Total
2183 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-21846 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 8.3 HIGH | 9.0 CRITICAL |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2022-21817 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Omniverse Launcher | 2024-11-21 | 5.8 MEDIUM | 9.3 CRITICAL |
| NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can get user to browse malicious site, to acquire access tokens allowing them to access resources in other security domains, which may lead to code execution, escalation of privileges, and impact to confidentiality and integrity. | |||||
| CVE-2022-21543 | 1 Oracle | 1 Peoplesoft Enterprise Peopletools | 2024-11-21 | N/A | 9.8 CRITICAL |
| Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Mgmt). Supported versions that are affected are 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PeopleTools. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). | |||||
| CVE-2022-21431 | 1 Oracle | 1 Communications Billing And Revenue Management | 2024-11-21 | 7.5 HIGH | 10.0 CRITICAL |
| Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Connection Manager). Supported versions that are affected are 12.0.0.4 and 12.0.0.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to compromise Oracle Communications Billing and Revenue Management. While the vulnerability is in Oracle Communications Billing and Revenue Management, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle Communications Billing and Revenue Management. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). | |||||
| CVE-2022-21420 | 1 Oracle | 1 Coherence | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). | |||||
| CVE-2022-21391 | 1 Oracle | 1 Communications Billing And Revenue Management | 2024-11-21 | 6.5 MEDIUM | 9.9 CRITICAL |
| Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Connection Manager). Supported versions that are affected are 12.0.0.3 and 12.0.0.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. While the vulnerability is in Oracle Communications Billing and Revenue Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Communications Billing and Revenue Management. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). | |||||
| CVE-2022-21390 | 1 Oracle | 1 Communications Billing And Revenue Management | 2024-11-21 | 7.5 HIGH | 10.0 CRITICAL |
| Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Webservices Manager). Supported versions that are affected are 12.0.0.3 and 12.0.0.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. While the vulnerability is in Oracle Communications Billing and Revenue Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Communications Billing and Revenue Management. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). | |||||
| CVE-2022-21389 | 1 Oracle | 1 Communications Billing And Revenue Management | 2024-11-21 | 7.5 HIGH | 10.0 CRITICAL |
| Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Connection Manager). Supported versions that are affected are 12.0.0.3 and 12.0.0.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. While the vulnerability is in Oracle Communications Billing and Revenue Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Communications Billing and Revenue Management. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). | |||||
| CVE-2022-21306 | 1 Oracle | 1 Weblogic Server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). | |||||
| CVE-2022-21276 | 1 Oracle | 1 Communications Billing And Revenue Management | 2024-11-21 | 6.5 MEDIUM | 9.9 CRITICAL |
| Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Connection Manager). Supported versions that are affected are 12.0.0.3 and 12.0.0.4. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. While the vulnerability is in Oracle Communications Billing and Revenue Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Communications Billing and Revenue Management. CVSS 3.1 Base Score 9.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). | |||||
| CVE-2022-21275 | 1 Oracle | 1 Communications Billing And Revenue Management | 2024-11-21 | 7.5 HIGH | 10.0 CRITICAL |
| Vulnerability in the Oracle Communications Billing and Revenue Management product of Oracle Communications Applications (component: Connection Manager). Supported versions that are affected are 12.0.0.3 and 12.0.0.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Communications Billing and Revenue Management. While the vulnerability is in Oracle Communications Billing and Revenue Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Communications Billing and Revenue Management. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). | |||||
| CVE-2022-20755 | 1 Cisco | 1 Telepresence Video Communication Server | 2024-11-21 | 9.0 HIGH | 9.0 CRITICAL |
| Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read/write privileges to the application to write files or execute arbitrary code on the underlying operating system of an affected device as the root user. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2022-20754 | 1 Cisco | 1 Telepresence Video Communication Server | 2024-11-21 | 9.0 HIGH | 9.0 CRITICAL |
| Multiple vulnerabilities in the API and web-based management interfaces of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker with read/write privileges to the application to write files or execute arbitrary code on the underlying operating system of an affected device as the root user. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2022-20405 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
| Product: AndroidVersions: Android kernelAndroid ID: A-216363416References: N/A | |||||
| CVE-2022-20403 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
| Product: AndroidVersions: Android kernelAndroid ID: A-207975764References: N/A | |||||
| CVE-2022-20402 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
| Product: AndroidVersions: Android kernelAndroid ID: A-218701042References: N/A | |||||
| CVE-2022-20391 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
| Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238257000 | |||||
| CVE-2022-20390 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
| Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238257002 | |||||
| CVE-2022-20387 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
| Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238227324 | |||||
| CVE-2022-20386 | 1 Google | 1 Android | 2024-11-21 | N/A | 9.8 CRITICAL |
| Summary:Product: AndroidVersions: Android SoCAndroid ID: A-238227328 | |||||