Search Results (363401 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-28893 4 Debian, Linux, Netapp and 1 more 25 Debian Linux, Linux Kernel, H300e and 22 more 2024-11-21 7.8 High
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
CVE-2022-28892 1 Mahara 1 Mahara 2024-11-21 8.8 High
Mahara before 20.10.5, 21.04.4, 21.10.2, and 22.04.0 is vulnerable to Cross Site Request Forgery (CSRF) because randomly generated tokens are too easily guessable.
CVE-2022-28890 1 Apache 1 Jena 2024-11-21 9.8 Critical
A vulnerability in the RDF/XML parser of Apache Jena allows an attacker to cause an external DTD to be retrieved. This issue affects Apache Jena version 4.4.0 and prior versions. Apache Jena 4.2.x and 4.3.x do not allow external entities.
CVE-2022-28889 1 Apache 1 Druid 2024-11-21 4.3 Medium
In Apache Druid 0.22.1 and earlier, the server did not set appropriate headers to prevent clickjacking. Druid 0.23.0 and later prevent clickjacking using the Content-Security-Policy header.
CVE-2022-28885 1 F-secure 2 Atlant, Linux Security 2024-11-21 4.3 Medium
A Denial-of-Service (DoS) vulnerability was discovered in the fsicapd component used in WithSecure products whereby the service may crash while parsing the scanning request.
CVE-2022-28884 2 F-secure, Withsecure 4 Internet Gatekeeper, Linux Security, Business Suite and 1 more 2024-11-21 4.3 Medium
A Denial-of-Service vulnerability was discovered in the F-Secure and WithSecure products where aerdl.dll may go into an infinite loop when unpacking PE files. It is possible that this can crash the scanning engine.
CVE-2022-28883 3 Apple, F-secure, Microsoft 9 Macos, Atlant, Cloud Protection For Salesforce and 6 more 2024-11-21 3.5 Low
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aerdl unpack function crashes. This can lead to a possible scanning engine crash. The exploit can be triggered remotely by an attacker.
CVE-2022-28882 3 Apple, F-secure, Microsoft 9 Macos, Atlant, Cloud Protection For Salesforce and 6 more 2024-11-21 4.3 Medium
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure & WithSecure products whereby the aegen.dll will go into an infinite loop when unpacking PE files. This eventually leads to scanning engine crash. The exploit can be triggered remotely by an attacker.
CVE-2022-28881 3 Apple, F-secure, Microsoft 10 Macos, Atlant, Cloud Protection For Salesforce and 7 more 2024-11-21 4.3 Medium
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the aerdl.dll component used in certain WithSecure products unpacker function crashes which leads to scanning engine crash. The exploit can be triggered remotely by an attacker.
CVE-2022-28879 2 Apple, F-secure 8 Macos, Atlant, Cloud Protection For Salesforce and 5 more 2024-11-21 4.3 Medium
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aepack.dll component can crash the scanning engine.
CVE-2022-28878 3 Apple, F-secure, Microsoft 9 Macos, Atlant, Cloud Protection For Salesforce and 6 more 2024-11-21 4.3 Medium
A Denial-of-Service vulnerability was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed APK file it is possible that can crash the scanning engine.
CVE-2022-28877 2 F-secure, Microsoft 2 Elements Endpoint Protection, Windows 2024-11-21 4.3 Medium
This vulnerability allows local user to delete arbitrary file in the system and bypassing security protection which can be abused for local privilege escalation on affected F-Secure & WithSecure windows endpoint products. An attacker must have code execution rights on the victim machine prior to successful exploitation.
CVE-2022-28876 3 Apple, F-secure, Microsoft 8 Macos, Atlant, Cloud Protection For Salesforce and 5 more 2024-11-21 4.3 Medium
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aeheur.dll component can crash the scanning engine. The exploit can be triggered remotely by an attacker.
CVE-2022-28875 3 Apple, F-secure, Microsoft 9 Macos, Atlant, Cloud Protection For Salesforce and 6 more 2024-11-21 4.3 Medium
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aemobile component can crash the scanning engine. The exploit can be triggered remotely by an attacker.
CVE-2022-28874 4 Apple, F-secure, Microsoft and 1 more 7 Macos, Atlant, Elements Endpoint Protection and 4 more 2024-11-21 4.3 Medium
Multiple Denial-of-Service vulnerabilities was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files cause memory corruption and heap buffer overflow which eventually can crash the scanning engine. The exploit can be triggered remotely by an attacker.
CVE-2022-28873 1 F-secure 1 Safe 2024-11-21 4.3 Medium
A vulnerability affecting F-Secure SAFE browser was discovered. An attacker can potentially exploit Javascript window.open functionality in SAFE Browser which could lead address bar spoofing attacks.
CVE-2022-28872 1 F-secure 1 Safe 2024-11-21 4.3 Medium
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails in a loop.
CVE-2022-28871 3 Apple, F-secure, Microsoft 4 Mac Os X, Macos, Atlant and 1 more 2024-11-21 4.3 Medium
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the fsicapd component used in certain F-Secure products while scanning larger packages/fuzzed files consume too much memory eventually can crash the scanning engine. The exploit can be triggered remotely by an attacker.
CVE-2022-28870 1 F-secure 1 Safe 2024-11-21 4.3 Medium
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the address bar was not correct if navigation fails.
CVE-2022-28869 1 F-secure 1 Safe 2024-11-21 4.3 Medium
A vulnerability affecting F-Secure SAFE browser was discovered. A maliciously crafted website could make a phishing attack with address bar spoofing as the browser did not show full URL, such as port number.