ReportizFlow
Filtered by vendor Microsoft
Subscriptions
Filtered by product Windows
Subscriptions
Total
8896 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-4439 | 2 Google, Microsoft | 2 Chrome, Windows | 2024-11-21 | 8.8 High |
| Use after free in Aura in Google Chrome on Windows prior to 108.0.5359.124 allowed a remote attacker who convinced the user to engage in specific UI interactions to potentially exploit heap corruption via specific UI interactions. (Chromium security severity: High) | ||||
| CVE-2022-4187 | 2 Google, Microsoft | 2 Chrome, Windows | 2024-11-21 | 6.5 Medium |
| Insufficient policy enforcement in DevTools in Google Chrome on Windows prior to 108.0.5359.71 allowed a remote attacker to bypass filesystem restrictions via a crafted HTML page. (Chromium security severity: Medium) | ||||
| CVE-2022-4146 | 4 Hitachi, Linux, Microsoft and 1 more | 4 Replication Manager, Linux Kernel, Windows and 1 more | 2024-11-21 | 7.3 High |
| Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux, Solaris allows Code Injection.This issue affects Hitachi Replication Manager: before 8.8.5-02. | ||||
| CVE-2022-48183 | 3 Lenovo, Linux, Microsoft | 6 Thinkpad T14s Gen 3, Thinkpad T14s Gen 3 Firmware, Thinkpad X13 Gen 3 and 3 more | 2024-11-21 | 6.1 Medium |
| A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access. | ||||
| CVE-2022-48182 | 3 Lenovo, Linux, Microsoft | 6 Thinkpad T14s Gen 3, Thinkpad T14s Gen 3 Firmware, Thinkpad X13 Gen 3 and 3 more | 2024-11-21 | 6.1 Medium |
| A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access. | ||||
| CVE-2022-47637 | 3 Apachefriends, Microsoft, Xampp | 3 Xampp, Windows, Apache Distribution | 2024-11-21 | 6.7 Medium |
| The installer in XAMPP through 8.1.12 allows local users to write to the C:\xampp directory. Common use cases execute files under C:\xampp with administrative privileges. | ||||
| CVE-2022-47631 | 2 Microsoft, Razer | 2 Windows, Synapse | 2024-11-21 | 7.8 High |
| Razer Synapse through 3.7.1209.121307 allows privilege escalation due to an unsafe installation path and improper privilege management. Attackers can place DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed and if they deny write access for the SYSTEM user. Although the service will not start if it detects malicious DLLs in this directory, attackers can exploit a race condition and replace a valid DLL (i.e., a copy of a legitimate Razer DLL) with a malicious DLL after the service has already checked the file. As a result, local Windows users can abuse the Razer driver installer to obtain administrative privileges on Windows. | ||||
| CVE-2022-46869 | 2 Acronis, Microsoft | 2 Cyber Protect Home Office, Windows | 2024-11-21 | 7.8 High |
| Local privilege escalation during installation due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40278. | ||||
| CVE-2022-46868 | 2 Acronis, Microsoft | 2 Cyber Protect Home Office, Windows | 2024-11-21 | 7.8 High |
| Local privilege escalation during recovery due to improper soft link handling. The following products are affected: Acronis Cyber Protect Home Office (Windows) before build 40173. | ||||
| CVE-2022-46647 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2024-11-21 | 2.5 Low |
| Insertion of sensitive information into log file for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2022-46646 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2024-11-21 | 2.2 Low |
| Exposure of sensitive information to an unauthorized actor for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2022-46301 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2024-11-21 | 1.9 Low |
| Improper Initialization for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access. | ||||
| CVE-2022-46299 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2024-11-21 | 3.3 Low |
| Insufficient control flow management for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2022-46298 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2024-11-21 | 1.9 Low |
| Incomplete cleanup for some Intel Unison software may allow a privileged user to potentially enable denial of service via local access. | ||||
| CVE-2022-45469 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2024-11-21 | 2.2 Low |
| Improper input validation for some Intel Unison software may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-45109 | 4 Apple, Google, Intel and 1 more | 4 Iphone Os, Android, Unison Software and 1 more | 2024-11-21 | 3.3 Low |
| Improper initialization for some Intel Unison software may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2022-43893 | 3 Apple, Ibm, Microsoft | 3 Macos, Security Verify Privilege On-premises, Windows | 2024-11-21 | 2.7 Low |
| IBM Security Verify Privilege On-Premises 11.5 could allow a privileged user to cause by using a malicious payload. IBM X-Force ID: 240634. | ||||
| CVE-2022-43892 | 3 Apple, Ibm, Microsoft | 3 Macos, Security Verify Privilege On-premises, Windows | 2024-11-21 | 3.7 Low |
| IBM Security Verify Privilege On-Premises 11.5 does not validate, or incorrectly validates, a certificate which could disclose sensitive information which could aid further attacks against the system. IBM X-Force ID: 240455. | ||||
| CVE-2022-43891 | 3 Apple, Ibm, Microsoft | 3 Macos, Security Verify Privilege On-premises, Windows | 2024-11-21 | 2.7 Low |
| IBM Security Verify Privilege On-Premises 11.5 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 240454. | ||||
| CVE-2022-43889 | 3 Apple, Ibm, Microsoft | 3 Macos, Security Verify Privilege On-premises, Windows | 2024-11-21 | 5.3 Medium |
| IBM Security Verify Privilege On-Premises 11.5 could disclose sensitive information through an HTTP request that could aid an attacker in further attacks against the system. IBM X-Force ID: 240452. | ||||