Export limit exceeded: 349498 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 80157 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (80157 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-27945 | 1 Netgear | 2 R8500, R8500 Firmware | 2024-11-21 | 8.8 High |
| NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands (such as telnetd) via shell metacharacters in the sysNewPasswd and sysConfirmPasswd parameters to password.cgi. | ||||
| CVE-2022-27944 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2024-11-21 | 7.5 High |
| Foxit PDF Reader before 12.0.1 and PDF Editor before 12.0.1 allow an exportXFAData NULL pointer dereference. | ||||
| CVE-2022-27942 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2024-11-21 | 7.8 High |
| tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c. | ||||
| CVE-2022-27941 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2024-11-21 | 7.8 High |
| tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c. | ||||
| CVE-2022-27940 | 2 Broadcom, Fedoraproject | 2 Tcpreplay, Fedora | 2024-11-21 | 7.8 High |
| tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c. | ||||
| CVE-2022-27937 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger excessive resource consumption via H.264. | ||||
| CVE-2022-27936 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via H.323. | ||||
| CVE-2022-27935 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via Epic Telehealth. | ||||
| CVE-2022-27934 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via HTTP. | ||||
| CVE-2022-27933 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 8.2 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. | ||||
| CVE-2022-27932 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. | ||||
| CVE-2022-27931 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. | ||||
| CVE-2022-27929 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via HTTP. | ||||
| CVE-2022-27928 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity 27.x before 27.3 allows remote attackers to trigger a software abort via the Session Initiation Protocol. | ||||
| CVE-2022-27908 | 1 Zohocorp | 1 Manageengine Opmanager | 2024-11-21 | 8.8 High |
| Zoho ManageEngine OpManager before 125588 (and before 125603) is vulnerable to authenticated SQL Injection in the Inventory Reports module. | ||||
| CVE-2022-27905 | 1 Controlup | 1 Controlup | 2024-11-21 | 7.2 High |
| In ControlUp Real-Time Agent before 8.6, an unquoted path can result in privilege escalation. An attacker would require write permissions to the root level of the OS drive (C:\) to exploit this. | ||||
| CVE-2022-27904 | 2 Apple, Automox | 2 Macos, Automox | 2024-11-21 | 7.0 High |
| Automox Agent for macOS before version 39 was vulnerable to a time-of-check/time-of-use (TOCTOU) race-condition attack during the agent install process. | ||||
| CVE-2022-27903 | 1 Eve-ng | 1 Eve-ng | 2024-11-21 | 8.8 High |
| An OS Command Injection vulnerability in the configuration parser of Eve-NG Professional through 4.0.1-65 and Eve-NG Community through 2.0.3-112 allows a remote authenticated attacker to execute commands as root by editing virtualization command parameters of imported UNL files. | ||||
| CVE-2022-27883 | 1 Trendmicro | 1 Antivirus For Mac | 2024-11-21 | 7.3 High |
| A link following vulnerability in Trend Micro Antivirus for Mac 11.5 could allow an attacker to create a specially-crafted file as a symlink that can lead to privilege escalation. Please note that an attacker must at least have low-level privileges on the system to attempt to exploit this vulnerability. | ||||
| CVE-2022-27882 | 1 Openbsd | 1 Openbsd | 2024-11-21 | 7.5 High |
| slaacd in OpenBSD 6.9 and 7.0 before 2022-03-22 has an integer signedness error and resultant heap-based buffer overflow triggerable by a crafted IPv6 router advertisement. NOTE: privilege separation and pledge can prevent exploitation. | ||||