CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2022-38031 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-38032 Windows Portable Device Enumerator Service Security Feature Bypass Vulnerability | 6.6 | MEDIUM | β | 0 |
| CVE-2022-38033 Windows Server Remotely Accessible Registry Keys Information Disclosure Vulnerability | 6.5 | MEDIUM | β | 0 |
| CVE-2023-21720 Microsoft Edge (Chromium-based) Tampering Vulnerability | 5.3 | MEDIUM | β | 0 |
| CVE-2022-38034 Windows Workstation Service Elevation of Privilege Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-38036 Internet Key Exchange (IKE) Protocol Denial of Service Vulnerability | 7.5 | HIGH | β | 0 |
| CVE-2022-38037 Windows Kernel Elevation of Privilege Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-38038 Windows Kernel Elevation of Privilege Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2023-23374 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | 8.3 | HIGH | β | 0 |
| CVE-2022-38039 Windows Kernel Elevation of Privilege Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-38040 Microsoft ODBC Driver Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-38041 Windows Secure Channel Denial of Service Vulnerability | 7.5 | HIGH | β | 0 |
| CVE-2022-38042 Active Directory Domain Services Elevation of Privilege Vulnerability | 7.1 | HIGH | β | 0 |
| CVE-2023-29150 mySCADA myPRO versions 8.26.0 and prior has parameters which an authenticated user could exploit to inject arbitrary operating system commands. | 8.8 | HIGH | β | 0 |
| CVE-2022-38043 Windows Security Support Provider Interface Information Disclosure Vulnerability | 5.5 | MEDIUM | β | 0 |
| CVE-2022-38044 Windows CD-ROM File System Driver Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-38045 Windows Server Service Elevation of Privilege Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-38046 Web Account Manager Information Disclosure Vulnerability | 7.5 | HIGH | β | 0 |
| CVE-2022-38047 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 8.1 | HIGH | β | 0 |
| CVE-2022-38048 Microsoft Office Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-38049 Microsoft Office Graphics Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-38050 Win32k Elevation of Privilege Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-41037 Microsoft SharePoint Server Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-38051 Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-38053 Microsoft SharePoint Server Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-41031 Microsoft Word Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-41034 Visual Studio Code Remote Code Execution Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-41035 Microsoft Edge (Chromium-based) Spoofing Vulnerability | 5.3 | MEDIUM | β | 0 |
| CVE-2022-41036 Microsoft SharePoint Server Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-41038 Microsoft SharePoint Server Remote Code Execution Vulnerability | 8.8 | HIGH | β | 0 |
| CVE-2022-41042 Visual Studio Code Information Disclosure Vulnerability | 7.4 | HIGH | β | 0 |
| CVE-2022-41043 Microsoft Office Information Disclosure Vulnerability | 3.3 | LOW | β | 0 |
| CVE-2022-41081 Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | 8.1 | HIGH | β | 0 |
| CVE-2022-41083 Visual Studio Code Elevation of Privilege Vulnerability | 7.8 | HIGH | β | 0 |
| CVE-2022-27624 A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the packet decryption functionality of Out-of-Band (OOB) Management. This allows remote at... | 10.0 | CRITICAL | β | 0 |
| CVE-2022-27625 A vulnerability regarding improper restriction of operations within the bounds of a memory buffer is found in the message processing functionality of Out-of-Band (OOB) Management. This allows remote a... | 10.0 | CRITICAL | β | 0 |
| CVE-2022-27626 A vulnerability regarding concurrent execution using shared resource with improper synchronization ('Race Condition') is found in the session processing functionality of Out-of-Band (OOB) Management. ... | 10.0 | CRITICAL | β | 0 |
| CVE-2022-3576 A vulnerability regarding out-of-bounds read is found in the session processing functionality of Out-of-Band (OOB) Management. This allows remote attackers to obtain sensitive information via unspecif... | 5.3 | MEDIUM | β | 0 |
| CVE-2022-27622 Server-Side Request Forgery (SSRF) vulnerability in Package Center functionality in Synology DiskStation Manager (DSM) before 7.1-42661 allows remote authenticated users to access intranet resources v... | 4.1 | MEDIUM | β | 0 |
| CVE-2022-27623 Missing authentication for critical function vulnerability in iSCSI management functionality in Synology DiskStation Manager (DSM) before 7.1-42661 allows remote attackers to read or write arbitrary f... | 7.4 | HIGH | β | 0 |
| CVE-2022-46144 A vulnerability has been identified in SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions < V2.3), SCALANCE SC622-2C (6GK5622-2GS00-2AC2) (All versions >= V2.3 < V3.0), SCALANCE SC626-2C (6GK5626-2G... | 6.5 | MEDIUM | β | 0 |
| CVE-2022-37966 Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability | 8.1 | HIGH | β | 0 |
| CVE-2022-37967 Windows Kerberos Elevation of Privilege Vulnerability | 7.2 | HIGH | β | 0 |
| CVE-2022-38023 Netlogon RPC Elevation of Privilege Vulnerability | 8.1 | HIGH | β | 0 |
| CVE-2022-41064 .NET Framework Information Disclosure Vulnerability | 5.8 | MEDIUM | β | 0 |
| CVE-2022-24480 Outlook for Android Elevation of Privilege Vulnerability | 6.3 | MEDIUM | β | 0 |
| CVE-2022-41889 TensorFlow is an open source platform for machine learning. If a list of quantized tensors is assigned to an attribute, the pywrap code fails to parse the tensor and returns a `nullptr`, which is not ... | 5.5 | MEDIUM | β | 0 |
| CVE-2022-46140 Affected devices use a weak encryption scheme to encrypt the debug zip file. This could allow an authenticated attacker to decrypt the contents of the file and retrieve debug information about the sys... | 6.5 | MEDIUM | β | 0 |
| CVE-2022-46142 Affected devices store the CLI user passwords encrypted in flash memory. Attackers with physical access to the device could retrieve the file and decrypt the CLI user passwords. | 5.7 | MEDIUM | β | 0 |
| CVE-2022-46143 Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data. | 2.7 | LOW | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.