Latest CVE Feed
-
4.4
MEDIUMCVE-2022-26074
Incomplete cleanup in a firmware subsystem for Intel(R) SPS before versions SPS_E3_04.08.04.330.0 and SPS_E3_04.01.04.530.0 may allow a privileged user to potentially enable denial of service via local access.... Read more
Affected Products : server_platform_services_firmware- EPSS Score: %0.14
- Published: Aug. 18, 2022
- Modified: May. 05, 2025
-
8.0
HIGHCVE-2022-26017
Improper access control in the Intel(R) DSA software for before version 22.2.14 may allow an authenticated user to potentially enable escalation of privilege via adjacent access.... Read more
Affected Products : driver_\&_support_assistant- EPSS Score: %0.35
- Published: Aug. 18, 2022
- Modified: May. 05, 2025
-
7.8
HIGHCVE-2022-25999
Uncontrolled search path element in the Intel(R) Enpirion(R) Digital Power Configurator GUI software, all versions may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more
- EPSS Score: %0.07
- Published: Aug. 18, 2022
- Modified: May. 05, 2025
-
7.8
HIGHCVE-2022-25966
Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more
Affected Products : edge_insights_for_industrial- EPSS Score: %0.06
- Published: Aug. 18, 2022
- Modified: May. 05, 2025
-
7.8
HIGHCVE-2022-25841
Uncontrolled search path elements in the Intel(R) Datacenter Group Event Android application, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more
Affected Products : datacenter_group_event- EPSS Score: %0.07
- Published: Aug. 18, 2022
- Modified: May. 05, 2025
-
9.8
CRITICALCVE-2022-25315
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames.... Read more
Affected Products : fedora zfs_storage_appliance_kit debian_linux http_server sinema_remote_connect_server libexpat- EPSS Score: %7.70
- Published: Feb. 18, 2022
- Modified: May. 05, 2025
-
7.5
HIGHCVE-2022-25314
In Expat (aka libexpat) before 2.4.5, there is an integer overflow in copyString.... Read more
Affected Products : fedora zfs_storage_appliance_kit debian_linux http_server sinema_remote_connect_server libexpat- EPSS Score: %0.36
- Published: Feb. 18, 2022
- Modified: May. 05, 2025
-
9.8
CRITICALCVE-2022-25236
xmlparse.c in Expat (aka libexpat) before 2.4.5 allows attackers to insert namespace-separator characters into namespace URIs.... Read more
Affected Products : zfs_storage_appliance_kit debian_linux http_server sinema_remote_connect_server libexpat- EPSS Score: %9.36
- Published: Feb. 16, 2022
- Modified: May. 05, 2025
-
9.8
CRITICALCVE-2022-25235
xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as checks for whether a UTF-8 character is valid in a certain context.... Read more
Affected Products : fedora zfs_storage_appliance_kit debian_linux http_server sinema_remote_connect_server libexpat- EPSS Score: %13.32
- Published: Feb. 16, 2022
- Modified: May. 05, 2025
-
6.5
MEDIUMCVE-2022-24436
Observable behavioral in power management throttling for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via network access.... Read more
Affected Products : *- EPSS Score: %15.56
- Published: Jun. 15, 2022
- Modified: May. 05, 2025
-
6.7
MEDIUMCVE-2022-24382
Improper input validation in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.... Read more
Affected Products : nuc_11_compute_element_cm11ebi38w_firmware nuc_11_compute_element_cm11ebi58w_firmware nuc_11_compute_element_cm11ebi716w_firmware nuc_11_pro_board_nuc11tnbi3_firmware nuc_11_pro_board_nuc11tnbi5_firmware nuc_11_pro_board_nuc11tnbi7_firmware nuc_11_pro_kit_nuc11tnhi3_firmware nuc_11_pro_kit_nuc11tnhi30l_firmware nuc_11_pro_kit_nuc11tnhi30p_firmware nuc_11_pro_kit_nuc11tnhi5_firmware +108 more products- EPSS Score: %0.06
- Published: May. 12, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-24378
Improper initialization in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access.... Read more
Affected Products : data_center_manager- EPSS Score: %0.14
- Published: Aug. 18, 2022
- Modified: May. 05, 2025
-
6.7
MEDIUMCVE-2022-24297
Improper buffer restrictions in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.... Read more
Affected Products : nuc_11_compute_element_cm11ebi38w_firmware nuc_11_compute_element_cm11ebi58w_firmware nuc_11_compute_element_cm11ebi716w_firmware nuc_11_pro_board_nuc11tnbi3_firmware nuc_11_pro_board_nuc11tnbi5_firmware nuc_11_pro_board_nuc11tnbi7_firmware nuc_11_pro_kit_nuc11tnhi3_firmware nuc_11_pro_kit_nuc11tnhi30l_firmware nuc_11_pro_kit_nuc11tnhi30p_firmware nuc_11_pro_kit_nuc11tnhi5_firmware +108 more products- EPSS Score: %0.06
- Published: May. 12, 2022
- Modified: May. 05, 2025
-
6.1
MEDIUMCVE-2022-24227
A cross-site scripting (XSS) vulnerability in BoltWire v7.10 and v 8.00 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the name and lastname parameters.... Read more
Affected Products : boltwire- EPSS Score: %3.28
- Published: Feb. 15, 2022
- Modified: May. 05, 2025
-
7.5
HIGHCVE-2022-23990
Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.... Read more
Affected Products : fedora debian_linux sinema_remote_connect_server nessus communications_metasolv_solution libexpat- EPSS Score: %3.52
- Published: Jan. 26, 2022
- Modified: May. 05, 2025
-
9.8
CRITICALCVE-2022-23852
Expat (aka libexpat) before 2.4.4 has a signed integer overflow in XML_GetBuffer, for configurations with a nonzero XML_CONTEXT_BYTES.... Read more
- EPSS Score: %1.94
- Published: Jan. 24, 2022
- Modified: May. 05, 2025
-
6.1
MEDIUMCVE-2022-23808
An issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.... Read more
Affected Products : phpmyadmin- EPSS Score: %68.57
- Published: Jan. 22, 2022
- Modified: May. 05, 2025
-
9.9
CRITICALCVE-2022-23603
iTunesRPC-Remastered is a discord rich presence application for use with iTunes & Apple Music. In code before commit 24f43aa user input is not properly sanitized and code injection is possible. Users are advised to upgrade as soon as is possible. There ar... Read more
Affected Products : itunesrpc-remastered- EPSS Score: %0.37
- Published: Feb. 01, 2022
- Modified: May. 05, 2025
-
8.1
HIGHCVE-2022-23602
Nimforum is a lightweight alternative to Discourse written in Nim. In versions prior to 2.2.0 any forum user can create a new thread/post with an include referencing a file local to the host operating system. Nimforum will render the file if able. This ca... Read more
- EPSS Score: %0.39
- Published: Feb. 01, 2022
- Modified: May. 05, 2025
-
6.1
MEDIUMCVE-2022-23599
Products.ATContentTypes are the core content types for Plone 2.1 - 4.3. Versions of Plone that are dependent on Products.ATContentTypes prior to version 3.0.6 are vulnerable to reflected cross site scripting and open redirect when an attacker can get a co... Read more
Affected Products : plone- EPSS Score: %0.23
- Published: Jan. 28, 2022
- Modified: May. 05, 2025