Latest CVE Feed
-
7.5
HIGHCVE-2022-21843
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +13 more products- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGH- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
9.3
HIGH- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2022-21840
Microsoft Office Remote Code Execution Vulnerability... Read more
- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2022-21839
Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability... Read more
- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2022-21838
Windows Cleanup Manager Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +13 more products- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
9.0
HIGH- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2022-21836
Windows Certificate Spoofing Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +14 more products- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2022-21835
Microsoft Cryptographic Services Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +14 more products- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2022-21834
Windows User-mode Driver Framework Reflector Driver Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +14 more products- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2022-21833
Virtual Machine IDE Drive Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +14 more products- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2022-21831
A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments.... Read more
- Published: May. 26, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2022-21830
A blind self XSS vulnerability exists in RocketChat LiveChat <v1.9 that could allow an attacker to trick a victim pasting malicious code in their chat instance.... Read more
Affected Products : livechat- Published: Apr. 01, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2022-21829
Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip files which could lead to an RCE. Fixed by enforcing ‘concrete_secure’ instead of ‘concrete’. Concrete now only makes requests o... Read more
- Published: Jun. 24, 2022
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2022-21828
A user with high privilege access to the Incapptic Connect web console can remotely execute code on the Incapptic Connect server using a unspecified attack vector in Incapptic Connect version 1.40.0, 1.39.1, 1.39.0, 1.38.1, 1.38.0, 1.37.1, 1.37.0, 1.36.0,... Read more
Affected Products : incapptic_connect- Published: Mar. 04, 2022
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2022-21827
An improper privilege vulnerability has been discovered in Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows) <21.9.1.2 what could allow an attacker who has gained local access to a computer with Citrix Gateway Plug-in installed, to cor... Read more
Affected Products : gateway_plug-in- Published: May. 26, 2022
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2022-21826
Pulse Secure version 9.115 and below may be susceptible to client-side http request smuggling, When the application receives a POST request, it ignores the request's Content-Length header and leaves the POST body on the TCP/TLS socket. This body ends up p... Read more
- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2022-21825
An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111 with App Protection installed that can allow an attacker to perform local privilege escalation.... Read more
Affected Products : workspace- Published: Feb. 09, 2022
- Modified: Nov. 21, 2024
-
8.2
HIGHCVE-2022-21824
Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which co... Read more
Affected Products : debian_linux peoplesoft_enterprise_peopletools oncommand_insight oncommand_workflow_automation snapcenter mysql_enterprise_monitor mysql_workbench node.js mysql_server mysql_cluster +1 more products- Published: Feb. 24, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-21823
A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control <2021.2 (10.7.30.0) that could allow an attacker with locally authenticated low privileges to obtain key information due to an unspecified attack vector.... Read more
Affected Products : workspace_control- Published: Jan. 10, 2022
- Modified: Nov. 21, 2024