Total
2377 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-46676 | 1 Dell | 1 Wyse Management Suite | 2023-11-07 | N/A | 4.9 MEDIUM |
| Wyse Management Suite 3.8 and below contain an improper access control vulnerability. A malicious admin user can disable or delete users under administration and unassigned admins for which the group admin is not authorized. | |||||
| CVE-2022-46664 | 1 Siemens | 1 Mendix Workflow Commons | 2023-11-07 | N/A | 8.1 HIGH |
| A vulnerability has been identified in Mendix Workflow Commons (All versions < V2.4.0), Mendix Workflow Commons V2.1 (All versions < V2.1.4), Mendix Workflow Commons V2.3 (All versions < V2.3.2). Affected versions of the module improperly handle access control for some module entities. This could allow authenticated remote attackers to read or delete sensitive information. | |||||
| CVE-2022-46331 | 1 Ge | 1 Proficy Historian | 2023-11-07 | N/A | 8.1 HIGH |
| An unauthorized user could possibly delete any file on the system. | |||||
| CVE-2022-46279 | 1 Intel | 1 Retail Edge Program | 2023-11-07 | N/A | 5.5 MEDIUM |
| Improper access control in the Intel(R) Retail Edge android application before version 3.0.301126-RELEASE may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2022-45112 | 1 Intel | 1 Virtual Raid On Cpu | 2023-11-07 | N/A | 7.8 HIGH |
| Improper access control in some Intel(R) VROC software before version 8.0.0.4035 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-43494 | 1 Ge | 1 Proficy Historian | 2023-11-07 | N/A | 6.5 MEDIUM |
| An unauthorized user could be able to read any file on the system, potentially exposing sensitive information. | |||||
| CVE-2022-42465 | 1 Intel | 1 One Boot Flash Update | 2023-11-07 | N/A | 6.7 MEDIUM |
| Improper access control in kernel mode driver for the Intel(R) OFU software before version 14.1.30 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-41784 | 1 Intel | 1 One Boot Flash Update | 2023-11-07 | N/A | 7.8 HIGH |
| Improper access control in kernel mode driver for the Intel(R) OFU software before version 14.1.30 may allow an authenticated user to potentially enable escalation of privilege via local access | |||||
| CVE-2022-41769 | 1 Intel | 1 Connect M | 2023-11-07 | N/A | 7.8 HIGH |
| Improper access control in the Intel(R) Connect M Android application before version 1.82 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-41690 | 1 Intel | 1 Retail Edge Program | 2023-11-07 | N/A | 7.8 HIGH |
| Improper access control in the Intel(R) Retail Edge Mobile iOS application before version 3.4.7 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-41621 | 1 Intel | 1 Quickassist Technology | 2023-11-07 | N/A | 5.5 MEDIUM |
| Improper access control in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2022-40972 | 1 Intel | 1 Quickassist Technology | 2023-11-07 | N/A | 7.8 HIGH |
| Improper access control in some Intel(R) QAT drivers for Windows before version 1.9.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-40964 | 3 Debian, Fedoraproject, Intel | 17 Debian Linux, Fedora, Killer and 14 more | 2023-11-07 | N/A | 6.7 MEDIUM |
| Improper access control for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-40207 | 1 Intel | 1 System Usage Report | 2023-11-07 | N/A | 7.8 HIGH |
| Improper access control in the Intel(R) SUR software before version 2.4.8989 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2022-3780 | 1 Devolutions | 1 Remote Desktop Manager | 2023-11-07 | N/A | 7.5 HIGH |
| Database connections on deleted users could stay active on MySQL data sources in Remote Desktop Manager 2022.3.7 and below which allow deleted users to access unauthorized data. This issue affects : Remote Desktop Manager 2022.3.7 and prior versions. | |||||
| CVE-2022-3186 | 1 Dataprobe | 24 Iboot-pdu4-n20, Iboot-pdu4-n20 Firmware, Iboot-pdu4a-n15 and 21 more | 2023-11-07 | N/A | 7.5 HIGH |
| Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where the affected product allows an attacker to access the device’s main management page from the cloud. This feature enables users to remotely connect devices, however, the current implementation permits users to access other device's information. | |||||
| CVE-2022-39946 | 1 Fortinet | 1 Fortinac | 2023-11-07 | N/A | 7.2 HIGH |
| An access control vulnerability [CWE-284] in FortiNAC version 9.4.2 and below, version 9.2.7 and below, 9.1 all versions, 8.8 all versions, 8.7 all versions, 8.6 all versions, 8.5 all versions may allow a remote attacker authenticated on the administrative interface to perform unauthorized jsp calls via crafted HTTP requests. | |||||
| CVE-2022-38973 | 1 Intel | 4 Arc A750, Arc A750 Firmware, Arc A770 and 1 more | 2023-11-07 | N/A | 7.1 HIGH |
| Improper access control for some Intel(R) Arc(TM) graphics cards A770 and A750 Limited Edition sold between October of 2022 and December of 2022 may allow an authenticated user to potentially enable denial of service or infomation disclosure via local access. | |||||
| CVE-2022-38377 | 1 Fortinet | 2 Fortianalyzer, Fortimanager | 2023-11-07 | N/A | 2.7 LOW |
| An improper access control vulnerability [CWE-284] in FortiManager 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.7, 6.2.0 through 6.2.9, 6.0.0 through 6.0.11 and FortiAnalyzer 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.8, 6.2.0 through 6.2.10, 6.0.0 through 6.0.12 may allow a remote and authenticated admin user assigned to a specific ADOM to access other ADOMs information such as device information and dashboard information. | |||||
| CVE-2022-38355 | 1 Daikinlatam | 2 Svmpc1, Svmpc2 | 2023-11-07 | N/A | 5.5 MEDIUM |
| Daikin SVMPC1 version 2.1.22 and prior and SVMPC2 version 1.2.3 and prior are vulnerable to attackers with access to the local area network (LAN) to disclose sensitive information stored by the affected product without requiring authentication. | |||||