Latest CVE Feed
-
9.0
CRITICALCVE-2022-21846
Microsoft Exchange Server Remote Code Execution Vulnerability... Read more
Affected Products : exchange_server- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
4.7
MEDIUMCVE-2022-21845
Windows Kernel Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 +12 more products- Published: Jul. 12, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2022-21844
HEVC Video Extensions Remote Code Execution Vulnerability... Read more
Affected Products : hevc_video_extensions- Published: Feb. 09, 2022
- Modified: Nov. 21, 2024
-
7.5
HIGHCVE-2022-21843
Windows Internet Key Exchange (IKE) Protocol Extensions Remote Code Execution Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +13 more products- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGH- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
9.3
HIGH- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
8.8
HIGHCVE-2022-21840
Microsoft Office Remote Code Execution Vulnerability... Read more
- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2022-21839
Windows Event Tracing Discretionary Access Control List Denial of Service Vulnerability... Read more
- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2022-21838
Windows Cleanup Manager Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +13 more products- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
9.0
HIGH- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2022-21836
Windows Certificate Spoofing Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +14 more products- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2022-21835
Microsoft Cryptographic Services Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +14 more products- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2022-21834
Windows User-mode Driver Framework Reflector Driver Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +14 more products- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
7.8
HIGHCVE-2022-21833
Virtual Machine IDE Drive Elevation of Privilege Vulnerability... Read more
Affected Products : windows_10 windows_7 windows_8.1 windows_rt_8.1 windows_server_2008 windows_server_2012 windows_server_2016 windows_server_2019 windows_server windows_10_1607 +14 more products- Published: Jan. 11, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2022-21831
A code injection vulnerability exists in the Active Storage >= v5.2.0 that could allow an attacker to execute code via image_processing arguments.... Read more
- Published: May. 26, 2022
- Modified: Nov. 21, 2024
-
6.1
MEDIUMCVE-2022-21830
A blind self XSS vulnerability exists in RocketChat LiveChat <v1.9 that could allow an attacker to trick a victim pasting malicious code in their chat instance.... Read more
Affected Products : livechat- Published: Apr. 01, 2022
- Modified: Nov. 21, 2024
-
9.8
CRITICALCVE-2022-21829
Concrete CMS Versions 9.0.0 through 9.0.2 and 8.5.7 and below can download zip files over HTTP and execute code from those zip files which could lead to an RCE. Fixed by enforcing ‘concrete_secure’ instead of ‘concrete’. Concrete now only makes requests o... Read more
- Published: Jun. 24, 2022
- Modified: Nov. 21, 2024
-
7.2
HIGHCVE-2022-21828
A user with high privilege access to the Incapptic Connect web console can remotely execute code on the Incapptic Connect server using a unspecified attack vector in Incapptic Connect version 1.40.0, 1.39.1, 1.39.0, 1.38.1, 1.38.0, 1.37.1, 1.37.0, 1.36.0,... Read more
Affected Products : incapptic_connect- Published: Mar. 04, 2022
- Modified: Nov. 21, 2024
-
7.1
HIGHCVE-2022-21827
An improper privilege vulnerability has been discovered in Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows) <21.9.1.2 what could allow an attacker who has gained local access to a computer with Citrix Gateway Plug-in installed, to cor... Read more
Affected Products : gateway_plug-in- Published: May. 26, 2022
- Modified: Nov. 21, 2024
-
5.4
MEDIUMCVE-2022-21826
Pulse Secure version 9.115 and below may be susceptible to client-side http request smuggling, When the application receives a POST request, it ignores the request's Content-Length header and leaves the POST body on the TCP/TLS socket. This body ends up p... Read more
- Published: Sep. 30, 2022
- Modified: Nov. 21, 2024