-21 | 2.1 LOW | 6.5 MEDIUM |
| Windows Clustered Shared Volume Information Disclosure Vulnerability | |||||
| CVE-2022-29121 | 1 Microsoft | 11 Windows 10, Windows 11, Windows 7 and 8 more | 2023-12-21 | 3.3 LOW | 6.5 MEDIUM |
| Windows WLAN AutoConfig Service Denial of Service Vulnerability | |||||
| CVE-2022-29120 | 1 Microsoft | 5 Windows Server, Windows Server 2012, Windows Server 2016 and 2 more | 2023-12-21 | 4.9 MEDIUM | 6.5 MEDIUM |
| Windows Clustered Shared Volume Information Disclosure Vulnerability | |||||
| CVE-2022-29116 | 1 Microsoft | 1 Windows 11 | 2023-12-21 | 4.7 MEDIUM | 4.7 MEDIUM |
| Windows Kernel Information Disclosure Vulnerability | |||||