Export limit exceeded: 35214 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (35214 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-43402 | 2 Jenkins, Redhat | 3 Pipeline\, Ocp Tools, Openshift | 2024-11-21 | 9.9 Critical |
| A sandbox bypass vulnerability involving various casts performed implicitly by the Groovy language runtime in Jenkins Pipeline: Groovy Plugin 2802.v5ea_628154b_c2 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM. | ||||
| CVE-2022-43401 | 2 Jenkins, Redhat | 3 Script Security, Ocp Tools, Openshift | 2024-11-21 | 9.9 Critical |
| A sandbox bypass vulnerability involving various casts performed implicitly by the Groovy language runtime in Jenkins Script Security Plugin 1183.v774b_0b_0a_a_451 and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the context of the Jenkins controller JVM. | ||||
| CVE-2022-43284 | 1 F5 | 1 Njs | 2024-11-21 | 7.5 High |
| Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a segmentation violation via njs_scope_valid_value at njs_scope.h. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input. | ||||
| CVE-2022-42828 | 1 Apple | 1 Macos | 2024-11-21 | 8.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2022-42790 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2024-11-21 | 5.5 Medium |
| A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6. A user may be able to view restricted content from the lock screen. | ||||
| CVE-2022-42789 | 1 Apple | 1 Macos | 2024-11-21 | 5.5 Medium |
| An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be able to access user-sensitive data. | ||||
| CVE-2022-42540 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| Elevation of privilege | ||||
| CVE-2022-42539 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| Information disclosure | ||||
| CVE-2022-42538 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| Elevation of privilege | ||||
| CVE-2022-42537 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| Remote code execution | ||||
| CVE-2022-42536 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| Remote code execution | ||||
| CVE-2022-42457 | 1 Generex | 2 Cs141, Cs141 Firmware | 2024-11-21 | 9.1 Critical |
| Generex CS141 through 2.10 allows remote command execution by administrators via a web interface that reaches run_update in /usr/bin/gxserve-update.sh (e.g., command execution can occur via a reverse shell installed by install.sh). | ||||
| CVE-2022-42330 | 1 Xen | 1 Xen | 2024-11-21 | 7.5 High |
| Guests can cause Xenstore crash via soft reset When a guest issues a "Soft Reset" (e.g. for performing a kexec) the libxl based Xen toolstack will normally perform a XS_RELEASE Xenstore operation. Due to a bug in xenstored this can result in a crash of xenstored. Any other use of XS_RELEASE will have the same impact. | ||||
| CVE-2022-42300 | 1 Veritas | 1 Netbackup | 2024-11-21 | 4.3 Medium |
| An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server nbars process can be crashed resulting in a denial of service. (Note: the watchdog service will automatically restart the process.) | ||||
| CVE-2022-42299 | 1 Veritas | 1 Netbackup | 2024-11-21 | 5.3 Medium |
| An issue was discovered in Veritas NetBackup through 10.0.0.1 and related Veritas products. The NetBackup Primary server is vulnerable to a denial of service attack through the DiscoveryService service. | ||||
| CVE-2022-42075 | 1 Wedding Planner Project | 1 Wedding Planner | 2024-11-21 | 9.8 Critical |
| Wedding Planner v1.0 is vulnerable to arbitrary code execution. | ||||
| CVE-2022-42045 | 2 Watchdog, Zemana | 2 Anti-virus, Antimalware | 2024-11-21 | 6.7 Medium |
| Certain Zemana products are vulnerable to Arbitrary code injection. This affects Watchdog Anti-Malware 4.1.422 and Zemana AntiMalware 3.2.28. | ||||
| CVE-2022-41561 | 1 Tibco | 1 Jasperreports Server | 2024-11-21 | 9.1 Critical |
| The JNDI Data Sources component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server, TIBCO JasperReports Server - Community Edition, TIBCO JasperReports Server - Developer Edition, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for AWS Marketplace, TIBCO JasperReports Server for Microsoft Azure, and TIBCO JasperReports Server for Microsoft Azure contains an easily exploitable vulnerability that allows a privileged/administrative attacker with network access to execute Remote Code Execution to obtain a reverse shell on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO JasperReports Server: versions 8.0.2 and below, TIBCO JasperReports Server: version 8.1.0, TIBCO JasperReports Server - Community Edition: versions 8.1.0 and below, TIBCO JasperReports Server - Developer Edition: versions 8.1.0 and below, TIBCO JasperReports Server for AWS Marketplace: versions 8.0.2 and below, TIBCO JasperReports Server for AWS Marketplace: version 8.1.0, TIBCO JasperReports Server for Microsoft Azure: versions 8.0.2 and below, and TIBCO JasperReports Server for Microsoft Azure: version 8.1.0. | ||||
| CVE-2022-41425 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.5 Medium |
| Bento4 v1.6.0-639 was discovered to contain a segmentation violation via the AP4_Processor::ProcessFragments function in mp4decrypt. | ||||
| CVE-2022-41423 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.5 Medium |
| Bento4 v1.6.0-639 was discovered to contain a segmentation violation in the mp4fragment component. | ||||