Latest CVE Feed
-
9.3
HIGHCVE-2022-22579
An information disclosure issue was addressed with improved state management. This issue is fixed in iOS 15.3 and iPadOS 15.3, tvOS 15.3, Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. Processing a maliciously crafted STL fi... Read more
- Published: Mar. 18, 2022
- Modified: Nov. 21, 2024
-
9.3
HIGHCVE-2022-22578
A logic issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4, macOS Monterey 12.2. A malicious application may be able to gain root privileges.... Read more
- Published: Mar. 18, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2022-22577
An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses.... Read more
- Published: May. 26, 2022
- Modified: Nov. 21, 2024
-
8.1
HIGHCVE-2022-22576
An improper authentication vulnerability exists in curl 7.33.0 to and including 7.82.0 which might allow reuse OAUTH2-authenticated connections without properly making sure that the connection was authenticated with the same credentials as set for this tr... Read more
Affected Products : debian_linux curl solidfire_\&_hci_management_node h300s_firmware h500s_firmware h700s_firmware h410s_firmware clustered_data_ontap solidfire_\&_hci_storage_node universal_forwarder +7 more products- Published: May. 26, 2022
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2022-22572
A non-admin user with user management permission can escalate his privilege to admin user via password reset functionality. The vulnerability affects Incapptic Connect version < 1.40.1.... Read more
Affected Products : incapptic_connect- Published: Apr. 11, 2022
- Modified: Nov. 21, 2024
-
4.8
MEDIUMCVE-2022-22571
An authenticated high privileged user can perform a stored XSS attack due to incorrect output encoding in Incapptic connect and affects all current versions.... Read more
Affected Products : incapptic_connect- Published: Apr. 11, 2022
- Modified: Nov. 21, 2024
-
10.0
CRITICALCVE-2022-22570
A buffer overflow vulnerability found in the UniFi Door Access Reader Lite’s (UA Lite) firmware (Version 3.8.28.24 and earlier) allows a malicious actor who has gained access to a network to control all connected UA devices. This vulnerability is fixed in... Read more
- Published: Apr. 01, 2022
- Modified: Nov. 21, 2024
-
5.1
MEDIUMCVE-2022-22567
Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability in order to install modified BIOS firmware.... Read more
- Published: Feb. 09, 2022
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2022-22566
Select Dell Client Commercial and Consumer platforms contain a pre-boot direct memory access (DMA) vulnerability. An authenticated attacker with physical access to the system may potentially exploit this vulnerability in order to execute arbitrary code on... Read more
- Published: Feb. 09, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-22565
Dell PowerScale OneFS, versions 9.0.0-9.3.0, contain an improper authorization of index containing sensitive information. An authenticated and privileged user could potentially exploit this vulnerability, leading to disclosure or modification of sensitive... Read more
- Published: Apr. 12, 2022
- Modified: Nov. 21, 2024
-
5.9
MEDIUMCVE-2022-22564
Dell EMC Unity versions before 5.2.0.0.5.173 , use(es) broken cryptographic algorithm. A remote unauthenticated attacker could potentially exploit this vulnerability by performing MitM attacks and let attackers obtain sensitive information. ... Read more
- Published: Feb. 14, 2023
- Modified: Nov. 21, 2024
-
4.4
MEDIUMCVE-2022-22563
Dell EMC Powerscale OneFS 8.2.x - 9.2.x omit security-relevant information in /etc/master.passwd. A high-privileged user can exploit this vulnerability to not record information identifying the source of account information changes.... Read more
- Published: Apr. 08, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2022-22562
Dell PowerScale OneFS, versions 8.2.0-9.3.0, contain a improper handling of missing values exploit. An unauthenticated network attacker could potentially exploit this denial-of-service vulnerability.... Read more
- Published: Apr. 12, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2022-22561
Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an improper restriction of excessive authentication attempts. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to compromised accounts.... Read more
- Published: Apr. 12, 2022
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2022-22560
Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login as the admin user to the backend ethernet switch of a PowerScale cluster. The attacker can exploit this vulnerabili... Read more
- Published: Apr. 12, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2022-22559
Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm. An unprivileged network attacker could exploit this vulnerability, leading to the potential for information disclosure.... Read more
- Published: Apr. 12, 2022
- Modified: Nov. 21, 2024
-
6.0
MEDIUMCVE-2022-22558
Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potentially exploit this vulnerability leading to arbitrary w... Read more
Affected Products : r6415_firmware r7415_firmware r7425_firmware r730_firmware r730xd_firmware r630_firmware c4130_firmware m630_firmware m630p_firmware fc630_firmware +30 more products- Published: Apr. 21, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2022-22557
PowerStore contains Plain-Text Password Storage Vulnerability in PowerStore X & T environments running versions 2.0.0.x and 2.0.1.x A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user cr... Read more
- Published: Jun. 02, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2022-22556
Dell PowerStore contains an Uncontrolled Resource Consumption Vulnerability in PowerStore User Interface. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the Denial of Service.... Read more
- Published: Jun. 02, 2022
- Modified: Nov. 21, 2024
-
6.7
MEDIUMCVE-2022-22555
Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the PowerStore underlying OS, with the privileges of t... Read more
- Published: Jul. 21, 2022
- Modified: Nov. 21, 2024