Search Results (363304 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-27545 1 Hcltech 1 Bigfix Platform 2024-11-21 4.6 Medium
BigFix Web Reports authorized users may perform HTML injection for the email administrative configuration page.
CVE-2022-27544 1 Hcltech 1 Bigfix Platform 2024-11-21 5 Medium
BigFix Web Reports authorized users may see SMTP credentials in clear text.
CVE-2022-27536 2 Apple, Golang 2 Macos, Go 2024-11-21 7.5 High
Certificate.Verify in crypto/x509 in Go 1.18.x before 1.18.1 can be caused to panic on macOS when presented with certain malformed certificates. This allows a remote TLS server to cause a TLS client to panic.
CVE-2022-27535 2 Kaspersky, Microsoft 2 Vpn Secure Connection, Windows 2024-11-21 7.8 High
Kaspersky VPN Secure Connection for Windows version up to 21.5 was vulnerable to arbitrary file deletion via abuse of its 'Delete All Service Data And Reports' feature by the local authenticated attacker.
CVE-2022-27534 1 Kaspersky 6 Anti-virus, Endpoint Security, Internet Security and 3 more 2024-11-21 9.8 Critical
Kaspersky Anti-Virus products for home and Kaspersky Endpoint Security with antivirus databases released before 12 March 2022 had a bug in a data parsing module that potentially allowed an attacker to execute arbitrary code. The fix was delivered automatically. Credits: Georgy Zaytsev (Positive Technologies).
CVE-2022-27532 1 Autodesk 1 3ds Max 2024-11-21 7.8 High
A maliciously crafted TIF file in Autodesk 3ds Max 2022 and 2021 can be used to write beyond the allocated buffer while parsing TIF files. This vulnerability in conjunction with other vulnerabilities could lead to arbitrary code execution.
CVE-2022-27531 1 Autodesk 1 3ds Max 2024-11-21 7.8 High
A maliciously crafted TIF file can be forced to read beyond allocated boundaries in Autodesk 3ds Max 2022, and 2021 when parsing the TIF files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
CVE-2022-27530 1 Autodesk 10 Advance Steel, Autocad, Autocad Architecture and 7 more 2024-11-21 7.8 High
A maliciously crafted TIF or PICT file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to write beyond the allocated buffer through Buffer overflow vulnerability. This vulnerability may be exploited to execute arbitrary code.
CVE-2022-27529 1 Autodesk 10 Advance Steel, Autocad, Autocad Architecture and 7 more 2024-11-21 7.8 High
A maliciously crafted PICT, BMP, PSD or TIF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 may be used to write beyond the allocated buffer while parsing PICT, BMP, PSD or TIF file. This vulnerability may be exploited to execute arbitrary code.
CVE-2022-27528 1 Autodesk 1 Navisworks 2024-11-21 7.8 High
A maliciously crafted DWFX and SKP files in Autodesk Navisworks 2022 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution.
CVE-2022-27527 1 Autodesk 1 Navisworks 2024-11-21 7.8 High
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files. It was fixed in PDFTron earlier than 9.0.7 version in Autodesk Navisworks 2022, and 2020.
CVE-2022-27526 1 Autodesk 1 Design Review 2024-11-21 7.8 High
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
CVE-2022-27525 1 Autodesk 1 Design Review 2024-11-21 7.8 High
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
CVE-2022-27524 1 Autodesk 1 Dwg Trueview 2024-11-21 7.1 High
An out-of-bounds read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
CVE-2022-27523 1 Autodesk 1 Dwg Trueview 2024-11-21 7.1 High
A buffer over-read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
CVE-2022-27512 1 Citrix 1 Application Delivery Management 2024-11-21 5.3 Medium
Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM.
CVE-2022-27511 1 Citrix 1 Application Delivery Management 2024-11-21 8.1 High
Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted.
CVE-2022-27509 1 Citrix 3 Application Delivery Controller, Application Delivery Controller Firmware, Gateway 2024-11-21 6.1 Medium
Unauthenticated redirection to a malicious website
CVE-2022-27506 1 Citrix 26 Sd-wan 1000, Sd-wan 1000 Firmware, Sd-wan 110 and 23 more 2024-11-21 2.7 Low
Hard-coded credentials allow administrators to access the shell via the SD-WAN CLI
CVE-2022-27505 1 Citrix 24 Sd-wan 1000, Sd-wan 1000 Firmware, Sd-wan 110 and 21 more 2024-11-21 6.1 Medium
Reflected cross site scripting (XSS)