Search
Total
21119 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-22328 | 1 Ibm | 1 Partner Engagement Manager | 2023-08-08 | 2.1 LOW | 6.2 MEDIUM |
| IBM SterlingPartner Engagement Manager 6.2.0 could allow a malicious user to elevate their privileges and perform unintended operations to another users data. IBM X-Force ID: 218871. | |||||
| CVE-2022-1040 | 1 Sophos | 1 Sfos | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older. | |||||
| CVE-2022-22000 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2022-26787 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-21981 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | |||||
| CVE-2022-25631 | 1 Broadcom | 1 Symantec Endpoint Protection | 2023-08-08 | N/A | 7.8 HIGH |
| Symantec Endpoint Protection, prior to 14.3 RU6 (14.3.9210.6000), may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated | |||||
| CVE-2022-26791 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2021-45736 | 1 Totolink | 2 X5000r, X5000r Firmware | 2023-08-08 | 7.8 HIGH | 7.5 HIGH |
| TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function setL2tpServerCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via the eip, sip, server parameters. | |||||
| CVE-2022-26793 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26795 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26797 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26796 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-35779 | 1 Microsoft | 1 Azure Real Time Operating System Guix Studio | 2023-08-08 | N/A | 7.8 HIGH |
| Azure RTOS GUIX Studio Remote Code Execution Vulnerability | |||||
| CVE-2022-26914 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2022-22572 | 1 Ivanti | 1 Incapptic Connect | 2023-08-08 | 6.5 MEDIUM | 8.8 HIGH |
| A non-admin user with user management permission can escalate his privilege to admin user via password reset functionality. The vulnerability affects Incapptic Connect version < 1.40.1. | |||||
| CVE-2022-23259 | 1 Microsoft | 1 Dynamics 365 | 2023-08-08 | 9.0 HIGH | 8.8 HIGH |
| Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability | |||||
| CVE-2021-45741 | 1 Totolink | 2 X5000r, X5000r Firmware | 2023-08-08 | 7.8 HIGH | 7.5 HIGH |
| TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a stack overflow in the function setIpv6Cfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via the relay6to4 parameters. | |||||
| CVE-2022-23176 | 1 Watchguard | 1 Fireware | 2023-08-08 | 9.0 HIGH | 8.8 HIGH |
| WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access. This vulnerability impacts Fireware OS before 12.7.2_U1, 12.x before 12.1.3_U3, and 12.2.x through 12.5.x before 12.5.7_U3. | |||||
| CVE-2022-27773 | 1 Ivanti | 1 Endpoint Manager | 2023-08-08 | N/A | 9.8 CRITICAL |
| A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that allows a user to execute commands with elevated privileges. | |||||
| CVE-2022-26794 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26803 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 8.1 and 6 more | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-22315 | 1 Ibm | 1 Urbancode Deploy | 2023-08-08 | 6.0 MEDIUM | 8.8 HIGH |
| IBM UrbanCode Deploy (UCD) 7.2.2.1 could allow an authenticated user with special permissions to obtain elevated privileges due to improper handling of permissions. IBM X-Force ID: 217955. | |||||
| CVE-2021-45739 | 1 Totolink | 2 A720r, A720r Firmware | 2023-08-08 | 7.8 HIGH | 7.5 HIGH |
| TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the Form_Login function. This vulnerability allows attackers to cause a Denial of Service (DoS) via the flag parameter. | |||||
| CVE-2022-23171 | 2 Atlasvpn, Microsoft | 2 Atlasvpn, Windows | 2023-08-08 | 9.0 HIGH | 8.8 HIGH |
| AtlasVPN - Privilege Escalation Lack of proper security controls on named pipe messages can allow an attacker with low privileges to send a malicious payload and gain SYSTEM permissions on a windows computer where the AtlasVPN client is installed. | |||||
| CVE-2022-30613 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2023-08-08 | N/A | 5.5 MEDIUM |
| IBM QRadar SIEM 7.4 and 7.5 could disclose sensitive information via a local service to a privileged user. IBM X-Force ID: 227366. | |||||
| CVE-2022-23272 | 1 Microsoft | 1 Dynamics Gp | 2023-08-08 | 9.0 HIGH | 8.1 HIGH |
| Microsoft Dynamics GP Elevation Of Privilege Vulnerability | |||||
| CVE-2022-26802 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-23273 | 1 Microsoft | 1 Dynamics Gp | 2023-08-08 | 9.0 HIGH | 7.1 HIGH |
| Microsoft Dynamics GP Elevation Of Privilege Vulnerability | |||||
| CVE-2021-40325 | 1 Cobbler Project | 1 Cobbler | 2023-08-08 | 5.0 MEDIUM | 7.5 HIGH |
| Cobbler before 3.3.0 allows authorization bypass for modification of settings. | |||||
| CVE-2022-26789 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-45430 | 2 Dahuasecurity, Linux | 9 Dhi-dss4004-s2, Dhi-dss4004-s2 Firmware, Dhi-dss7016d-s2 and 6 more | 2023-08-08 | N/A | 3.7 LOW |
| Some Dahua software products have a vulnerability of unauthenticated enable or disable SSHD service. After bypassing the firewall access control policy, by sending a specific crafted packet to the vulnerable interface, an attacker could enable or disable the SSHD service. | |||||
| CVE-2022-26792 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26801 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26786 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-26790 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2021-40450 | 1 Microsoft | 6 Windows 10, Windows 11, Windows Server and 3 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2022-37904 | 1 Arubanetworks | 12 7005, 7008, 7010 and 9 more | 2023-08-08 | N/A | 8.8 HIGH |
| Vulnerabilities in ArubaOS running on 7xxx series controllers exist that allows an attacker to execute arbitrary code during the boot sequence. Successful exploitation could allow an attacker to achieve permanent modification of the underlying operating system. | |||||
| CVE-2022-25899 | 1 Intel | 1 Open Active Management Technology Cloud Toolkit | 2023-08-08 | N/A | 9.8 CRITICAL |
| Authentication bypass for the Open AMT Cloud Toolkit software maintained by Intel(R) before versions 2.0.2 and 2.2.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access. | |||||
| CVE-2022-22441 | 1 Ibm | 1 Infosphere Information Server | 2023-08-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM InfoSphere Information Server 11.7 could allow an authenticated user to view information of higher privileged users and groups due to a privilege escalation vulnerability. IBM X-Force ID: 224426. | |||||
| CVE-2021-41357 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server 2016 and 1 more | 2023-08-08 | 4.6 MEDIUM | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||
| CVE-2022-22717 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 6.9 MEDIUM | 7.0 HIGH |
| Windows Print Spooler Elevation of Privilege Vulnerability | |||||
| CVE-2022-42849 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2023-08-08 | N/A | 7.8 HIGH |
| An access issue existed with privileged API calls. This issue was addressed with additional restrictions. This issue is fixed in iOS 16.2 and iPadOS 16.2, tvOS 16.2, watchOS 9.2. A user may be able to elevate privileges. | |||||
| CVE-2022-23263 | 1 Microsoft | 1 Edge Chromium | 2023-08-08 | 4.4 MEDIUM | 7.7 HIGH |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2021-45740 | 1 Totolink | 2 A720r, A720r Firmware | 2023-08-08 | 7.5 HIGH | 9.8 CRITICAL |
| TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a stack overflow in the setWiFiWpsStart function. This vulnerability allows attackers to cause a Denial of Service (DoS) via the pin parameter. | |||||
| CVE-2021-4326 | 1 Linuxfoundation | 1 Zowe | 2023-08-08 | N/A | 7.8 HIGH |
| A vulnerability in Imperative framework which allows already-privileged local actors to execute arbitrary shell commands via plugin install/update commands, or maliciously formed environment variables. Impacts Zowe CLI. | |||||
| CVE-2022-30224 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | 6.9 MEDIUM | 7.0 HIGH |
| Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | |||||
| CVE-2022-23262 | 1 Microsoft | 1 Edge Chromium | 2023-08-08 | 6.8 MEDIUM | 6.3 MEDIUM |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | |||||
| CVE-2022-37905 | 1 Arubanetworks | 12 7005, 7008, 7010 and 9 more | 2023-08-08 | N/A | 8.8 HIGH |
| Vulnerabilities in ArubaOS running on 7xxx series controllers exist that allows an attacker to execute arbitrary code during the boot sequence. Successful exploitation could allow an attacker to achieve permanent modification of the underlying operating system. | |||||
| CVE-2022-35836 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2023-08-08 | N/A | 8.8 HIGH |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2022-21996 | 1 Microsoft | 1 Windows 11 | 2023-08-08 | 7.2 HIGH | 7.8 HIGH |
| Win32k Elevation of Privilege Vulnerability | |||||