Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2022-35797 Windows Hello Security Feature Bypass Vulnerability | 6.1 | MEDIUM | β | 0 |
| CVE-2022-35799 Azure Site Recovery Elevation of Privilege Vulnerability | 6.5 | MEDIUM | β | 0 |
| CVE-2022-35802 Azure Site Recovery Elevation of Privilege Vulnerability | 8.1 | HIGH | β | 0 |
| CVE-2022-35804 SMB Client and Server Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-35806 Azure RTOS GUIX Studio Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-35807 Azure Site Recovery Elevation of Privilege Vulnerability | 6.5 | MEDIUM | β | 0 |
| CVE-2022-35808 Azure Site Recovery Elevation of Privilege Vulnerability | 6.5 | MEDIUM | β | 0 |
| CVE-2022-35809 Azure Site Recovery Elevation of Privilege Vulnerability | 6.5 | MEDIUM | β | 0 |
| CVE-2022-35810 Azure Site Recovery Elevation of Privilege Vulnerability | 6.5 | MEDIUM | β | 0 |
| CVE-2022-35811 Azure Site Recovery Elevation of Privilege Vulnerability | 6.5 | MEDIUM | β | 0 |
| CVE-2022-35812 Azure Site Recovery Elevation of Privilege Vulnerability | 4.9 | MEDIUM | β | 0 |
| CVE-2022-35813 Azure Site Recovery Elevation of Privilege Vulnerability | 6.5 | MEDIUM | β | 0 |
| CVE-2022-35814 Azure Site Recovery Elevation of Privilege Vulnerability | 6.5 | MEDIUM | β | 0 |
| CVE-2022-35815 Azure Site Recovery Elevation of Privilege Vulnerability | 6.5 | MEDIUM | β | 0 |
| CVE-2022-35816 Azure Site Recovery Elevation of Privilege Vulnerability | 6.5 | MEDIUM | β | 0 |
| CVE-2022-35817 Azure Site Recovery Elevation of Privilege Vulnerability | 6.5 | MEDIUM | β | 0 |
| CVE-2022-35818 Azure Site Recovery Elevation of Privilege Vulnerability | 6.5 | MEDIUM | β | 0 |
| CVE-2022-35819 Azure Site Recovery Elevation of Privilege Vulnerability | 6.5 | MEDIUM | β | 0 |
| CVE-2022-35820 Windows Bluetooth Driver Elevation of Privilege Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-35821 Azure Sphere Information Disclosure Vulnerability | 4.4 | MEDIUM | β | 0 |
| CVE-2022-35824 Azure Site Recovery Remote Code Execution Vulnerability | 7.2 | HIGH | β | 0 |
| CVE-2022-36801 Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to inject arbitrary HTML or JavaScript via a Reflected Cross-Site Scripting (RXSS) vulnerability in the Team... | 6.1 | MEDIUM | β | 0 |
| CVE-2022-35825 Visual Studio Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-35826 Visual Studio Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-35827 Visual Studio Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-29083 Prior Dell BIOS versions contain an Improper Authentication vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability by bypassing driv... | 6.8 | MEDIUM | β | 0 |
| CVE-2022-25973 All versions of package mc-kill-port are vulnerable to Arbitrary Command Execution via the kill function, due to missing sanitization of the port argument. | 7.8 | HIGH | β | 0 |
| CVE-2022-28129 Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an attacker to send invalid headers. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. | 7.5 | HIGH | β | 0 |
| CVE-2022-31778 Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 8.0.0 to 9.0.... | 7.5 | HIGH | β | 0 |
| CVE-2022-31779 Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. | 7.5 | HIGH | β | 0 |
| CVE-2022-20820 Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web... | 5.4 | MEDIUM | β | 0 |
| CVE-2022-31780 Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. | 7.5 | HIGH | β | 0 |
| CVE-2022-20841 Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (D... | 9.0 | CRITICAL | β | 0 |
| CVE-2022-20792 A vulnerability in the regex module used by the signature database load module of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an aut... | 7.8 | HIGH | β | 0 |
| CVE-2022-20816 A vulnerability in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could al... | 6.5 | MEDIUM | β | 0 |
| CVE-2022-38236 XPDF commit ffaf11c was discovered to contain a global-buffer overflow via Lexer::getObj(Object*) at /xpdf/Lexer.cc. | 7.8 | HIGH | β | 0 |
| CVE-2022-20827 Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (D... | 9.0 | CRITICAL | β | 0 |
| CVE-2022-20842 Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (D... | 9.0 | CRITICAL | β | 0 |
| CVE-2022-20852 Multiple vulnerabilities in the web interface of Cisco Webex Meetings could allow a remote attacker to conduct a cross-site scripting (XSS) attack or a frame hijacking attack against a user of the web... | 5.4 | MEDIUM | β | 0 |
| CVE-2022-20869 A vulnerability in the web-based management interface of Cisco BroadWorks Application Delivery Platform Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting attac... | 6.1 | MEDIUM | β | 0 |
| CVE-2022-20914 A vulnerability in the External RESTful Services (ERS) API of Cisco Identity Services Engine (ISE) Software could allow an authenticated, remote attacker to obtain sensitive information. This vulnerab... | 4.9 | MEDIUM | β | 0 |
| CVE-2025-26757 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in FULL SERVICES FULL Customer allows PHP Local File Inclusion. This issue affects... | 7.5 | HIGH | β | 0 |
| CVE-2022-2242 The KUKA SystemSoftware V/KSS in versions prior to 8.6.5 is prone to improper access control as an unauthorized attacker can directly read and write robot configurations when access control is not ava... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-34659 A vulnerability has been identified in Simcenter STAR-CCM+ (All versions only if the Power-on-Demand public license server is used). Affected applications expose user, host and display name of users, ... | 7.5 | HIGH | β | 0 |
| CVE-2022-2756 Server-Side Request Forgery (SSRF) in GitHub repository kareadita/kavita prior to 0.5.4.1. | 6.5 | MEDIUM | β | 0 |
| CVE-2022-38133 In JetBrains TeamCity before 2022.04.3 the private SSH key could be written to the server log in some cases | 3.2 | LOW | β | 0 |
| CVE-2022-20713 A vulnerability in the VPN web client services component of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote at... | 4.3 | MEDIUM | β | 0 |
| CVE-2022-20866 A vulnerability in the handling of RSA keys on devices running Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote... | 7.4 | HIGH | β | 0 |
| CVE-2022-22369 IBM Workload Scheduler 9.4 and 9.5 could allow a local user to overwrite key system files which would cause the system to crash. IBM X-Force ID: 221187. | 7.1 | HIGH | β | 0 |
| CVE-2022-22411 IBM Spectrum Scale Data Access Services (DAS) 5.1.3.1 could allow an authenticated user to insert code which could allow the attacker to manipulate cluster resources due to excessive permissions. IBM ... | 6.5 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.