| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2022-33000 | The ML-Scanner package in PyPI v0.1.0 to v0.1.5 was discovered to contain a code execution backdoor ... | E | |
| CVE-2022-33001 | The AAmiles package in PyPI v0.1.0 was discovered to contain a code execution backdoor via the reque... | E | |
| CVE-2022-33002 | The KGExplore package in PyPI v0.1.1 to v0.1.2 was discovered to contain a code execution backdoor v... | E | |
| CVE-2022-33003 | The watools package in PyPI v0.0.1 to v0.0.8 was discovered to contain a code execution backdoor via... | E | |
| CVE-2022-33004 | The Beginner package in PyPI v0.0.2 to v0.0.4 was discovered to contain a code execution backdoor vi... | E | |
| CVE-2022-33005 | A cross-site scripting (XSS) vulnerability in the System Settings/IOT Settings module of Delta Elect... | E | |
| CVE-2022-33007 | TRENDnet Wi-Fi routers TEW751DR v1.03 and TEW-752DRU v1.03 were discovered to contain a stack overfl... | E | |
| CVE-2022-33009 | A stored cross-site scripting (XSS) vulnerability in LightCMS v1.3.11 allows attackers to execute ar... | E | |
| CVE-2022-33010 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2022-33011 | Known v1.3.1+2020120201 was discovered to allow attackers to perform an account takeover via a host ... | E | |
| CVE-2022-33012 | Microweber v1.2.15 was discovered to allow attackers to perform an account takeover via a host heade... | E | |
| CVE-2022-33014 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2022-33015 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2022-33016 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2022-33021 | CVA6 commit 909d85a accesses invalid memory when reading the value of MHPMCOUNTER30.... | E | |
| CVE-2022-33023 | CVA6 commit 909d85a gives incorrect permission to use special multiplication units when the format o... | | |
| CVE-2022-33024 | There is an Assertion `int decode_preR13_entities(BITCODE_RL, BITCODE_RL, unsigned int, BITCODE_RL, ... | E | |
| CVE-2022-33025 | LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function decode_preR13... | E | |
| CVE-2022-33026 | LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function bit_calc_CRC... | E | |
| CVE-2022-33027 | LibreDWG v0.12.4.4608 was discovered to contain a heap-use-after-free via the function dwg_add_handl... | E | |
| CVE-2022-33028 | LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function dwg_add_obje... | E | |
| CVE-2022-33032 | LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR1... | E | |
| CVE-2022-33033 | LibreDWG v0.12.4.4608 was discovered to contain a double-free via the function dwg_read_file at dwg.... | E | |
| CVE-2022-33034 | LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at deco... | E | |
| CVE-2022-33035 | XLPD v7.0.0094 and below contains an unquoted service path vulnerability which allows local users to... | E | |
| CVE-2022-33036 | A binary hijack in Embarcadero Dev-CPP v6.3 allows attackers to execute arbitrary code via a crafted... | E | |
| CVE-2022-33037 | A binary hijack in Orwell-Dev-Cpp v5.11 allows attackers to execute arbitrary code via a crafted .ex... | E | |
| CVE-2022-33042 | Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via t... | E | |
| CVE-2022-33043 | A cross-site scripting (XSS) vulnerability in the batch add function of Urtracker Premium v4.0.1.147... | E | |
| CVE-2022-33047 | OTFCC v0.10.4 was discovered to contain a heap buffer overflow after free via otfccbuild.c.... | | |
| CVE-2022-33048 | Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via t... | E | |
| CVE-2022-33049 | Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via t... | E | |
| CVE-2022-33055 | Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via t... | E | |
| CVE-2022-33056 | Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via t... | E | |
| CVE-2022-33057 | Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via t... | E | |
| CVE-2022-33058 | Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via t... | E | |
| CVE-2022-33059 | Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via t... | E | |
| CVE-2022-33060 | Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via t... | E | |
| CVE-2022-33061 | Online Railway Reservation System v1.0 was discovered to contain a SQL injection vulnerability via t... | | |
| CVE-2022-33064 | An off-by-one error in function wav_read_header in src/wav.c in Libsndfile 1.1.0, results in a write... | E S | |
| CVE-2022-33065 | Multiple signed integers overflow in function au_read_header in src/au.c and in functions mat4_open ... | E | |
| CVE-2022-33067 | Lrzip v0.651 was discovered to contain multiple invalid arithmetic shifts via the functions get_magi... | E S | |
| CVE-2022-33068 | An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to ... | E S | |
| CVE-2022-33069 | Ethereum Solidity v0.8.14 contains an assertion failure via SMTEncoder::indexOrMemberAssignment() at... | E S | |
| CVE-2022-33070 | Protobuf-c v1.4.0 was discovered to contain an invalid arithmetic shift via the function parse_tag_a... | E S | |
| CVE-2022-33075 | A stored cross-site scripting (XSS) vulnerability in the Add Classification function of Zoo Manageme... | E | |
| CVE-2022-33077 | An access control issue in nopcommerce v4.50.2 allows attackers to arbitrarily modify any customer's... | | |
| CVE-2022-33082 | An issue in the AST parser (ast/compile.go) of Open Policy Agent v0.10.2 allows attackers to cause a... | E | |
| CVE-2022-33085 | ESPCMS P8 was discovered to contain an authenticated remote code execution (RCE) vulnerability via t... | E | |
| CVE-2022-33087 | A stack overflow in the function DM_ In fillobjbystr() of TP-Link Archer C50&A5(US)_V5_200407 allows... | E | |
| CVE-2022-33092 | 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at ... | E | |
| CVE-2022-33093 | 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the key parameter at /fre... | E | |
| CVE-2022-33094 | 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at ... | E | |
| CVE-2022-33095 | 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at ... | E | |
| CVE-2022-33096 | 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at ... | E | |
| CVE-2022-33097 | 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at ... | E | |
| CVE-2022-33098 | Magnolia CMS v6.2.19 was discovered to contain a cross-site scripting (XSS) vulnerability via the Ed... | | |
| CVE-2022-33099 | An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when... | E S | |
| CVE-2022-33103 | Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the fu... | | |
| CVE-2022-33105 | Redis v7.0 was discovered to contain a memory leak via the component streamGetEdgeID.... | E S | |
| CVE-2022-33106 | WiJungle NGFW Version U250 was discovered to be vulnerable to No Rate Limit attack, allowing the att... | E | |
| CVE-2022-33107 | ThinkPHP v6.0.12 was discovered to contain a deserialization vulnerability via the component vendor\... | E | |
| CVE-2022-33108 | XPDF v4.04 was discovered to contain a stack overflow vulnerability via the Object::Copy class of ob... | E | |
| CVE-2022-33113 | Jfinal CMS v5.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in... | E | |
| CVE-2022-33114 | Jfinal CMS v5.1.0 was discovered to contain a SQL injection vulnerability via the attrVal parameter ... | E | |
| CVE-2022-33116 | An issue in the jmpath variable in /modules/mindmap/index.php of GUnet Open eClass Platform (aka ope... | E S | |
| CVE-2022-33119 | NUUO Network Video Recorder NVRsolo v03.06.02 was discovered to contain a reflected cross-site scrip... | E | |
| CVE-2022-33121 | A Cross-Site Request Forgery (CSRF) in MiniCMS v1.11 allows attackers to arbitrarily delete local .d... | E | |
| CVE-2022-33122 | A stored cross-site scripting (XSS) vulnerability in eyoucms v1.5.6 allows attackers to execute arbi... | E | |
| CVE-2022-33124 | AIOHTTP 3.8.1 can report a "ValueError: Invalid IPv6 URL" outcome, which can lead to a Denial of Ser... | E | |
| CVE-2022-33127 | The function that calls the diff tool in Diffy 3.4.1 does not properly handle double quotes in a fil... | S | |
| CVE-2022-33128 | RG-EG series gateway EG350 EG_RGOS 11.1(6) was discovered to contain a SQL injection vulnerability v... | | |
| CVE-2022-33137 | A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All v... | S | |
| CVE-2022-33138 | A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All v... | S | |
| CVE-2022-33139 | A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo... | | |
| CVE-2022-33140 | Improper Neutralization of Command Elements in Shell User Group Provider | M | |
| CVE-2022-33141 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-33142 | WordPress Better Messages plugin <= 1.9.10.57 - Denial Of Service (DoS) vulnerability | S | |
| CVE-2022-33143 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-33144 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-33145 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-33146 | Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect ... | S | |
| CVE-2022-33147 | A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev mast... | | |
| CVE-2022-33148 | A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev mast... | | |
| CVE-2022-33149 | A sql injection vulnerability exists in the ObjectYPT functionality of WWBN AVideo 11.6 and dev mast... | | |
| CVE-2022-33150 | An OS command injection vulnerability exists in the js_package install functionality of Robustel R15... | E | |
| CVE-2022-33151 | Cross-site scripting vulnerability in the specific parameters of Cybozu Office 10.0.0 to 10.8.5 allo... | | |
| CVE-2022-33154 | The schema (aka Embedding schema.org vocabulary) extension before 1.13.1 and 2.x before 2.5.1 for TY... | S | |
| CVE-2022-33155 | The ameos_tarteaucitron (aka AMEOS - TarteAuCitron GDPR cookie banner and tracking management / Fren... | S | |
| CVE-2022-33156 | The matomo_integration (aka Matomo Integration) extension before 1.3.2 for TYPO3 allows XSS.... | S | |
| CVE-2022-33157 | The libconnect extension before 7.0.8 and 8.x before 8.1.0 for TYPO3 allows XSS.... | S | |
| CVE-2022-33158 | Trend Micro VPN Proxy Pro version 5.2.1026 and below contains a vulnerability involving some overly ... | | |
| CVE-2022-33159 | IBM Security Directory Suite VA information disclosure | S | |
| CVE-2022-33160 | IBM Security Directory Suite information disclosure | S | |
| CVE-2022-33161 | IBM Security Directory Server information disclosure | S | |
| CVE-2022-33162 | IBM Directory Server buffer overflow | | |
| CVE-2022-33163 | IBM Security Directory Suite VA information disclosure | S | |
| CVE-2022-33164 | IBM Security Directory Server path traversal | S | |
| CVE-2022-33165 | IBM Security Directory Server information disclosure | S | |
| CVE-2022-33166 | IBM Security Directory Suite VA file upload | S | |
| CVE-2022-33167 | IBM Security Directory Integrator information disclosure | | |
| CVE-2022-33168 | IBM Security Directory Suite VA denial of service | S | |
| CVE-2022-33169 | IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vulnerable to insufficiently protected ... | | |
| CVE-2022-33171 | The findOne function in TypeORM before 0.3.0 can either be supplied with a string or a FindOneOption... | E | |
| CVE-2022-33172 | de.fac2 1.34 allows bypassing the User Presence protection mechanism when there is malware on the vi... | S | |
| CVE-2022-33173 | An algorithm-downgrade issue was discovered in Couchbase Server before 7.0.4. Analytics Remote Links... | | |
| CVE-2022-33174 | Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 allows remote... | E | |
| CVE-2022-33175 | Power Distribution Units running on Powertek firmware (multiple brands) before 3.30.30 have an insec... | E | |
| CVE-2022-33176 | Improper input validation in BIOS firmware for some Intel(R) NUC 11 Performance kits and Intel(R) NU... | S | |
| CVE-2022-33177 | WordPress Booking Calendar plugin <= 9.2.1 - Cross-Site Request Forgery (CSRF) vulnerabiulity | S | |
| CVE-2022-33178 | A vulnerability in the radius authentication system of Brocade Fabric OS before Brocade Fabric OS 9.... | | |
| CVE-2022-33179 | A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, and 7.4.2j... | | |
| CVE-2022-33180 | A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5 ... | | |
| CVE-2022-33181 | An information disclosure vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.... | | |
| CVE-2022-33182 | A privilege escalation vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1... | | |
| CVE-2022-33183 | A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5,... | | |
| CVE-2022-33184 | A vulnerability in fab_seg.c.h libraries of all Brocade Fabric OS versions before Brocade Fabric OS ... | | |
| CVE-2022-33185 | Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe strin... | | |
| CVE-2022-33186 | A vulnerability in Brocade Fabric OS software v9.1.1, v9.0.1e, v8.2.3c, v7.4.2j, and earlier version... | M | |
| CVE-2022-33187 | Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs | | |
| CVE-2022-33188 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-33189 | An OS command injection vulnerability exists in the XCMD setAlexa functionality of Abode Systems, In... | E | |
| CVE-2022-33190 | Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an authenti... | S | |
| CVE-2022-33191 | WordPress Testimonials plugin <= 3.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability | | |
| CVE-2022-33192 | Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode System... | E | |
| CVE-2022-33193 | Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode System... | E | |
| CVE-2022-33194 | Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode System... | E | |
| CVE-2022-33195 | Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode System... | E | |
| CVE-2022-33196 | Incorrect default permissions in some memory controller configurations for some Intel(R) Xeon(R) Pro... | | |
| CVE-2022-33197 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-33198 | WordPress Accordions plugin <= 2.0.2 - Unauthenticated WordPress Options Change vulnerability | S | |
| CVE-2022-33200 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-33201 | WordPress MailerLite – Signup forms (official) plugin <= 1.5.7 - Cross-Site Request Forgery (CSRF) vulnerability | S | |
| CVE-2022-33202 | Authentication bypass vulnerability in the setup screen of L2Blocker(on-premise) Ver4.8.5 and earlie... | | |
| CVE-2022-33203 | BIG-IP APM and F5 SSL Orchestrator vulnerability CVE-2022-33203 | | |
| CVE-2022-33204 | Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect functi... | E | |
| CVE-2022-33205 | Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect functi... | E | |
| CVE-2022-33206 | Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect functi... | E | |
| CVE-2022-33207 | Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect functi... | E | |
| CVE-2022-33208 | Authentication bypass by capture-replay vulnerability exists in Machine automation controller NJ ser... | M | |
| CVE-2022-33209 | Improper input validation in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 ma... | S | |
| CVE-2022-33210 | Memory corruption in automotive multimedia due to use of out-of-range pointer offset while parsing c... | | |
| CVE-2022-33211 | Improper Input Validation in MODEM | | |
| CVE-2022-33213 | Memory Corruption in MODEM | | |
| CVE-2022-33214 | Memory corruption in display due to time-of-check time-of-use of metadata reserved size in Snapdrago... | S | |
| CVE-2022-33216 | Improper Input Validation in Automotive | | |
| CVE-2022-33217 | Memory corruption in Qualcomm IPC due to buffer copy without checking the size of input while starti... | | |
| CVE-2022-33218 | Improper Input Validation in Automotive | | |
| CVE-2022-33219 | Integer Overflow to Buffer Overflow in Automotive | | |
| CVE-2022-33220 | Buffer over-read in Automotive multimedia | S | |
| CVE-2022-33221 | Buffer over-read in Trusted Execution Environment | | |
| CVE-2022-33222 | Buffer over-read in Modem | | |
| CVE-2022-33223 | Null pointer dereference in Modem | | |
| CVE-2022-33224 | Buffer copy without checking the size of input in Core | | |
| CVE-2022-33225 | Use after free in Trusted Application Environment | S | |
| CVE-2022-33226 | Buffer copy without checking the size of input in Core | | |
| CVE-2022-33227 | Double free in Linux-Android | | |
| CVE-2022-33228 | Buffer over-read in Modem | | |
| CVE-2022-33229 | Buffer over-read in Modem | | |
| CVE-2022-33230 | Buffer copy without checking the size of input in FM Host | | |
| CVE-2022-33231 | Double free in Core | | |
| CVE-2022-33232 | Buffer copy without checking size of input in Hypervisor | | |
| CVE-2022-33233 | Configuration weakness in modem | | |
| CVE-2022-33234 | Memory corruption in video due to configuration weakness. in Snapdragon Auto, Snapdragon Compute, Sn... | | |
| CVE-2022-33235 | Information disclosure due to buffer over-read in WLAN firmware while parsing security context info ... | | |
| CVE-2022-33236 | Transient DOS due to buffer over-read in WLAN firmware while parsing cipher suite info attributes. i... | | |
| CVE-2022-33237 | Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon... | | |
| CVE-2022-33238 | Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM f... | | |
| CVE-2022-33239 | Transient DOS due to loop with unreachable exit condition in WLAN firmware while parsing IPV6 extens... | | |
| CVE-2022-33240 | Incorrect type conversion or cast in Audio | S | |
| CVE-2022-33242 | Improper authentication in Qualcomm IPC | | |
| CVE-2022-33243 | Improper access control in Qualcomm IPC | S | |
| CVE-2022-33244 | Reachable assertion in Modem | | |
| CVE-2022-33245 | Use after free in WLAN | S | |
| CVE-2022-33246 | Use of out-of-range pointer offset in Audio | S | |
| CVE-2022-33248 | Integer overflow to buffer overflow in User Identity Module | | |
| CVE-2022-33250 | Reachable assertion in Modem | | |
| CVE-2022-33251 | Reachable assertion in Modem | | |
| CVE-2022-33252 | Buffer over-read in WLAN | | |
| CVE-2022-33253 | Buffer over-read in WLAN | | |
| CVE-2022-33254 | Reachable assertion in Modem | | |
| CVE-2022-33255 | Buffer over-read in Bluetooth HOST | S | |
| CVE-2022-33256 | Improper validation of array index in Multi-mode call processor | | |
| CVE-2022-33257 | Time-of-check time-of-use race condition in Core | | |
| CVE-2022-33258 | Buffer over-read in Modem | | |
| CVE-2022-33259 | Buffer copy without checking the size of input in Modem | | |
| CVE-2022-33260 | Stack based buffer overflow in Core | | |
| CVE-2022-33263 | Use after free in Core | | |
| CVE-2022-33264 | Stack-based buffer overflow in Modem | | |
| CVE-2022-33265 | Information exposure in Powerline Communication Firmware | | |
| CVE-2022-33266 | Integer overflow to buffer overflow in Audio | | |
| CVE-2022-33267 | Improper restriction of operations within the bounds of memory buffer in Linux | | |
| CVE-2022-33268 | Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. ... | S | |
| CVE-2022-33269 | Integer overflow or wraparound in Core | | |
| CVE-2022-33270 | Time-of-check time-of-use race condition in Modem | | |
| CVE-2022-33271 | Buffer over-read in WLAN | | |
| CVE-2022-33272 | Reachable assertion in Modem | | |
| CVE-2022-33273 | Buffer over-read in Trusted Execution Environment | | |
| CVE-2022-33274 | Improper validation of array index in Android Core | | |
| CVE-2022-33275 | Improper validation of array index in WLAN HAL | | |
| CVE-2022-33276 | Buffer copy without checking size of input in Modem | | |
| CVE-2022-33277 | Buffer copy without checking size of input in modem | | |
| CVE-2022-33278 | Buffer copy without checking the size of input in HLOS | | |
| CVE-2022-33279 | Stack based buffer overflow in WLAN | | |
| CVE-2022-33280 | Access of uninitialized pointer in Bluetooth HOST | S | |
| CVE-2022-33281 | Improper validation of array index in computer vision. | S | |
| CVE-2022-33282 | Integer overflow to buffer overflow in Automotive Multimedia | | |
| CVE-2022-33283 | Buffer over-read in WLAN | | |
| CVE-2022-33284 | Buffer over-read in WLAN | | |
| CVE-2022-33285 | Buffer over-read in WLAN | | |
| CVE-2022-33286 | Buffer over-read in WLAN | | |
| CVE-2022-33287 | Buffer over-read in Modem | | |
| CVE-2022-33288 | Buffer copy without checking the size of input in Core | | |
| CVE-2022-33289 | Improper validation of array index in Modem | | |
| CVE-2022-33290 | Null pointer dereference in Bluetooth HOST | | |
| CVE-2022-33291 | Buffer over-read in Modem | | |
| CVE-2022-33292 | Use after free in Qualcomm IPC | S | |
| CVE-2022-33294 | NULL pointer dereference in Modem | | |
| CVE-2022-33295 | Buffer over-read in Modem | | |
| CVE-2022-33296 | Integer overflow to buffer overflow in Modem | | |
| CVE-2022-33297 | Buffer overread in Linux Sensors | | |
| CVE-2022-33298 | Use after free in Modem | | |
| CVE-2022-33299 | Null pointer dereference in Bluetooth HOST | | |
| CVE-2022-33300 | Improper input validation in Automotive Android OS | | |
| CVE-2022-33301 | Incorrect type conversion or cast in Audio | S | |
| CVE-2022-33302 | Improper validation of array index in User Identity Module | | |
| CVE-2022-33303 | Uncontrolled resource consumption in Linux kernel | S | |
| CVE-2022-33304 | NULL pointers dereference in Modem | | |
| CVE-2022-33305 | Null pointer dereference in Modem | | |
| CVE-2022-33306 | Buffer over-read in WLAN | | |
| CVE-2022-33307 | Double free in Automotive | | |
| CVE-2022-33309 | Buiffer over-read in WLAN Firmware. | | |
| CVE-2022-33310 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-33311 | Browse restriction bypass vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.5 allows a r... | | |
| CVE-2022-33312 | Multiple command injection vulnerabilities exist in the web_server action endpoints functionalities ... | E | |
| CVE-2022-33313 | Multiple command injection vulnerabilities exist in the web_server action endpoints functionalities ... | E | |
| CVE-2022-33314 | Multiple command injection vulnerabilities exist in the web_server action endpoints functionalities ... | E | |
| CVE-2022-33315 | Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and ... | | |
| CVE-2022-33316 | Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and ... | | |
| CVE-2022-33317 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in ICONICS GENESIS64 versions... | | |
| CVE-2022-33318 | Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and ... | | |
| CVE-2022-33319 | Out-of-bounds Read vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and Mitsubishi Elec... | | |
| CVE-2022-33320 | Deserialization of Untrusted Data vulnerability in ICONICS GENESIS64 versions 10.97.1 and prior and ... | | |
| CVE-2022-33321 | Cleartext Transmission of Sensitive Information vulnerability due to the use of Basic Authentication... | | |
| CVE-2022-33322 | Cross-site scripting vulnerability in Mitsubishi Electric consumer electronics products (Air Conditi... | M | |
| CVE-2022-33323 | Authentication Bypass Vulnerability in Robot Controller of MELFA SD/SQ series and F-series | | |
| CVE-2022-33324 | Denial-of-Service Vulnerability in Ethernet port of MELSEC iQ-R, iQ-L Series and MELIPC Series | S | |
| CVE-2022-33325 | Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of... | E | |
| CVE-2022-33326 | Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of... | E | |
| CVE-2022-33327 | Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of... | E | |
| CVE-2022-33328 | Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of... | E | |
| CVE-2022-33329 | Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities of... | E | |
| CVE-2022-33631 | Microsoft Excel Security Feature Bypass Vulnerability | | |
| CVE-2022-33632 | Microsoft Office Security Feature Bypass Vulnerability | | |
| CVE-2022-33633 | Skype for Business and Lync Remote Code Execution Vulnerability | | |
| CVE-2022-33634 | Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | S | |
| CVE-2022-33635 | Windows GDI+ Remote Code Execution Vulnerability | S | |
| CVE-2022-33636 | Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability | | |
| CVE-2022-33637 | Microsoft Defender for Endpoint Tampering Vulnerability | | |
| CVE-2022-33638 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | S | |
| CVE-2022-33639 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | S | |
| CVE-2022-33640 | System Center Operations Manager: Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability | | |
| CVE-2022-33641 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33642 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33643 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33644 | Xbox Live Save Service Elevation of Privilege Vulnerability | | |
| CVE-2022-33645 | Windows TCP/IP Driver Denial of Service Vulnerability | S | |
| CVE-2022-33646 | Azure Batch Node Agent Elevation of Privilege Vulnerability | | |
| CVE-2022-33647 | Windows Kerberos Elevation of Privilege Vulnerability | | |
| CVE-2022-33648 | Microsoft Excel Remote Code Execution Vulnerability | | |
| CVE-2022-33649 | Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability | | |
| CVE-2022-33650 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33651 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33652 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33653 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33654 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33655 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33656 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33657 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33658 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33659 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33660 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33661 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33662 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33663 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33664 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33665 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33666 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33667 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33668 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33669 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33670 | Windows Partition Management Driver Elevation of Privilege Vulnerability | | |
| CVE-2022-33671 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33672 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33673 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33674 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33675 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33676 | Azure Site Recovery Remote Code Execution Vulnerability | | |
| CVE-2022-33677 | Azure Site Recovery Elevation of Privilege Vulnerability | | |
| CVE-2022-33678 | Azure Site Recovery Remote Code Execution Vulnerability | | |
| CVE-2022-33679 | Windows Kerberos Elevation of Privilege Vulnerability | | |
| CVE-2022-33680 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | S | |
| CVE-2022-33681 | Improper Hostname Verification in Java Client and Proxy can expose authentication data via MITM | M | |
| CVE-2022-33682 | Disabled Hostname Verification makes Brokers, Proxies vulnerable to MITM attack | M | |
| CVE-2022-33683 | Disabled Certificate Validation makes Broker, Proxy Admin Clients vulnerable to MITM attack | M | |
| CVE-2022-33684 | Apache Pulsar C++/Python OAuth Clients prior to 3.0.0 were vulnerable to an MITM attack due to Disabled Certificate Validation | E S | |
| CVE-2022-33685 | Unprotected dynamic receiver in Wearable Manager Service prior to SMR Jul-2022 Release 1 allows atta... | | |
| CVE-2022-33686 | Exposure of Sensitive Information in GsmAlarmManager prior to SMR Jul-2022 Release 1 allows local at... | | |
| CVE-2022-33687 | Exposure of Sensitive Information in telephony-common.jar prior to SMR Jul-2022 Release 1 allows loc... | | |
| CVE-2022-33688 | Sensitive information exposure vulnerability in EventType in SecTelephonyProvider prior to SMR Jul-2... | | |
| CVE-2022-33689 | Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows attacker... | | |
| CVE-2022-33690 | Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to acc... | | |
| CVE-2022-33691 | A possible race condition vulnerability in score driver prior to SMR Jul-2022 Release 1 can allow lo... | | |
| CVE-2022-33692 | Exposure of Sensitive Information in Messaging application prior to SMR Jul-2022 Release 1 allows lo... | | |
| CVE-2022-33693 | Exposure of Sensitive Information in CID Manager prior to SMR Jul-2022 Release 1 allows local attack... | | |
| CVE-2022-33694 | Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local at... | | |
| CVE-2022-33695 | Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows unauthorize... | | |
| CVE-2022-33696 | Exposure of Sensitive Information in Telephony service prior to SMR Jul-2022 Release 1 allows local ... | | |
| CVE-2022-33697 | Sensitive information exposure vulnerability in ImsServiceSwitchBase in ImsCore prior to SMR Jul-202... | | |
| CVE-2022-33698 | Exposure of Sensitive Information in Telecom application prior to SMR Jul-2022 Release 1 allows loca... | | |
| CVE-2022-33699 | Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 al... | | |
| CVE-2022-33700 | Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 al... | | |
| CVE-2022-33701 | Improper access control vulnerability in KnoxCustomManagerService prior to SMR Jul-2022 Release 1 al... | | |
| CVE-2022-33702 | Improper authorization vulnerability in Knoxguard prior to SMR Jul-2022 Release 1 allows local attac... | | |
| CVE-2022-33703 | Improper validation vulnerability in CACertificateInfo prior to SMR Jul-2022 Release 1 allows attack... | | |
| CVE-2022-33704 | Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior to SMR Jul-2022 Release 1 all... | | |
| CVE-2022-33705 | Information exposure in Calendar prior to version 12.3.05.10000 allows attacker to access calendar s... | | |
| CVE-2022-33706 | Improper access control vulnerability in Samsung Gallery prior to version 13.1.05.8 allows physical ... | | |
| CVE-2022-33707 | Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker to i... | | |
| CVE-2022-33708 | Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5... | | |
| CVE-2022-33709 | Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5... | | |
| CVE-2022-33710 | Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version ... | | |
| CVE-2022-33711 | Improper validation of integrity check vulnerability in Samsung USB Driver Windows Installer for Mob... | | |
| CVE-2022-33712 | Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3... | | |
| CVE-2022-33713 | Implicit Intent hijacking vulnerability in Samsung Cloud prior to version 5.2.0 allows attacker to g... | | |
| CVE-2022-33714 | Improper access control vulnerability in SemWifiApBroadcastReceiver prior to SMR Aug-2022 Release 1 ... | | |
| CVE-2022-33715 | Improper access control and path traversal vulnerability in LauncherProvider prior to SMR Aug-2022 R... | | |
| CVE-2022-33716 | An absence of variable initialization in ICCC TA prior to SMR Aug-2022 Release 1 allows local attack... | | |
| CVE-2022-33717 | A missing input validation before memory read in SEM TA prior to SMR Aug-2022 Release 1 allows local... | | |
| CVE-2022-33718 | An improper access control vulnerability in Wi-Fi Service prior to SMR AUG-2022 Release 1 allows unt... | | |
| CVE-2022-33719 | Improper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause inte... | | |
| CVE-2022-33720 | Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical att... | | |
| CVE-2022-33721 | A vulnerability using PendingIntent in DeX for PC prior to SMR Aug-2022 Release 1 allows attackers t... | | |
| CVE-2022-33722 | Implicit Intent hijacking vulnerability in Smart View prior to SMR Aug-2022 Release 1 allows attacke... | | |
| CVE-2022-33723 | A vulnerable code in onCreate of BluetoothScanDialog prior to SMR Aug-2022 Release 1, allows attacke... | | |
| CVE-2022-33724 | Exposure of Sensitive Information in Samsung Dialer application?prior to SMR Aug-2022 Release 1 allo... | | |
| CVE-2022-33725 | A vulnerability using PendingIntent in Knox VPN prior to SMR Aug-2022 Release 1 allows attackers to ... | | |
| CVE-2022-33726 | Unprotected dynamic receiver in Samsung Galaxy Friends prior to SMR Aug-2022 Release 1 allows attack... | | |
| CVE-2022-33727 | A vulnerable code in onCreate of SecDevicePickerDialog prior to SMR Aug-2022 Release 1, allows attac... | | |
| CVE-2022-33728 | Exposure of sensitive information in Bluetooth prior to SMR Aug-2022 Release 1 allows local attacker... | | |
| CVE-2022-33729 | Improper restriction of broadcasting Intent in ConfirmConnectActivity of?NFC prior to SMR Aug-2022 R... | | |
| CVE-2022-33730 | Heap-based buffer overflow vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allow... | | |
| CVE-2022-33731 | Improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1 allows atta... | | |
| CVE-2022-33732 | Improper access control vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows l... | | |
| CVE-2022-33733 | Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3 al... | | |
| CVE-2022-33734 | Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3... | | |
| CVE-2022-33735 | There is a password verification vulnerability in WS7200-10 11.0.2.13. Attackers on the LAN may use ... | | |
| CVE-2022-33736 | A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624), Opcen... | S | |
| CVE-2022-33737 | The OpenVPN Access Server installer creates a log file readable for everyone, which from version 2.1... | | |
| CVE-2022-33738 | OpenVPN Access Server before 2.11 uses a weak random generator used to create user session token for... | | |
| CVE-2022-33739 | CA Clarity 15.8 and below and 15.9.0 contain an insecure XML parsing vulnerability that could allow ... | | |
| CVE-2022-33740 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text ... | S | |
| CVE-2022-33741 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text ... | S | |
| CVE-2022-33742 | Linux disk/nic frontends data leaks T[his CNA information record relates to multiple CVEs; the text ... | S | |
| CVE-2022-33743 | network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpres... | S | |
| CVE-2022-33744 | Arm guests can cause Dom0 DoS via PV devices When mapping pages of guests on Arm, dom0 is using an r... | S | |
| CVE-2022-33745 | insufficient TLB flush for x86 PV guests in shadow mode For migration as well as to work around kern... | S | |
| CVE-2022-33746 | P2M pool freeing may take excessively long The P2M pool backing second level address translation for... | S | |
| CVE-2022-33747 | Arm: unbounded memory consumption for 2nd-level page tables Certain actions require e.g. removing pa... | S | |
| CVE-2022-33748 | lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was... | S | |
| CVE-2022-33749 | XAPI open file limit DoS It is possible for an unauthenticated client on the network to cause XAPI t... | S | |
| CVE-2022-33750 | CA Automic Automation 12.2 and 12.3 contain an authentication error vulnerability in the Automic age... | | |
| CVE-2022-33751 | CA Automic Automation 12.2 and 12.3 contain an insecure memory handling vulnerability in the Automic... | | |
| CVE-2022-33752 | CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Au... | | |
| CVE-2022-33753 | CA Automic Automation 12.2 and 12.3 contain an insecure file creation and handling vulnerability in ... | | |
| CVE-2022-33754 | CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Au... | | |
| CVE-2022-33755 | CA Automic Automation 12.2 and 12.3 contain an insecure input handling vulnerability in the Automic ... | | |
| CVE-2022-33756 | CA Automic Automation 12.2 and 12.3 contain an entropy weakness vulnerability in the Automic Automat... | | |
| CVE-2022-33757 | An authenticated attacker could read Nessus Debug Log file attachments from the web UI without havin... | | |
| CVE-2022-33859 | Unrestricted file upload in Eaton Foreseer EPMS | | |
| CVE-2022-33860 | Rejected reason: ** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2023-43775. Reason: This r... | R | |
| CVE-2022-33861 | Insufficient verification of authenticity in IPP | S | |
| CVE-2022-33862 | Improper access control mechanism in IPP | S | |
| CVE-2022-33869 | An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the m... | S | |
| CVE-2022-33870 | An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the c... | S | |
| CVE-2022-33871 | A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and earlier, 6.4 all... | S | |
| CVE-2022-33872 | An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulner... | | |
| CVE-2022-33873 | An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulner... | | |
| CVE-2022-33874 | An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulner... | | |
| CVE-2022-33875 | An improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerabilit... | S | |
| CVE-2022-33876 | Multiple instances of improper input validation vulnerability in Fortinet FortiADC version 7.1.0, ve... | S | |
| CVE-2022-33877 | An incorrect default permission [CWE-276] vulnerability in FortiClient (Windows) versions 7.0.0 thro... | S | |
| CVE-2022-33878 | An exposure of sensitive information to an unauthorized actor vulnerabiltiy [CWE-200] in FortiClient... | S | |
| CVE-2022-33879 | Incomplete fix and new regex DoS in StandardsExtractingContentHandler | | |
| CVE-2022-33880 | hms-staff.php in Projectworlds Hospital Management System Mini-Project through 2018-06-17 allows SQL... | E | |
| CVE-2022-33881 | Parsing a maliciously crafted PRT file can force Autodesk AutoCAD 2023 to read beyond allocated boun... | | |
| CVE-2022-33882 | Under certain conditions, an attacker could create an unintended sphere of control through a vulnera... | | |
| CVE-2022-33883 | A malicious crafted file consumed through Moldflow Synergy, Moldflow Adviser, Moldflow Communicator,... | | |
| CVE-2022-33884 | Parsing a maliciously crafted X_B file can force Autodesk AutoCAD 2023 and 2022 to read beyond alloc... | | |
| CVE-2022-33885 | A maliciously crafted X_B, CATIA, and PDF file when parsed through Autodesk AutoCAD 2023 and 2022 ca... | | |
| CVE-2022-33886 | A maliciously crafted MODEL and SLDPRT file can be used to write beyond the allocated buffer while p... | | |
| CVE-2022-33887 | A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled excepti... | | |
| CVE-2022-33888 | A malicious crafted Dwg2Spd file when processed through Autodesk DWG application could lead to memor... | | |
| CVE-2022-33889 | A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD... | | |
| CVE-2022-33890 | A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead ... | | |
| CVE-2022-33891 | Apache Spark shell command injection vulnerability via Spark UI | KEV E M | |
| CVE-2022-33892 | Path traversal in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenti... | | |
| CVE-2022-33893 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-33894 | Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged u... | | |
| CVE-2022-33895 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-33896 | A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 p... | E | |
| CVE-2022-33897 | A directory traversal vulnerability exists in the web_server /ajax/remove/ functionality of Robustel... | E | |
| CVE-2022-33898 | Insecure inherited permissions in some Intel(R) NUC Watchdog Timer installation software before vers... | S | |
| CVE-2022-33899 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-33900 | WordPress Easy Digital Downloads plugin <= 3.0.1 - PHP Object Injection vulnerability | S | |
| CVE-2022-33901 | WordPress MultiSafepay plugin for WooCommerce plugin <= 4.13.1 - Unauthenticated Arbitrary File Read vulnerability | | |
| CVE-2022-33902 | Insufficient control flow management in the Intel(R) Quartus Prime Pro and Standard edition software... | | |
| CVE-2022-33903 | Tor 0.4.7.x before 0.4.7.8 allows a denial of service via the wedging of RTT estimation.... | S | |
| CVE-2022-33905 | DMA transactions which are targeted at input buffers used for the AhciBusDxe software SMI handler co... | | |
| CVE-2022-33906 | DMA transactions which are targeted at input buffers used for the FwBlockServiceSmm software SMI han... | | |
| CVE-2022-33907 | DMA transactions which are targeted at input buffers used for the software SMI handler used by the I... | | |
| CVE-2022-33908 | DMA transactions which are targeted at input buffers used for the SdHostDriver software SMI handler ... | | |
| CVE-2022-33909 | DMA transactions which are targeted at input buffers used for the HddPassword software SMI handler c... | | |
| CVE-2022-33910 | An XSS vulnerability in MantisBT before 2.25.5 allows remote attackers to attach crafted SVG documen... | E | |
| CVE-2022-33911 | An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in logged... | | |
| CVE-2022-33912 | A permission issue affects users that deployed the shipped version of the Checkmk Debian package. Pa... | M | |
| CVE-2022-33913 | In Mahara 21.04 before 21.04.6, 21.10 before 21.10.4, and 22.04.2, files can sometimes be downloaded... | E | |
| CVE-2022-33915 | Versions of the Amazon AWS Apache Log4j hotpatch package before log4j-cve-2021-44228-hotpatch-1.3.5 ... | | |
| CVE-2022-33916 | OPC UA .NET Standard Reference Server 1.04.368 allows a remote attacker to cause the application to ... | S | |
| CVE-2022-33917 | An issue was discovered in the Arm Mali GPU Kernel Driver (Valhall r29p0 through r38p0). A non-privi... | | |
| CVE-2022-33918 | Dell GeoDrive, Versions 2.1 - 2.2, contains an information disclosure vulnerability. An authenticate... | | |
| CVE-2022-33919 | Dell GeoDrive, versions 2.1 - 2.2, contains an information disclosure vulnerability in GUI. An authe... | | |
| CVE-2022-33920 | Dell GeoDrive, versions prior to 2.2, contains an Unquoted File Path vulnerability. A low privilege ... | | |
| CVE-2022-33921 | Dell GeoDrive, versions prior to 2.2, contains Multiple DLL Hijacking Vulnerabilities. A low privile... | | |
| CVE-2022-33922 | Dell GeoDrive, versions prior to 2.2, contains Insecure File and Folder Permissions vulnerabilities.... | | |
| CVE-2022-33923 | Dell PowerStore, versions prior to 3.0.0.0, contains an OS Command Injection vulnerability in PowerS... | S | |
| CVE-2022-33924 | Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability with wh... | | |
| CVE-2022-33925 | Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. ... | | |
| CVE-2022-33926 | Dell Wyse Management Suite 3.6.1 and below contains an improper access control vulnerability. A remo... | | |
| CVE-2022-33927 | Dell Wyse Management Suite 3.6.1 and below contains a Session Fixation vulnerability. A unauthentica... | | |
| CVE-2022-33928 | Dell Wyse Management Suite 3.6.1 and below contains an Plain-text Password Storage Vulnerability in ... | | |
| CVE-2022-33929 | Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability i... | | |
| CVE-2022-33930 | Dell Wyse Management Suite 3.6.1 and below contains Information Disclosure in Devices error pages. A... | | |
| CVE-2022-33931 | Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. ... | | |
| CVE-2022-33932 | Dell PowerScale OneFS, versions 9.0.0 up to and including 9.1.0.19, 9.2.1.12, 9.3.0.6, and 9.4.0.2, ... | | |
| CVE-2022-33933 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2022-33934 | Dell PowerScale OneFS, versions 8.2.x through 9.4.x contain multiple stored cross-site scripting vu... | | |
| CVE-2022-33935 | Dell EMC Data Protection Advisor versions 19.6 and earlier, contains a Stored Cross Site Scripting, ... | S | |
| CVE-2022-33936 | Cloud Mobility for Dell EMC Storage, 1.3.0.XXX contains a RCE vulnerability. A non-privileged user c... | | |
| CVE-2022-33937 | Dell GeoDrive, Versions 1.0 - 2.2, contain a Path Traversal Vulnerability in the reporting function.... | | |
| CVE-2022-33938 | A format string injection vulnerability exists in the ghome_process_control_packet functionality of ... | E | |
| CVE-2022-33939 | CENTUM VP / CS 3000 controller FCS (CP31, CP33, CP345, CP401, and CP451) contains an issue in proces... | | |
| CVE-2022-33940 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-33941 | PowerCMS XMLRPC API provided by Alfasado Inc. contains a command injection vulnerability. Sending a ... | S | |
| CVE-2022-33942 | Protection mechanism failure in the Intel(R) DCM software before version 5.0 may allow an unauthenti... | | |
| CVE-2022-33943 | WordPress BxSlider WP plugin <= 2.0.0 - Authenticated Cross-Site Scripting (XSS) vulnerability | | |
| CVE-2022-33944 | ICSA-22-200-01 MiCODUS MV720 GPS tracker Authorization Bypass Through User-Controlled Key | M | |
| CVE-2022-33945 | Improper input validation in some Intel(R) Server board and Intel(R) Server System BIOS firmware may... | S | |
| CVE-2022-33946 | Improper authentication in the Intel(R) SUR software before version 2.4.8902 may allow an authentica... | S | |
| CVE-2022-33947 | BIG-IP DNS TMUI Vulnerability CVE-2022-33947 | | |
| CVE-2022-33948 | HOME SPOT CUBE2 V102 contains an OS command injection vulnerability due to improper processing of da... | | |
| CVE-2022-33949 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-33953 | IBM Robotic Process Automation 21.0.1 and 21.0.2 could allow a user with psychical access to the sys... | | |
| CVE-2022-33954 | IBM Robotic Process Automation information disclosure | | |
| CVE-2022-33955 | IBM CICS TX 11.1 could allow allow an attacker with physical access to the system to execute code du... | S | |
| CVE-2022-33959 | IBM Sterling Order Management privilege escalation | | |
| CVE-2022-33960 | WordPress Social Share Buttons by Supsystic plugin <= 2.2.3 - Multiple Authenticated SQL Injection (SQLi) vulnerabilities | S | |
| CVE-2022-33961 | WordPress YellowPencil Visual CSS Style Editor Plugin <= 7.5.8 is vulnerable to Cross Site Scripting (XSS) | S | |
| CVE-2022-33962 | BIG-IP iRule vulnerability CVE-2022-33962 | | |
| CVE-2022-33963 | Incorrect default permissions in the software installer for Intel(R) Unite(R) Client software for Wi... | S | |
| CVE-2022-33964 | Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an unauthen... | S | |
| CVE-2022-33965 | WordPress WP Visitor Statistics plugin <= 5.7 - Multiple Unauthenticated SQL Injection (SQLi) vulnerabilities | S | |
| CVE-2022-33966 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-33967 | squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a h... | E S | |
| CVE-2022-33968 | BIG-IP LTM and APM NTLM vulnerability CVE-2022-33968 | | |
| CVE-2022-33969 | WordPress Flipbox plugin <= 2.6.0 - Authenticated WordPress Options Change vulnerability | S | |
| CVE-2022-33970 | WordPress Shortcode Addons plugin <= 3.1.2 - Authenticated WordPress Options Change vulnerability | S | |
| CVE-2022-33971 | Authentication bypass by capture-replay vulnerability exists in Machine automation controller NX7 se... | M | |
| CVE-2022-33972 | Incorrect calculation in microcode keying mechanism for some 3rd Generation Intel(R) Xeon(R) Scalabl... | | |
| CVE-2022-33973 | Improper access control in the Intel(R) WAPI Security software for Windows 10/11 before version 22.2... | | |
| CVE-2022-33974 | WordPress Custom Twitter Feeds (Tweets Widget) Plugin <= 1.8.4 is vulnerable to Cross Site Request Forgery (CSRF) | S | |
| CVE-2022-33976 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-33977 | untangle is a python library to convert XML data to python objects. untangle versions 1.2.0 and earl... | | |
| CVE-2022-33978 | WordPress FontMeister plugin <= 1.08 - Reflected Cross-Site Scripting (XSS) vulnerability | | |
| CVE-2022-33979 | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority because i... | R | |
| CVE-2022-33980 | Apache Commons Configuration insecure interpolation defaults | M | |
| CVE-2022-33981 | drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, becau... | E S | |
| CVE-2022-33982 | DMA attacks on the parameter buffer used by the Int15ServiceSmm software SMI handler could lead to a... | | |
| CVE-2022-33983 | DMA transactions which are targeted at input buffers used for the NvmExpressLegacy software SMI hand... | | |
| CVE-2022-33984 | DMA transactions which are targeted at input buffers used for the SdMmcDevice software SMI handler c... | | |
| CVE-2022-33985 | DMA transactions which are targeted at input buffers used for the NvmExpressDxe software SMI handler... | | |
| CVE-2022-33986 | DMA attacks on the parameter buffer used by the VariableRuntimeDxe software SMI handler could lead t... | | |
| CVE-2022-33987 | The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket.... | S | |
| CVE-2022-33988 | dproxy-nexgen (aka dproxy nexgen) re-uses the DNS transaction id (TXID) value from client queries, w... | E | |
| CVE-2022-33989 | dproxy-nexgen (aka dproxy nexgen) uses a static UDP source port (selected randomly only at boot time... | E | |
| CVE-2022-33990 | Misinterpretation of special domain name characters in dproxy-nexgen (aka dproxy nexgen) leads to ca... | E | |
| CVE-2022-33991 | dproxy-nexgen (aka dproxy nexgen) forwards and caches DNS queries with the CD (aka checking disabled... | E | |
| CVE-2022-33992 | DNRD (aka Domain Name Relay Daemon) 2.20.3 forwards and caches DNS queries with the CD (aka checking... | | |
| CVE-2022-33993 | Misinterpretation of special domain name characters in DNRD (aka Domain Name Relay Daemon) 2.20.3 le... | | |
| CVE-2022-33994 | The Gutenberg plugin through 13.7.3 for WordPress allows stored XSS by the Contributor role via an S... | E | |
| CVE-2022-33995 | A path traversal issue in entry attachments in Devolutions Remote Desktop Manager before 2022.2 allo... | | |
| CVE-2022-33996 | Incorrect permission management in Devolutions Server before 2022.2 allows a new user with a preexis... | |