Search Results (364918 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-28658 2 Apport Project, Canonical 2 Apport, Ubuntu Linux 2024-11-21 5.5 Medium
Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing
CVE-2022-28657 2 Apport Project, Canonical 2 Apport, Ubuntu Linux 2024-11-21 7.8 High
Apport does not disable python crash handler before entering chroot
CVE-2022-28655 2 Apport Project, Canonical 2 Apport, Ubuntu Linux 2024-11-21 7.1 High
is_closing_session() allows users to create arbitrary tcp dbus connections
CVE-2022-28654 2 Apport Project, Canonical 2 Apport, Ubuntu Linux 2024-11-21 5.5 Medium
is_closing_session() allows users to fill up apport.log
CVE-2022-28651 1 Jetbrains 1 Intellij Idea 2024-11-21 8.4 High
In JetBrains IntelliJ IDEA before 2021.3.3 it was possible to get passwords from protected fields
CVE-2022-28650 1 Jetbrains 1 Youtrack 2024-11-21 7.3 High
In JetBrains YouTrack before 2022.1.43700 it was possible to inject JavaScript into Markdown in the YouTrack Classic UI
CVE-2022-28649 1 Jetbrains 1 Youtrack 2024-11-21 4.6 Medium
In JetBrains YouTrack before 2022.1.43563 it was possible to include an iframe from a third-party domain in the issue description
CVE-2022-28648 1 Jetbrains 1 Youtrack 2024-11-21 5.7 Medium
In JetBrains YouTrack before 2022.1.43563 HTML code from the issue description was being rendered
CVE-2022-28636 1 Hpe 75 Apollo 2000 Gen10 Plus System, Apollo 4200 Gen10 Server, Apollo 4510 Gen10 System and 72 more 2024-11-21 7.4 High
A potential local arbitrary code execution and a local denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to potentially execute arbitrary code in an isolated process resulting in a complete loss of confidentiality, integrity, and availability within that process. In addition, an unprivileged user could exploit a denial of service (DoS) vulnerability in an isolated process resulting in a complete loss of availability within that process. A successful attack depends on conditions beyond the attackers control. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5).
CVE-2022-28635 1 Hpe 75 Apollo 2000 Gen10 Plus System, Apollo 4200 Gen10 Server, Apollo 4510 Gen10 System and 72 more 2024-11-21 7.4 High
A potential local arbitrary code execution and a local denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to potentially execute arbitrary code in an isolated process resulting in a complete loss of confidentiality, integrity, and availability within that process. In addition, an unprivileged user could exploit a denial of service (DoS) vulnerability in an isolated process resulting in a complete loss of availability within that process. A successful attack depends on conditions beyond the attackers control. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5).
CVE-2022-28634 1 Hpe 75 Apollo 2000 Gen10 Plus System, Apollo 4200 Gen10 Server, Apollo 4510 Gen10 System and 72 more 2024-11-21 6.7 Medium
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. A highly privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5).
CVE-2022-28633 1 Hpe 75 Apollo 2000 Gen10 Plus System, Apollo 4200 Gen10 Server, Apollo 4510 Gen10 System and 72 more 2024-11-21 7.3 High
A local disclosure of sensitive information and a local unauthorized data modification vulnerability were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to read and write to the iLO 5 firmware file system resulting in a complete loss of confidentiality and a partial loss of integrity and availability. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5).
CVE-2022-28632 1 Hpe 75 Apollo 2000 Gen10 Plus System, Apollo 4200 Gen10 Server, Apollo 4510 Gen10 System and 72 more 2024-11-21 8.8 High
A potential arbitrary code execution and a denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could exploit this vulnerability in an adjacent network to potentially execute arbitrary code in an isolated process resulting in a complete loss of confidentiality, integrity, and availability within that process. In addition, an unprivileged user could exploit a denial of service (DoS) vulnerability in an isolated process resulting in a complete loss of availability within that process. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5).
CVE-2022-28631 1 Hpe 75 Apollo 2000 Gen10 Plus System, Apollo 4200 Gen10 Server, Apollo 4510 Gen10 System and 72 more 2024-11-21 8.8 High
A potential arbitrary code execution and a denial of service (DoS) vulnerability within an isolated process were discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could exploit this vulnerability in an adjacent network to potentially execute arbitrary code in an isolated process resulting in a complete loss of confidentiality, integrity, and availability within that process. In addition, an unprivileged user could exploit a denial of service (DoS) vulnerability in an isolated process resulting in a complete loss of availability within that process. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5).
CVE-2022-28630 1 Hpe 75 Apollo 2000 Gen10 Plus System, Apollo 4200 Gen10 Server, Apollo 4510 Gen10 System and 72 more 2024-11-21 7.3 High
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality and integrity, and a partial loss of availability. User interaction is required to exploit this vulnerability. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5).
CVE-2022-28629 1 Hpe 75 Apollo 2000 Gen10 Plus System, Apollo 4200 Gen10 Server, Apollo 4510 Gen10 System and 72 more 2024-11-21 7.8 High
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. A low privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5).
CVE-2022-28628 1 Hpe 75 Apollo 2000 Gen10 Plus System, Apollo 4200 Gen10 Server, Apollo 4510 Gen10 System and 72 more 2024-11-21 8.4 High
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5).
CVE-2022-28627 1 Hpe 75 Apollo 2000 Gen10 Plus System, Apollo 4200 Gen10 Server, Apollo 4510 Gen10 System and 72 more 2024-11-21 8.4 High
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. An unprivileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5).
CVE-2022-28626 1 Hpe 75 Apollo 2000 Gen10 Plus System, Apollo 4200 Gen10 Server, Apollo 4510 Gen10 System and 72 more 2024-11-21 6.7 Medium
A local arbitrary code execution vulnerability was discovered in HPE Integrated Lights-Out 5 (iLO 5) firmware version(s): Prior to 2.71. A highly privileged user could locally exploit this vulnerability to execute arbitrary code resulting in a complete loss of confidentiality, integrity, and availability. HPE has provided a firmware update to resolve this vulnerability in HPE Integrated Lights-Out 5 (iLO 5).
CVE-2022-28625 1 Hp 1 Oneview 2024-11-21 5.5 Medium
A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose sensitive information resulting in a complete loss of confidentiality, integrity, and availability. To exploit this vulnerability, HPE OneView must be configured with credential access to external repositories. HPE has provided a software update to resolve this vulnerability in HPE OneView.