Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2022-34731 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-34732 Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-34733 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-34734 Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-35803 Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-35805 Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-35823 Microsoft SharePoint Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-37959 Network Device Enrollment Service (NDES) Security Feature Bypass Vulnerability | 6.5 | MEDIUM | β | 0 |
| CVE-2022-35830 Remote Procedure Call Runtime Remote Code Execution Vulnerability | 8.1 | HIGH | β | 0 |
| CVE-2022-35831 Windows Remote Access Connection Manager Information Disclosure Vulnerability | 5.5 | MEDIUM | β | 0 |
| CVE-2022-35832 Windows Event Tracing Denial of Service Vulnerability | 5.5 | MEDIUM | β | 0 |
| CVE-2022-35833 Windows Secure Channel Denial of Service Vulnerability | 7.5 | HIGH | β | 0 |
| CVE-2022-35834 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-35835 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-35836 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-35841 Windows Enterprise App Management Service Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-37954 DirectX Graphics Kernel Elevation of Privilege Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-37955 Windows Group Policy Elevation of Privilege Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-37956 Windows Kernel Elevation of Privilege Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-37957 Windows Kernel Elevation of Privilege Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-37958 SPNEGO Extended Negotiation (NEGOEX) Security Mechanism Remote Code Execution Vulnerability | 8.1 | HIGH | β | 0 |
| CVE-2022-40634 Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker SSTI. | 6.4 | MEDIUM | β | 0 |
| CVE-2022-37961 Microsoft SharePoint Server Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-37962 Microsoft PowerPoint Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-37963 Microsoft Office Visio Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-37964 Windows Kernel Elevation of Privilege Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-38004 Windows Fax Service Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-38005 Windows Print Spooler Elevation of Privilege Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-38006 Windows Graphics Component Information Disclosure Vulnerability | 6.5 | MEDIUM | β | 0 |
| CVE-2022-38008 Microsoft SharePoint Server Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-38009 Microsoft SharePoint Server Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-38010 Microsoft Office Visio Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-38012 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 7.7 | HIGH | β | 0 |
| CVE-2022-38020 Visual Studio Code Elevation of Privilege Vulnerability | 7.3 | HIGH | β | 0 |
| CVE-2022-40635 Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. | 6.4 | MEDIUM | β | 0 |
| CVE-2022-39203 matrix-appservice-irc is an open source Node.js IRC bridge for Matrix. Attackers can specify a specific string of characters, which would confuse the bridge into combining an attacker-owned channel an... | 8.8 | HIGH | β | 0 |
| CVE-2022-39205 Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. In versions of Onedev prior to 7.3.0 unauthenticated users can take over a OneDev instance if there is no properly configured re... | 9.0 | CRITICAL | β | 0 |
| CVE-2022-39206 Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. When using Docker-based job executors, the Docker socket (e.g. /var/run/docker.sock on Linux) is mounted into each Docker step. ... | 9.9 | CRITICAL | β | 0 |
| CVE-2022-39207 Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. During CI/CD builds, it is possible to save build artifacts for later retrieval. They can be accessed through OneDev's web UI af... | 5.4 | MEDIUM | β | 0 |
| CVE-2022-39208 Onedev is an open source, self-hosted Git Server with CI/CD and Kanban. All files in the /opt/onedev/sites/ directory are exposed and can be read by unauthenticated users. This directory contains all ... | 7.5 | HIGH | β | 0 |
| CVE-2021-0942 The path in this case is a little bit convoluted. The end result is that via an ioctl an untrusted app can control the ui32PageIndex offset in the expression:sPA.uiAddr = page_to_phys(psOSPageArrayDat... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-0943 In MMU_MapPages of TBD, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User ... | 7.8 | HIGH | β | 0 |
| CVE-2022-20385 a function called 'nla_parse', do not check the len of para, it will check nla_type (which can be controlled by userspace) with 'maxtype' (in this case, it is GSCAN_MAX), then it access polciy array '... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-20386 Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238227328 | 9.8 | CRITICAL | β | 0 |
| CVE-2022-20387 Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238227324 | 9.8 | CRITICAL | β | 0 |
| CVE-2022-20390 Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238257002 | 9.8 | CRITICAL | β | 0 |
| CVE-2022-20391 Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238257000 | 9.8 | CRITICAL | β | 0 |
| CVE-2022-20393 In extract3GPPGlobalDescriptions of TextDescriptions.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure from the media server with ... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-38495 LIEF commit 365a16a was discovered to contain a heap-buffer overflow via the function print_binary at /c/macho_reader.c. | 7.8 | HIGH | β | 0 |
| CVE-2022-20395 In checkAccess of MediaProvider.java, there is a possible file deletion due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. ... | 7.8 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.