Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2022-23297 Windows NT Lan Manager Datagram Receiver Driver Information Disclosure Vulnerability | 5.5 | MEDIUM | — | 0 |
| CVE-2022-23298 Windows NT OS Kernel Elevation of Privilege Vulnerability | 7.0 | HIGH | — | 0 |
| CVE-2022-23299 Windows PDEV Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2022-24454 Windows Security Support Provider Interface Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2022-24455 Windows CD-ROM Driver Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2022-24456 HEVC Video Extensions Remote Code Execution Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2022-24457 HEIF Image Extensions Remote Code Execution Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2022-24459 Windows Fax and Scan Service Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2022-24501 VP9 Video Extensions Remote Code Execution Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2022-24460 Tablet Windows User Interface Application Elevation of Privilege Vulnerability | 7.0 | HIGH | — | 0 |
| CVE-2022-24461 Microsoft Office Visio Remote Code Execution Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2022-24462 Microsoft Word Security Feature Bypass Vulnerability | 5.5 | MEDIUM | — | 0 |
| CVE-2022-24463 Microsoft Exchange Server Spoofing Vulnerability | 6.5 | MEDIUM | — | 0 |
| CVE-2022-24464 .NET and Visual Studio Denial of Service Vulnerability | 7.5 | HIGH | — | 0 |
| CVE-2022-24465 Microsoft Intune Portal for iOS Security Feature Bypass Vulnerability | 3.3 | LOW | — | 0 |
| CVE-2022-24467 Azure Site Recovery Remote Code Execution Vulnerability | 7.2 | HIGH | — | 0 |
| CVE-2022-24502 Windows HTML Platforms Security Feature Bypass Vulnerability | 4.3 | MEDIUM | — | 0 |
| CVE-2022-24505 Windows ALPC Elevation of Privilege Vulnerability | 7.0 | HIGH | — | 0 |
| CVE-2022-24506 Azure Site Recovery Elevation of Privilege Vulnerability | 6.5 | MEDIUM | — | 0 |
| CVE-2022-24507 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2022-24508 Win32 File Enumeration Remote Code Execution Vulnerability | 8.8 | HIGH | — | 0 |
| CVE-2022-24519 Azure Site Recovery Elevation of Privilege Vulnerability | 6.5 | MEDIUM | — | 0 |
| CVE-2022-24509 Microsoft Office Visio Remote Code Execution Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2022-24510 Microsoft Office Visio Remote Code Execution Vulnerability | 7.8 | HIGH | — | 0 |
| CVE-2022-24511 Microsoft Office Word Tampering Vulnerability | 5.5 | MEDIUM | — | 0 |
| CVE-2022-24512 .NET and Visual Studio Remote Code Execution Vulnerability | 6.3 | MEDIUM | — | 0 |
| CVE-2022-24515 Azure Site Recovery Elevation of Privilege Vulnerability | 6.5 | MEDIUM | — | 0 |
| CVE-2022-24517 Azure Site Recovery Remote Code Execution Vulnerability | 7.2 | HIGH | — | 0 |
| CVE-2022-24518 Azure Site Recovery Elevation of Privilege Vulnerability | 6.5 | MEDIUM | — | 0 |
| CVE-2022-24522 Skype Extension for Chrome Information Disclosure Vulnerability | 6.5 | MEDIUM | — | 0 |
| CVE-2022-24525 Windows Update Stack Elevation of Privilege Vulnerability | 7.0 | HIGH | — | 0 |
| CVE-2022-24526 Visual Studio Code Spoofing Vulnerability | 6.1 | MEDIUM | — | 0 |
| CVE-2022-0022 Usage of a weak cryptographic algorithm in Palo Alto Networks PAN-OS software where the password hashes of administrator and local user accounts are not created with a sufficient level of computationa... | 4.1 | MEDIUM | — | 0 |
| CVE-2022-0715 A CWE-287: Improper Authentication vulnerability exists that could cause an attacker to arbitrarily change the behavior of the UPS when a key is leaked and used to upload malicious firmware. Affected ... | 9.1 | CRITICAL | — | 0 |
| CVE-2022-22511 Various configuration pages of the device are vulnerable to reflected XSS (Cross-Site Scripting) attacks. An authorized attacker with user privileges may use this to gain access to confidential inform... | 5.4 | MEDIUM | — | 0 |
| CVE-2025-23895 Cross-Site Request Forgery (CSRF) vulnerability in Dan Cameron Add RSS allows Stored XSS.This issue affects Add RSS: from n/a through 1.5. | 7.1 | HIGH | — | 0 |
| CVE-2022-22805 A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affe... | 9.8 | CRITICAL | — | 0 |
| CVE-2022-22806 A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Fa... | 9.8 | CRITICAL | — | 0 |
| CVE-2022-24732 Maddy Mail Server is an open source SMTP compatible email server. Versions of maddy prior to 0.5.4 do not implement password expiry or account expiry checking when authenticating using PAM. Users are ... | 6.3 | MEDIUM | — | 0 |
| CVE-2022-24734 MyBB is a free and open source forum software. In affected versions the Admin CP's Settings management module does not validate setting types correctly on insertion and update, making it possible to a... | 7.2 | HIGH | — | 0 |
| CVE-2022-35460 OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x61731f. | 6.5 | MEDIUM | — | 0 |
| CVE-2022-24741 Nextcloud server is an open source, self hosted cloud style services platform. In affected versions an attacker can cause a denial of service by uploading specially crafted files which will cause the ... | 3.5 | LOW | — | 0 |
| CVE-2021-22783 A CWE-200: Information Exposure vulnerability exists which could allow a session hijack when the door panel is communicating with the door. Affected Product: Ritto Wiser Door (All versions) | 8.8 | HIGH | — | 0 |
| CVE-2022-24322 A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineerin... | 5.3 | MEDIUM | — | 0 |
| CVE-2022-24323 A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists that could cause a disruption of communication between the Modicon controller and the engineering software, when an... | 5.3 | MEDIUM | — | 0 |
| CVE-2022-24744 Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In affected versions user sessions are not logged out if the password is reset via password r... | 2.6 | LOW | — | 0 |
| CVE-2022-24745 Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In affected versions guest sessions are shared between customers when HTTP cache is enabled. ... | 4.8 | MEDIUM | — | 0 |
| CVE-2022-24746 Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In affected versions it is possible to inject code via the voucher code form. This issue has ... | 6.1 | MEDIUM | — | 0 |
| CVE-2022-24747 Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. Affected versions of shopware do no properly set sensitive HTTP headers to be non-cacheable. ... | 6.3 | MEDIUM | — | 0 |
| CVE-2022-24748 Shopware is an open commerce platform based on the Symfony php Framework and the Vue javascript framework. In versions prior to 6.4.8.2 it is possible to modify customers and to create orders without ... | 6.8 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.