Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-29114 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-21 | 2.1 LOW | 5.5 MEDIUM |
| Windows Print Spooler Information Disclosure Vulnerability | |||||
| CVE-2022-29112 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Windows Graphics Component Information Disclosure Vulnerability | |||||
| CVE-2022-29107 | 1 Microsoft | 4 365 Apps, Office, Publisher and 1 more | 2023-12-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Microsoft Office Security Feature Bypass Vulnerability | |||||
| CVE-2022-29102 | 1 Microsoft | 5 Windows Server, Windows Server 2012, Windows Server 2016 and 2 more | 2023-12-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| Windows Failover Cluster Information Disclosure Vulnerability | |||||
| CVE-2022-26940 | 1 Microsoft | 3 Remote Desktop, Windows 11, Windows Server 2022 | 2023-12-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Remote Desktop Protocol Client Information Disclosure Vulnerability | |||||
| CVE-2022-26936 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Windows Server Service Information Disclosure Vulnerability | |||||
| CVE-2022-26935 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-21 | 3.3 LOW | 6.5 MEDIUM |
| Windows WLAN AutoConfig Service Information Disclosure Vulnerability | |||||
| CVE-2022-26933 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| Windows NTFS Information Disclosure Vulnerability | |||||
| CVE-2022-26930 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-21 | 2.1 LOW | 5.5 MEDIUM |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | |||||
| CVE-2022-26925 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| Windows LSA Spoofing Vulnerability | |||||
| CVE-2022-24466 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2023-12-21 | 2.3 LOW | 4.1 MEDIUM |
| Windows Hyper-V Security Feature Bypass Vulnerability | |||||
| CVE-2022-22713 | 1 Microsoft | 2 Windows 10, Windows Server | 2023-12-21 | 1.9 LOW | 5.6 MEDIUM |
| Windows Hyper-V Denial of Service Vulnerability | |||||
| CVE-2022-22015 | 1 Microsoft | 10 Remote Desktop, Windows 10, Windows 11 and 7 more | 2023-12-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability | |||||
| CVE-2022-22011 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2023-12-21 | 2.1 LOW | 5.5 MEDIUM |
| Windows Graphics Component Information Disclosure Vulnerability | |||||
| CVE-2022-30189 | 1 Microsoft | 1 Windows 10 | 2023-12-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| Windows Autopilot Device Management and Enrollment Client Spoofing Vulnerability | |||||
| CVE-2022-30184 | 3 Apple, Fedoraproject, Microsoft | 7 Macos, Fedora, .net and 4 more | 2023-12-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| .NET and Visual Studio Information Disclosure Vulnerability | |||||
| CVE-2022-30172 | 1 Microsoft | 3 Office Online Server, Office Web Apps Server, Sharepoint Server | 2023-12-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| Microsoft Office Information Disclosure Vulnerability | |||||
| CVE-2022-30171 | 1 Microsoft | 3 Office Online Server, Office Web Apps Server, Sharepoint Server | 2023-12-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| Microsoft Office Information Disclosure Vulnerability | |||||
| CVE-2022-30162 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-20 | 2.1 LOW | 5.5 MEDIUM |
| Windows Kernel Information Disclosure Vulnerability | |||||
| CVE-2022-30155 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | 7.1 HIGH | 5.5 MEDIUM |
| Windows Kernel Denial of Service Vulnerability | |||||
| CVE-2022-30154 | 1 Microsoft | 5 Windows 10, Windows Server 2012, Windows Server 2016 and 2 more | 2023-12-20 | 2.1 LOW | 5.3 MEDIUM |
| Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability | |||||
| CVE-2022-30148 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2023-12-20 | 2.1 LOW | 5.5 MEDIUM |
| Windows Desired State Configuration (DSC) Information Disclosure Vulnerability | |||||
| CVE-2022-30137 | 1 Microsoft | 1 Service Fabric | 2023-12-20 | 4.6 MEDIUM | 6.7 MEDIUM |
| <p><strong>Executive Summary</strong></p> <p>An Elevation of Privilege (EOP) vulnerability has been identified within Service Fabric clusters that run Docker containers. Exploitation of this EOP vulnerability requires an attacker to gain remote code execution within a container. All Service Fabric and Docker versions are impacted.</p> | |||||
| CVE-2022-26934 | 1 Microsoft | 19 365 Apps, Office, Windows 10 1507 and 16 more | 2023-12-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| Windows Graphics Component Information Disclosure Vulnerability | |||||
| CVE-2023-47623 | 1 Clockworkmod | 1 Scrypted | 2023-12-20 | N/A | 6.1 MEDIUM |
| Scrypted is a home video integration and automation platform. In versions 0.55.0 and prior, a reflected cross-site scripting vulnerability exists in the login page via the `redirect_uri` parameter. By specifying a url with the javascript scheme (`javascript:`), an attacker can run arbitrary JavaScript code after the login. As of time of publication, no known patches are available. | |||||
| CVE-2023-47620 | 1 Clockworkmod | 1 Scrypted | 2023-12-20 | N/A | 6.1 MEDIUM |
| Scrypted is a home video integration and automation platform. In versions 0.55.0 and prior, a reflected cross-site scripting vulnerability exists in the plugin-http.ts file via the `owner' and 'pkg` parameters. An attacker can run arbitrary JavaScript code. As of time of publication, no known patches are available. | |||||
| CVE-2023-22259 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2023-12-20 | N/A | 5.4 MEDIUM |
| Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction. | |||||
| CVE-2023-22256 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2023-12-20 | N/A | 5.4 MEDIUM |
| Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction. | |||||
| CVE-2023-48583 | 1 Adobe | 1 Experience Manager | 2023-12-20 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting (DOM-based XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser. | |||||
| CVE-2023-48582 | 1 Adobe | 1 Experience Manager | 2023-12-20 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2023-48581 | 1 Adobe | 1 Experience Manager | 2023-12-20 | N/A | 5.4 MEDIUM |
| Adobe Experience Manager versions 6.5.18 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field. | |||||
| CVE-2023-22265 | 1 Adobe | 2 Experience Manager, Experience Manager Cloud Service | 2023-12-20 | N/A | 5.4 MEDIUM |
| Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction. | |||||
| CVE-2023-47558 | 1 Lindeni | 1 Who Hit The Page - Hit Counter | 2023-12-20 | N/A | 6.5 MEDIUM |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Mahlamusa Who Hit The Page – Hit Counter allows SQL Injection.This issue affects Who Hit The Page – Hit Counter: from n/a through 1.4.14.3. | |||||
| CVE-2022-41035 | 1 Microsoft | 1 Edge Chromium | 2023-12-20 | N/A | 5.3 MEDIUM |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | |||||
| CVE-2022-38043 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 5.5 MEDIUM |
| Windows Security Support Provider Interface Information Disclosure Vulnerability | |||||
| CVE-2022-38033 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 6.5 MEDIUM |
| Windows Server Remotely Accessible Registry Keys Information Disclosure Vulnerability | |||||
| CVE-2022-38032 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 6.6 MEDIUM |
| Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability | |||||
| CVE-2022-38030 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server 2019 and 1 more | 2023-12-20 | N/A | 4.3 MEDIUM |
| Windows USB Serial Driver Information Disclosure Vulnerability | |||||
| CVE-2022-38026 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 5.5 MEDIUM |
| Windows DHCP Client Information Disclosure Vulnerability | |||||
| CVE-2022-38025 | 1 Microsoft | 2 Windows 11, Windows Server 2022 | 2023-12-20 | N/A | 5.5 MEDIUM |
| Windows Distributed File System (DFS) Information Disclosure Vulnerability | |||||
| CVE-2022-38017 | 1 Microsoft | 4 Storsimple 8010, Storsimple 8010 Firmware, Storsimple 8020 and 1 more | 2023-12-20 | N/A | 6.8 MEDIUM |
| StorSimple 8000 Series Elevation of Privilege Vulnerability | |||||
| CVE-2022-38001 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2023-12-20 | N/A | 6.5 MEDIUM |
| Microsoft Office Spoofing Vulnerability | |||||
| CVE-2022-37996 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-20 | N/A | 5.5 MEDIUM |
| Windows Kernel Memory Information Disclosure Vulnerability | |||||
| CVE-2022-37985 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 5.5 MEDIUM |
| Windows Graphics Component Information Disclosure Vulnerability | |||||
| CVE-2022-37981 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 4.3 MEDIUM |
| Windows Event Logging Service Denial of Service Vulnerability | |||||
| CVE-2022-37977 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 6.5 MEDIUM |
| Local Security Authority Subsystem Service (LSASS) Denial of Service Vulnerability | |||||
| CVE-2022-37974 | 1 Microsoft | 2 Windows 10, Windows 11 | 2023-12-20 | N/A | 6.5 MEDIUM |
| Windows Mixed Reality Developer Tools Information Disclosure Vulnerability | |||||
| CVE-2022-37965 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2023-12-20 | N/A | 5.9 MEDIUM |
| Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability | |||||
| CVE-2022-35829 | 1 Microsoft | 1 Azure Service Fabric | 2023-12-20 | N/A | 4.8 MEDIUM |
| Service Fabric Explorer Spoofing Vulnerability | |||||
| CVE-2022-35770 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-12-20 | N/A | 6.5 MEDIUM |
| Windows NTLM Spoofing Vulnerability | |||||