Total
29578 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-20327 | 1 Cisco | 13 Asr 9000v-v2, Asr 9001, Asr 9006 and 10 more | 2025-05-06 | 7.4 High |
| A vulnerability in the PPP over Ethernet (PPPoE) termination feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to crash the ppp_ma process, resulting in a denial of service (DoS) condition. This vulnerability is due to the improper handling of malformed PPPoE packets that are received on a router that is running Broadband Network Gateway (BNG) functionality with PPPoE termination on a Lightspeed-based or Lightspeed-Plus-based line card. An attacker could exploit this vulnerability by sending a crafted PPPoE packet to an affected line card interface that does not terminate PPPoE. A successful exploit could allow the attacker to crash the ppp_ma process, resulting in a DoS condition for PPPoE traffic across the router. | ||||
| CVE-2022-43563 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2025-05-05 | 8.1 High |
| In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the rex search command handles field names lets an attacker bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards . The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. The attacker cannot exploit the vulnerability at will. | ||||
| CVE-2022-43565 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2025-05-05 | 8.1 High |
| In Splunk Enterprise versions below 8.2.9 and 8.1.12, the way that the ‘tstats command handles Javascript Object Notation (JSON) lets an attacker bypass SPL safeguards for risky commands https://docs.splunk.com/Documentation/SplunkCloud/latest/Security/SPLsafeguards . The vulnerability requires the attacker to phish the victim by tricking them into initiating a request within their browser. | ||||
| CVE-2022-42788 | 1 Apple | 1 Macos | 2025-05-05 | 5.5 Medium |
| A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in macOS Ventura 13. A malicious application may be able to read sensitive location information. | ||||
| CVE-2022-28709 | 1 Intel | 2 Ethernet Controller E810, Ethernet Controller E810 Firmware | 2025-05-05 | 4.4 Medium |
| Improper access control in the firmware for some Intel(R) E810 Ethernet Controllers before version 1.6.1.9 may allow a privileged user to potentially enable denial of service via local access. | ||||
| CVE-2022-28356 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-05-05 | 5.5 Medium |
| In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. | ||||
| CVE-2022-26017 | 1 Intel | 1 Driver \& Support Assistant | 2025-05-05 | 8 High |
| Improper access control in the Intel(R) DSA software for before version 22.2.14 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. | ||||
| CVE-2022-25966 | 1 Intel | 1 Edge Insights For Industrial | 2025-05-05 | 7.8 High |
| Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-23182 | 1 Intel | 1 Data Center Manager | 2025-05-05 | 8.8 High |
| Improper access control in the Intel(R) Data Center Manager software before version 4.1 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | ||||
| CVE-2022-21812 | 1 Intel | 1 Hardware Accelerated Execution Manager | 2025-05-05 | 7.8 High |
| Improper access control in the Intel(R) HAXM software before version 7.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-21793 | 2 Intel, Vmware | 10 82599 10 Gigabit Ethernet Controller, Ethernet Controller X540, Ethernet Controller X550 and 7 more | 2025-05-05 | 5.5 Medium |
| Insufficient control flow management in the Intel(R) Ethernet 500 Series Controller drivers for VMWare before version 1.11.4.0 and in the Intel(R) Ethernet 700 Series Controller drivers for VMWare before version 2.1.5.0 may allow an authenticated user to potentially enable a denial of service via local access. | ||||
| CVE-2022-21225 | 1 Intel | 1 Data Center Manager | 2025-05-05 | 8 High |
| Improper neutralization in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. | ||||
| CVE-2022-21174 | 1 Intel | 1 Quartus Prime | 2025-05-05 | 7.8 High |
| Improper access control in a third-party component of Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-21157 | 1 Intel | 1 Smart Campus | 2025-05-05 | 5.5 Medium |
| Improper access control in the Intel(R) Smart Campus Android application before version 6.1 may allow authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2022-21153 | 1 Intel | 1 Capital Global Summit | 2025-05-05 | 5.5 Medium |
| Improper access control in the Intel(R) Capital Global Summit Android application may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2022-21152 | 1 Intel | 1 Edge Insights For Industrial | 2025-05-05 | 5.5 Medium |
| Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2022-21151 | 3 Debian, Intel, Netapp | 796 Debian Linux, Celeron J1750, Celeron J1750 Firmware and 793 more | 2025-05-05 | 5.5 Medium |
| Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2022-21148 | 1 Intel | 1 Edge Insights For Industrial | 2025-05-05 | 7.8 High |
| Improper access control in the Intel(R) Edge Insights for Industrial software before version 2.6.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-21140 | 1 Intel | 36 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3165 Firmware, Dual Band Wireless-ac 3168 and 33 more | 2025-05-05 | 5.5 Medium |
| Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable information disclosure via local access. | ||||
| CVE-2022-21131 | 1 Intel | 292 Core I9-7900x, Core I9-7900x Firmware, Core I9-7920x and 289 more | 2025-05-05 | 5.5 Medium |
| Improper access control for some Intel(R) Xeon(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | ||||