Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2022-35227 A vulnerability in SAP NW EP (WPC) - versions 7.30, 7.31, 7.40, 7.50, which does not sufficiently validate user-controlled input, allows a remote attacker to conduct a Cross-Site (XSS) scripting attac... | 6.1 | MEDIUM | — | 0 |
| CVE-2022-35228 SAP BusinessObjects CMC allows an unauthenticated attacker to retrieve token information over the network which would otherwise be restricted. This can be achieved only when a legitimate user accesses... | 8.8 | HIGH | — | 0 |
| CVE-2022-29600 The oelib (aka One is Enough Library) extension through 4.1.5 for TYPO3 allows SQL Injection. | 9.8 | CRITICAL | — | 0 |
| CVE-2022-29601 The seminars (aka Seminar Manager) extension through 4.1.3 for TYPO3 allows SQL Injection. | 9.8 | CRITICAL | — | 0 |
| CVE-2022-30181 Azure Site Recovery Elevation of Privilege Vulnerability | 6.5 | MEDIUM | — | 0 |
| CVE-2022-31102 Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with 2.3.0 and prior to 2.3.6 and 2.4.5 is vulnerable to a cross-site scripting (XSS) bug which could allow a... | 2.6 | LOW | — | 0 |
| CVE-2022-31105 Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.4.0 and prior to 2.2.11, 2.3.6, and 2.4.5 is vulnerable to an improper certificate validation ... | 8.3 | HIGH | — | 0 |
| CVE-2022-33154 The schema (aka Embedding schema.org vocabulary) extension before 1.13.1 and 2.x before 2.5.1 for TYPO3 allows XSS. | 5.4 | MEDIUM | — | 0 |
| CVE-2022-33155 The ameos_tarteaucitron (aka AMEOS - TarteAuCitron GDPR cookie banner and tracking management / French RGPD compatible) extension before 1.2.23 for TYPO3 allows XSS. | 5.4 | MEDIUM | — | 0 |
| CVE-2022-35403 Zoho ManageEngine ServiceDesk Plus before 13008, ServiceDesk Plus MSP before 10606, and SupportCenter Plus before 11022 are affected by an unauthenticated local file disclosure vulnerability via ticke... | 7.5 | HIGH | — | 0 |
| CVE-2022-21845 Windows Kernel Information Disclosure Vulnerability | 4.7 | MEDIUM | — | 0 |
| CVE-2022-22022 Windows Print Spooler Elevation of Privilege Vulnerability | 7.1 | HIGH | — | 0 |
| CVE-2022-22028 Windows Network File System Information Disclosure Vulnerability | 5.9 | MEDIUM | — | 0 |
| CVE-2022-22029 Windows Network File System Remote Code Execution Vulnerability | 8.1 | HIGH | — | 0 |
| CVE-2022-22031 Windows Credential Guard Domain-joined Public Key Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2022-22034 Windows Graphics Component Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2022-22036 Performance Counters for Windows Elevation of Privilege Vulnerability | 7.0 | HIGH | — | 0 |
| CVE-2022-22037 Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | 7.5 | HIGH | — | 0 |
| CVE-2022-30187 Azure Storage Library Information Disclosure Vulnerability | 4.7 | MEDIUM | — | 0 |
| CVE-2022-22038 Remote Procedure Call Runtime Remote Code Execution Vulnerability | 8.1 | HIGH | — | 0 |
| CVE-2022-22039 Windows Network File System Remote Code Execution Vulnerability | 7.5 | HIGH | — | 0 |
| CVE-2022-22040 Internet Information Services Dynamic Compression Module Denial of Service Vulnerability | 7.3 | HIGH | — | 0 |
| CVE-2022-22041 Windows Print Spooler Elevation of Privilege Vulnerability | 6.8 | MEDIUM | — | 0 |
| CVE-2022-22042 Windows Hyper-V Information Disclosure Vulnerability | 6.5 | MEDIUM | — | 0 |
| CVE-2022-22043 Windows Fast FAT File System Driver Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2022-30202 Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | 7.0 | HIGH | — | 0 |
| CVE-2022-30203 Windows Boot Manager Security Feature Bypass Vulnerability | 7.4 | HIGH | — | 0 |
| CVE-2022-22045 Windows.Devices.Picker.dll Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2022-22048 BitLocker Security Feature Bypass Vulnerability | 6.1 | MEDIUM | — | 0 |
| CVE-2022-22049 Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2022-22050 Windows Fax Service Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2022-22711 Windows BitLocker Information Disclosure Vulnerability | 5.7 | MEDIUM | — | 0 |
| CVE-2022-29602 The gridelements (aka Grid Elements) extension through 7.6.1, 8.x through 8.7.0, 9.x through 9.7.0, and 10.x through 10.2.0 extension for TYPO3 allows XSS. | 5.4 | MEDIUM | — | 0 |
| CVE-2022-30205 Windows Group Policy Elevation of Privilege Vulnerability | 6.6 | MEDIUM | — | 0 |
| CVE-2022-30212 Windows Connected Devices Platform Service Information Disclosure Vulnerability | 4.7 | MEDIUM | — | 0 |
| CVE-2022-30213 Windows GDI+ Information Disclosure Vulnerability | 5.5 | MEDIUM | — | 0 |
| CVE-2022-30214 Windows DNS Server Remote Code Execution Vulnerability | 6.6 | MEDIUM | — | 0 |
| CVE-2022-30215 Active Directory Federation Services Elevation of Privilege Vulnerability | 7.5 | HIGH | — | 0 |
| CVE-2022-30216 Windows Server Service Tampering Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2022-30220 Windows Common Log File System Driver Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2022-30221 Windows Graphics Component Remote Code Execution Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2022-30222 Windows Shell Remote Code Execution Vulnerability | 8.4 | HIGH | — | 0 |
| CVE-2022-30223 Windows Hyper-V Information Disclosure Vulnerability | 5.7 | MEDIUM | — | 0 |
| CVE-2022-30224 Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | 7.0 | HIGH | — | 0 |
| CVE-2022-30225 Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability | 7.1 | HIGH | — | 0 |
| CVE-2022-30226 Windows Print Spooler Elevation of Privilege Vulnerability | 7.1 | HIGH | — | 0 |
| CVE-2022-30517 Mogu blog 5.2 is vulnerable to Cross Site Scripting (XSS). | 6.1 | MEDIUM | — | 0 |
| CVE-2022-33156 The matomo_integration (aka Matomo Integration) extension before 1.3.2 for TYPO3 allows XSS. | 6.1 | MEDIUM | — | 0 |
| CVE-2022-33157 The libconnect extension before 7.0.8 and 8.x before 8.1.0 for TYPO3 allows XSS. | 6.1 | MEDIUM | — | 0 |
| CVE-2022-33632 Microsoft Office Security Feature Bypass Vulnerability | 4.7 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.