Export limit exceeded: 350314 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35180 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-26731 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-11-21 | 4.3 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious website may be able to track users in Safari private browsing mode. | ||||
| CVE-2022-26728 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 5.5 Medium |
| This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to access restricted files. | ||||
| CVE-2022-26727 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 5.5 Medium |
| This issue was addressed with improved entitlements. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4. A malicious application may be able to modify protected parts of the file system. | ||||
| CVE-2022-26726 | 1 Apple | 3 Mac Os X, Macos, Watchos | 2024-11-21 | 6.5 Medium |
| This issue was addressed with improved checks. This issue is fixed in Security Update 2022-004 Catalina, watchOS 8.6, macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able to capture a user's screen. | ||||
| CVE-2022-26725 | 1 Apple | 1 Macos | 2024-11-21 | 5.3 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. Photo location information may persist after it is removed with Preview Inspector. | ||||
| CVE-2022-26712 | 1 Apple | 1 Macos | 2024-11-21 | 5.5 Medium |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to modify protected parts of the file system. | ||||
| CVE-2022-26708 | 1 Apple | 1 Macos | 2024-11-21 | 9.8 Critical |
| This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. An attacker may be able to cause unexpected application termination or arbitrary code execution. | ||||
| CVE-2022-26706 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 5.5 Medium |
| An access issue was addressed with additional sandbox restrictions on third-party applications. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A sandboxed process may be able to circumvent sandbox restrictions. | ||||
| CVE-2022-26699 | 1 Apple | 1 Macos | 2024-11-21 | 5.5 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13. An app may be able to cause a denial-of-service to Endpoint Security clients. | ||||
| CVE-2022-26694 | 1 Apple | 1 Macos | 2024-11-21 | 9.1 Critical |
| This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. A plug-in may be able to inherit the application's permissions and access user data. | ||||
| CVE-2022-26693 | 1 Apple | 1 Macos | 2024-11-21 | 9.1 Critical |
| This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4. A plug-in may be able to inherit the application's permissions and access user data. | ||||
| CVE-2022-26657 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort via One Touch Join. | ||||
| CVE-2022-26656 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 8.2 High |
| Pexip Infinity before 27.3 allows remote attackers to trigger a software abort, and possibly enumerate usernames, via One Touch Join. | ||||
| CVE-2022-26654 | 1 Pexip | 1 Pexip Infinity | 2024-11-21 | 7.5 High |
| Pexip Infinity before 27.3 allows remote attackers to force a software abort via HTTP. | ||||
| CVE-2022-26643 | 1 Johnsoncontrols | 1 Easyio Cpt Graphics | 2024-11-21 | 5.3 Medium |
| An issue in EasyIO CPT Graphics v0.8 allows attackers to discover valid users in the application. | ||||
| CVE-2022-26534 | 1 Fisco-bcos | 1 Fisco-bcos | 2024-11-21 | 7.5 High |
| FISCO-BCOS release-3.0.0-rc2 was discovered to contain an issue where a malicious node, via a malicious viewchange packet, will cause normal nodes to change view excessively and stop generating blocks. | ||||
| CVE-2022-26530 | 1 Swaywm | 1 Swaylock | 2024-11-21 | 9.1 Critical |
| swaylock before 1.6 allows attackers to trigger a crash and achieve unlocked access to a Wayland compositor. | ||||
| CVE-2022-26520 | 3 Debian, Postgresql, Redhat | 5 Debian Linux, Postgresql Jdbc Driver, Jboss Enterprise Bpms Platform and 2 more | 2024-11-21 | 9.8 Critical |
| In pgjdbc before 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JSP file under a Tomcat web root. NOTE: the vendor's position is that there is no pgjdbc vulnerability; instead, it is a vulnerability for any application to use the pgjdbc driver with untrusted connection properties | ||||
| CVE-2022-26364 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2024-11-21 | 6.7 Medium |
| x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-coherency; cases where the CPU can cause the content of the cache to be different to the content in main memory. In such cases, Xen's safety logic can incorrectly conclude that the contents of a page is safe. | ||||
| CVE-2022-26363 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2024-11-21 | 6.7 Medium |
| x86 pv: Insufficient care with non-coherent mappings T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Xen maintains a type reference count for pages, in addition to a regular reference count. This scheme is used to maintain invariants required for Xen's safety, e.g. PV guests may not have direct writeable access to pagetables; updates need auditing by Xen. Unfortunately, Xen's safety logic doesn't account for CPU-induced cache non-coherency; cases where the CPU can cause the content of the cache to be different to the content in main memory. In such cases, Xen's safety logic can incorrectly conclude that the contents of a page is safe. | ||||