‼ CVE-2022-44704 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Windows Sysmon Elevation of Privilege Vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44702 ‼
📖 Read
via "National Vulnerability Database".
Windows Terminal Remote Code Execution Vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44707 ‼
📖 Read
via "National Vulnerability Database".
Windows Kernel Denial of Service Vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44713 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Outlook for Mac Spoofing Vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44699 ‼
📖 Read
via "National Vulnerability Database".
Azure Network Watcher Agent Security Feature Bypass Vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44697 ‼
📖 Read
via "National Vulnerability Database".
Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41121, CVE-2022-44671, CVE-2022-44680.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44696 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44694, CVE-2022-44695.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-45005 ‼
📖 Read
via "National Vulnerability Database".
IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the cmd_get_ping_output function.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44710 ‼
📖 Read
via "National Vulnerability Database".
DirectX Graphics Kernel Elevation of Privilege Vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-47211 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Office Graphics Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26804, CVE-2022-26805, CVE-2022-26806, CVE-2022-44692, CVE-2022-47212, CVE-2022-47213.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44695 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44694, CVE-2022-44696.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44698 ‼
📖 Read
via "National Vulnerability Database".
Windows SmartScreen Security Feature Bypass Vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44708 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-47212 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Office Graphics Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26804, CVE-2022-26805, CVE-2022-26806, CVE-2022-44692, CVE-2022-47211, CVE-2022-47213.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-47213 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Office Graphics Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26804, CVE-2022-26805, CVE-2022-26806, CVE-2022-44692, CVE-2022-47211, CVE-2022-47212.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46381 ‼
📖 Read
via "National Vulnerability Database".
Certain Linear eMerge E3-Series devices are vulnerable to XSS via the type parameter (e.g., to the badging/badge_template_v0.php component). This affects 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-41653 ‼
📖 Read
via "National Vulnerability Database".
Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to an attacker obtaining user login credentials and control the system.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23499 ‼
📖 Read
via "National Vulnerability Database".
HTML sanitizer is written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values. In versions prior to 1.5.0 or 2.1.1, malicious markup used in a sequence with special HTML CDATA sections cannot be filtered and sanitized due to a parsing issue in the upstream package masterminds/html5. This allows bypassing the cross-site scripting mechanism of typo3/html-sanitizer. The upstream package masterminds/html5 provides HTML raw text elements (`script`, `style`, `noframes`, `noembed` and `iframe`) as DOMText nodes, which were not processed and sanitized further. None of the mentioned elements were defined in the default builder configuration, that's why only custom behaviors, using one of those tag names, were vulnerable to cross-site scripting. This issue has been fixed in versions 1.5.0 and 2.1.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2660 ‼
📖 Read
via "National Vulnerability Database".
Delta Industrial Automation DIALink versions 1.4.0.0 and prior are vulnerable to the use of a hard-coded cryptographic key which could allow an attacker to decrypt sensitive data and compromise the machine.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2947 ‼
📖 Read
via "National Vulnerability Database".
Altair HyperView Player versions 2021.1.0.27 and prior perform operations on a memory buffer but can read from or write to a memory location outside of the intended boundary of the buffer. This hits initially as a read access violation, leading to a memory corruption situation.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38355 ‼
📖 Read
via "National Vulnerability Database".
Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to attackers with access to the local area network (LAN) to disclose sensitive information stored by the affected product without requiring authentication.📖 Read
via "National Vulnerability Database".