Skip to main content
CVE-2022-26773 HIGH This Week

A logic issue was addressed with improved state management. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Microsoft Itunes
NVD
CVSS 3.1
7.1
EPSS
0.5%
CVE-2022-26698 HIGH This Week

An out-of-bounds read issue was addressed with improved bounds checking. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
7.1
EPSS
0.9%
CVE-2022-26697 HIGH This Week

An out-of-bounds read issue was addressed with improved input validation. Rated high severity (CVSS 7.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
7.1
EPSS
1.0%
CVE-2022-21827 HIGH This Week

An improper privilege vulnerability has been discovered in Citrix Gateway Plug-in for Windows (Citrix Secure Access for Windows) <21.9.1.2 what could allow an attacker who has gained local access to. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Microsoft Citrix Gateway Plug In
NVD
CVSS 3.1
7.1
EPSS
0.2%
CVE-2022-26743 HIGH This Week

An out-of-bounds write issue was addressed with improved bounds checking. Rated high severity (CVSS 7.0). No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple macOS
NVD
CVSS 3.1
7.0
EPSS
0.2%
CVE-2022-26865 MEDIUM This Month

Dell Support Assist OS Recovery versions before 5.5.2 contain an Authentication Bypass vulnerability. Rated medium severity (CVSS 6.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass RCE Dell Supportassist Os Recovery
NVD
CVSS 3.1
6.8
EPSS
0.3%
CVE-2022-26691 MEDIUM PATCH This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity.

Apple Information Disclosure Cups Mac Os X macOS +2
NVD GitHub
CVSS 3.1
6.7
EPSS
0.6%
CVE-2022-30787 MEDIUM This Month

An integer underflow in fuse_lib_readdir enables arbitrary memory read operations in NTFS-3G through 2021.8.22 when using libfuse-lite. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Integer Overflow Information Disclosure Ntfs 3G Fedora Debian Linux
NVD GitHub
CVSS 3.1
6.7
EPSS
0.4%
CVE-2022-30785 MEDIUM This Month

A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ntfs 3G Fedora Debian Linux
NVD GitHub
CVSS 3.1
6.7
EPSS
0.4%
CVE-2022-30783 MEDIUM This Month

An invalid return code in fuse_kern_mount enables intercepting of libfuse-lite protocol traffic between NTFS-3G and the kernel in NTFS-3G through 2021.8.22 when using libfuse-lite. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Ntfs 3G Fedora Debian Linux
NVD GitHub
CVSS 3.1
6.7
EPSS
0.4%
CVE-2022-24418 MEDIUM This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Dell G5 5505 Firmware Inspiron 22 3275 Firmware Inspiron 24 3475 Firmware +25
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-24417 MEDIUM This Month

Dell BIOS contains an improper input validation vulnerability. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

RCE Dell Dell G5 5505 Firmware Inspiron 22 3275 Firmware Inspiron 24 3475 Firmware +25
NVD
CVSS 3.1
6.7
EPSS
0.2%
CVE-2022-30585 MEDIUM This Month

The REST API in Archer Platform 6.x before 6.11 (6.11.0.0) contains an Authorization Bypass Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Archer
NVD
CVSS 3.1
6.5
EPSS
0.8%
CVE-2022-26726 MEDIUM This Month

This issue was addressed with improved checks. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS Watchos
NVD
CVSS 3.1
6.5
EPSS
2.2%
CVE-2022-22662 MEDIUM This Month

A cookie management issue was addressed with improved state management. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS Fedora
NVD
CVSS 3.1
6.5
EPSS
1.3%
CVE-2022-24414 MEDIUM PATCH This Month

Dell EMC CloudLink 7.1.3 and all earlier versions, Auth Token is exposed in GET requests. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Dell Information Disclosure Cloudlink
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2022-20821 MEDIUM KEV THREAT This Month

A vulnerability in the health check RPM of Cisco IOS XR Software could allow an unauthenticated, remote attacker to access the Redis instance that is running within the NOSi container. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Cisco Redis Apple Information Disclosure Ios Xr
NVD
CVSS 3.1
6.5
EPSS
11.8%
CVE-2022-20809 MEDIUM This Month

Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Cisco Information Disclosure Telepresence Video Communication Server
NVD
CVSS 3.1
6.5
EPSS
0.9%
CVE-2022-26755 MEDIUM This Month

This issue was addressed with improved environment sanitization. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
6.3
EPSS
0.8%
CVE-2022-31648 MEDIUM This Month

Talend Administration Center is vulnerable to a reflected Cross-Site Scripting (XSS) issue in the SSO login endpoint. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Administration Center
NVD
CVSS 3.1
6.1
EPSS
0.5%
CVE-2022-22577 MEDIUM PATCH This Month

An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Actionpack Debian Linux
NVD
CVSS 3.1
6.1
EPSS
1.6%
CVE-2022-29091 MEDIUM This Month

Dell Unity, Dell UnityVSA, and Dell UnityXT versions prior to 5.2.0.0.5.173 contain a Reflected Cross-Site Scripting Vulnerability in Unisphere GUI. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Dell Information Disclosure Unity Operating Environment Unity Xt Operating Environment +1
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2022-26767 MEDIUM This Month

The issue was addressed with additional permissions checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2022-26766 MEDIUM This Month

A certificate parsing issue was addressed with improved checks. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Ipados Iphone Os Mac Os X +3
NVD
CVSS 3.1
5.5
EPSS
2.7%
CVE-2022-26746 MEDIUM This Month

This issue was addressed by removing the vulnerable code. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2022-26745 MEDIUM This Month

A memory corruption issue was addressed with improved validation. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Apple macOS
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2022-26728 MEDIUM This Month

This issue was addressed with improved entitlements. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2022-26727 MEDIUM This Month

This issue was addressed with improved entitlements. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
0.6%
CVE-2022-26724 MEDIUM This Month

An authentication issue was addressed with improved state management. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Tvos
NVD
CVSS 3.1
5.5
EPSS
0.2%
CVE-2022-26712 MEDIUM This Month

This issue was addressed by removing the vulnerable code. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2022-26706 MEDIUM This Month

An access issue was addressed with additional sandbox restrictions on third-party applications. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS +2
NVD
CVSS 3.1
5.5
EPSS
7.5%
CVE-2022-22676 MEDIUM This Month

An event handler validation issue in the XPC Services API was addressed by removing the service. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
5.5
EPSS
0.7%
CVE-2022-22674 MEDIUM KEV THREAT This Month

An out-of-bounds read issue existed that led to the disclosure of kernel memory. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
5.5
EPSS
1.1%
CVE-2022-22663 MEDIUM This Month

This issue was addressed with improved checks to prevent unauthorized actions. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Apple Ipados Iphone Os Mac Os X +1
NVD
CVSS 3.1
5.5
EPSS
0.9%
CVE-2022-26725 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure macOS
NVD
CVSS 3.1
5.3
EPSS
0.7%
CVE-2022-26765 MEDIUM This Month

A race condition was addressed with improved state handling. Rated medium severity (CVSS 4.7). No vendor patch available.

Authentication Bypass Race Condition Apple Ipados Iphone Os +3
NVD
CVSS 3.1
4.7
EPSS
0.2%
CVE-2022-26764 MEDIUM This Month

A memory corruption issue was addressed with improved validation. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Memory Corruption RCE Buffer Overflow Apple Ipados +4
NVD
CVSS 3.1
4.7
EPSS
0.8%
CVE-2022-26690 MEDIUM This Month

Description: A race condition was addressed with additional validation. Rated medium severity (CVSS 4.7), this vulnerability is no authentication required. No vendor patch available.

Race Condition Apple Information Disclosure macOS
NVD
CVSS 3.1
4.7
EPSS
1.6%
CVE-2022-29082 MEDIUM This Month

Dell EMC NetWorker versions 19.1.x, 19.1.0.x, 19.1.1.x, 19.2.x, 19.2.0.x, 19.2.1.x 19.3.x, 19.3.0.x, 19.4.x, 19.4.0.x, 19.5.x,19.5.0.x, 19.6 and 19.6.0.1 and 19.6.0.2 contain an Improper Validation. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Dell Information Disclosure Emc Networker
NVD
CVSS 3.1
4.6
EPSS
0.3%
CVE-2022-26688 MEDIUM This Month

An issue in the handling of symlinks was addressed with improved validation. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. No vendor patch available.

Apple Information Disclosure Mac Os X macOS
NVD
CVSS 3.1
4.4
EPSS
0.4%
CVE-2022-26731 MEDIUM This Month

A logic issue was addressed with improved state management. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os macOS
NVD
CVSS 3.1
4.3
EPSS
0.9%
CVE-2022-26703 LOW Monitor

An authorization issue was addressed with improved state management. Rated low severity (CVSS 2.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apple Information Disclosure Ipados Iphone Os
NVD
CVSS 3.1
2.4
EPSS
0.3%
Prev Page 3 of 3

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy