Latest CVE Feed
-
5.5
MEDIUMCVE-2022-21152
Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable information disclosure via local access.... Read more
Affected Products : edge_insights_for_industrial- EPSS Score: %0.06
- Published: Aug. 18, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21151
Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more
- EPSS Score: %0.04
- Published: May. 12, 2022
- Modified: May. 05, 2025
-
7.8
HIGHCVE-2022-21148
Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more
Affected Products : edge_insights_for_industrial- EPSS Score: %0.06
- Published: Aug. 18, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21140
Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable information disclosure via local access.... Read more
Affected Products : wi-fi_6_ax201_firmware wi-fi_6_ax200_firmware wireless-ac_9560_firmware wireless-ac_9462_firmware wireless-ac_9461_firmware wireless-ac_9260_firmware dual_band_wireless-ac_8265_firmware dual_band_wireless-ac_8260_firmware dual_band_wireless-ac_3168_firmware dual_band_wireless-ac_3165_firmware +26 more products- EPSS Score: %0.14
- Published: Aug. 18, 2022
- Modified: May. 05, 2025
-
8.8
HIGHCVE-2022-21139
Inadequate encryption strength for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.... Read more
- EPSS Score: %0.24
- Published: Aug. 18, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21136
Improper input validation for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable denial of service via local access.... Read more
Affected Products : xeon_platinum_8253_firmware xeon_platinum_8256_firmware xeon_platinum_8260_firmware xeon_platinum_8276_firmware xeon_platinum_8276l_firmware xeon_platinum_8280l_firmware xeon_platinum_8260l_firmware xeon_platinum_8280_firmware xeon_platinum_8260y_firmware xeon_platinum_8268_firmware +282 more products- EPSS Score: %0.04
- Published: May. 12, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21133
Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.... Read more
Affected Products : trace_analyzer_and_collector- EPSS Score: %0.05
- Published: Feb. 09, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21131
Improper access control for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more
Affected Products : xeon_platinum_8253_firmware xeon_platinum_8256_firmware xeon_platinum_8260_firmware xeon_platinum_8276_firmware xeon_platinum_8276l_firmware xeon_platinum_8280l_firmware xeon_platinum_8260l_firmware xeon_platinum_8280_firmware xeon_platinum_8260y_firmware xeon_platinum_8268_firmware +282 more products- EPSS Score: %0.08
- Published: May. 12, 2022
- Modified: May. 05, 2025
-
7.8
HIGHCVE-2022-21128
Insufficient control flow management in the Intel(R) Advisor software before version 7.6.0.37 may allow an authenticated user to potentially enable escalation of privilege via local access.... Read more
Affected Products : advisor- EPSS Score: %0.06
- Published: May. 12, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21127
Incomplete cleanup in specific special register read operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more
- EPSS Score: %0.20
- Published: Jun. 15, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21125
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more
- EPSS Score: %0.52
- Published: Jun. 15, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-21123
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.... Read more
- EPSS Score: %0.32
- Published: Jun. 15, 2022
- Modified: May. 05, 2025
-
8.8
HIGHCVE-2022-1969
The Mobile browser color select plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing or incorrect nonce validation on the admin_update_data() function. This makes it possible for ... Read more
Affected Products : mobile_browser_color_select- EPSS Score: %0.17
- Published: Jun. 13, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-1961
The Google Tag Manager for WordPress (GTM4WP) plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping via the `gtm4wp-options[scroller-contentid]` parameter found in the `~/public/frontend.php` file which allowed attackers with ad... Read more
Affected Products : google_tag_manager- EPSS Score: %0.84
- Published: Jun. 13, 2022
- Modified: May. 05, 2025
-
8.8
HIGHCVE-2022-1912
The Button Widget Smartsoft plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.1. This is due to missing nonce validation on the smartsoftbutton_settings page. This makes it possible for unauthenticated ... Read more
Affected Products : button_widget_smartsoft- EPSS Score: %0.19
- Published: Jul. 18, 2022
- Modified: May. 05, 2025
-
8.8
HIGHCVE-2022-1900
The Copify plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.3.0. This is due to missing nonce validation on the CopifySettings page. This makes it possible for unauthenticated attackers to update the plu... Read more
Affected Products : copify- EPSS Score: %0.14
- Published: Jun. 13, 2022
- Modified: May. 05, 2025
-
6.1
MEDIUMCVE-2022-1822
The Zephyr Project Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘project’ parameter in versions up to, and including, 3.2.40 due to insufficient input sanitization and output escaping. This makes it possible for una... Read more
- EPSS Score: %2.98
- Published: Jun. 13, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2022-1750
The Sticky Popup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘ popup_title' parameter in versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated ... Read more
Affected Products : sticky_popup- EPSS Score: %0.30
- Published: Jun. 13, 2022
- Modified: May. 05, 2025
-
8.8
HIGHCVE-2022-1749
The WPMK Ajax Finder WordPress plugin is vulnerable to Cross-Site Request Forgery via the createplugin_atf_admin_setting_page() function found in the ~/inc/config/create-plugin-config.php file due to a missing nonce check which allows attackers to inject ... Read more
Affected Products : wpmk_ajax_finder- EPSS Score: %0.20
- Published: Jun. 13, 2022
- Modified: May. 05, 2025
-
6.1
MEDIUMCVE-2022-1707
The Google Tag Manager for WordPress plugin for WordPress is vulnerable to reflected Cross-Site Scripting via the s parameter due to the site search populating into the data layer of sites with insufficient sanitization in versions up to an including 1.15... Read more
Affected Products : google_tag_manager- EPSS Score: %58.57
- Published: Jun. 13, 2022
- Modified: May. 05, 2025