Total
1722 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-41039 | 1 Microsoft | 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more | 2024-08-03 | 8.1 High |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | ||||
| CVE-2022-41100 | 1 Microsoft | 18 Windows 10, Windows 10 1507, Windows 10 1607 and 15 more | 2024-08-03 | 7.8 High |
| Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | ||||
| CVE-2022-41044 | 1 Microsoft | 4 Windows 7, Windows Server 2008, Windows Server 2008 R2 and 1 more | 2024-08-03 | 8.1 High |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | ||||
| CVE-2022-41086 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2024-08-03 | 6.4 Medium |
| Windows Group Policy Elevation of Privilege Vulnerability | ||||
| CVE-2022-41035 | 1 Microsoft | 1 Edge Chromium | 2024-08-03 | 5.3 Medium |
| Microsoft Edge (Chromium-based) Spoofing Vulnerability | ||||
| CVE-2022-41045 | 1 Microsoft | 22 Windows 10, Windows 10 1507, Windows 10 1607 and 19 more | 2024-08-03 | 7.8 High |
| Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | ||||
| CVE-2022-40307 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-08-03 | 4.7 Medium |
| An issue was discovered in the Linux kernel through 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free. | ||||
| CVE-2022-39328 | 1 Grafana | 1 Grafana | 2024-08-03 | 9.8 Critical |
| Grafana is an open-source platform for monitoring and observability. Versions starting with 9.2.0 and less than 9.2.4 contain a race condition in the authentication middlewares logic which may allow an unauthenticated user to query an administration endpoint under heavy load. This issue is patched in 9.2.4. There are no known workarounds. | ||||
| CVE-2022-39188 | 3 Debian, Linux, Redhat | 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more | 2024-08-03 | 4.7 Medium |
| An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition (unmap_mapping_range versus munmap), a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VM_PFNMAP VMAs. | ||||
| CVE-2022-39134 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-08-03 | 4.7 Medium |
| In audio driver, there is a use after free due to a race condition. This could lead to local denial of service in kernel. | ||||
| CVE-2022-39006 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-08-03 | 5.9 Medium |
| The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to restart. | ||||
| CVE-2022-38047 | 1 Microsoft | 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more | 2024-08-03 | 8.1 High |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | ||||
| CVE-2022-38029 | 1 Microsoft | 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more | 2024-08-03 | 7 High |
| Windows ALPC Elevation of Privilege Vulnerability | ||||
| CVE-2022-38000 | 1 Microsoft | 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more | 2024-08-03 | 8.1 High |
| Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | ||||
| CVE-2022-38021 | 1 Microsoft | 13 Windows 10, Windows 10 1607, Windows 10 1809 and 10 more | 2024-08-03 | 7 High |
| Connected User Experiences and Telemetry Elevation of Privilege Vulnerability | ||||
| CVE-2022-38027 | 1 Microsoft | 19 Windows 10, Windows 10 1507, Windows 10 1607 and 16 more | 2024-08-03 | 7 High |
| Windows Storage Elevation of Privilege Vulnerability | ||||
| CVE-2022-37035 | 1 Frrouting | 1 Frrouting | 2024-08-03 | 8.1 High |
| An issue was discovered in bgpd in FRRouting (FRR) 8.3. In bgp_notify_send_with_data() and bgp_process_packet() in bgp_packet.c, there is a possible use-after-free due to a race condition. This could lead to Remote Code Execution or Information Disclosure by sending crafted BGP packets. User interaction is not needed for exploitation. | ||||
| CVE-2022-36318 | 2 Mozilla, Redhat | 6 Firefox, Firefox Esr, Thunderbird and 3 more | 2024-08-03 | 5.3 Medium |
| When visiting directory listings for `chrome://` URLs as source text, some parameters were reflected. This vulnerability affects Firefox ESR < 102.1, Firefox ESR < 91.12, Firefox < 103, Thunderbird < 102.1, and Thunderbird < 91.12. | ||||
| CVE-2022-35796 | 1 Microsoft | 1 Edge Chromium | 2024-08-03 | 7.5 High |
| Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability | ||||
| CVE-2022-34892 | 1 Parallels | 1 Parallels Desktop | 2024-08-03 | 7.8 High |
| This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop Parallels Desktop 17.1.1. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the update machanism. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root. Was ZDI-CAN-16396. | ||||