Latest CVE Feed
-
5.5
MEDIUMCVE-2024-53055
In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix 6 GHz scan construction If more than 255 colocated APs exist for the set of all APs found during 2.4/5 GHz scanning, then the 6 GHz scan construction will loop f... Read more
Affected Products : linux_kernel- Published: Nov. 19, 2024
- Modified: Nov. 22, 2024
-
5.5
MEDIUMCVE-2024-53047
In the Linux kernel, the following vulnerability has been resolved: mptcp: init: protect sched with rcu_read_lock Enabling CONFIG_PROVE_RCU_LIST with its dependence CONFIG_RCU_EXPERT creates this splat when an MPTCP socket is created: ===============... Read more
Affected Products : linux_kernel- Published: Nov. 19, 2024
- Modified: Nov. 27, 2024
-
5.5
MEDIUMCVE-2022-21973
Windows Media Center Update Denial of Service Vulnerability... Read more
Affected Products : windows_7 windows_8.1 windows_rt_8.1 windows_server_2012 windows windows_server_2012_r2- Published: Mar. 09, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-21906
Windows Defender Application Control Security Feature Bypass Vulnerability... Read more
Affected Products : windows_10 windows_server_2019 windows_server windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 windows_11_21h2 windows_11 windows +3 more products- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2014-3835
ownCloud Server before 5.0.16 and 6.0.x before 6.0.3 does not check permissions to the files_external application, which allows remote authenticated users to add external storage via unspecified vectors.... Read more
- Published: Jun. 04, 2014
- Modified: Apr. 12, 2025
-
5.5
MEDIUMCVE-2022-21876
Win32k Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 +7 more products- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2023-23898
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in CreativeThemes Blocksy Companion plugin <= 1.8.67 versions.... Read more
Affected Products : blocksy_companion- Published: Apr. 06, 2023
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2024-53045
In the Linux kernel, the following vulnerability has been resolved: ASoC: dapm: fix bounds checker error in dapm_widget_list_create The widgets array in the snd_soc_dapm_widget_list has a __counted_by attribute attached to it, which points to the num_wi... Read more
Affected Products : linux_kernel- Published: Nov. 19, 2024
- Modified: Nov. 27, 2024
-
5.5
MEDIUMCVE-2022-21877
Storage Spaces Controller Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_server_2019 windows_server windows_10_1809 windows_10_20h2 windows_10_21h2 windows_server_2022 windows_11_21h2 windows_11 windows +3 more products- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-21793
Insufficient control flow management in the Intel(R) Ethernet 500 Series Controller drivers for VMWare before version 1.11.4.0 and in the Intel(R) Ethernet 700 Series Controller drivers for VMWare before version 2.1.5.0 may allow an authenticated user to ... Read more
- Published: Aug. 18, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21899
Windows Extensible Firmware Interface Security Feature Bypass Vulnerability... Read more
- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-21749
In telephony, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0651... Read more
- Published: Jun. 06, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-21704
log4js-node is a port of log4js to node.js. In affected versions default file permissions for log files created by the file, fileSync and dateFile appenders are world-readable (in unix). This could cause problems if log files contain sensitive information... Read more
- Published: Jan. 19, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-21748
In telephony, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with User execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06511030; Issue I... Read more
- Published: Jun. 06, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-21528
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocol... Read more
Affected Products : fedora active_iq_unified_manager mysql oncommand_insight oncommand_workflow_automation snapcenter mysql_server- Published: Jul. 19, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2024-53107
In the Linux kernel, the following vulnerability has been resolved: fs/proc/task_mmu: prevent integer overflow in pagemap_scan_get_args() The "arg->vec_len" variable is a u64 that comes from the user at the start of the function. The "arg->vec_len * si... Read more
Affected Products : linux_kernel- Published: Dec. 02, 2024
- Modified: Dec. 12, 2024
-
5.5
MEDIUMCVE-2022-21509
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.29 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocol... Read more
Affected Products : fedora active_iq_unified_manager mysql oncommand_insight oncommand_workflow_automation snapcenter mysql_server- Published: Jul. 19, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-21533
Vulnerability in the Oracle Solaris product of Oracle Systems (component: SMB Server). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris exec... Read more
- Published: Jul. 19, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-21425
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to c... Read more
Affected Products : active_iq_unified_manager mysql oncommand_insight oncommand_workflow_automation snapcenter mysql_server- Published: Apr. 19, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-21459
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.28 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocol... Read more
- Published: Apr. 19, 2022
- Modified: Nov. 21, 2024