CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability.
20007_office_system, 27mhz_wireless_keyboard, 365_apps, 3d_builder, 3d_viewer, Access, Accessibility_insights_for_android, Accessibility_insights_for_web, Access_multilingual_user_interface_pack, Active_directory
2022-02-01
N/A
4.3 MEDIUM
Microsoft Edge for Android Spoofing Vulnerability.
Windows Hyper-V Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22008, CVE-2022-22009, CVE-2022-24537.
Azure Data Explorer Spoofing Vulnerability.
Microsoft OneDrive for Android Security Feature Bypass Vulnerability.
Microsoft Power BI Information Disclosure Vulnerability.
Point-to-Point Tunneling Protocol Denial of Service Vulnerability.
20007_office_system, 27mhz_wireless_keyboard, 365_apps, 3d_builder, 3d_viewer, Access, Accessibility_insights_for_android, Accessibility_insights_for_web, Access_multilingual_user_interface_pack, Active_directory
2022-02-15
N/A
5.5 MEDIUM
Microsoft Office Information Disclosure Vulnerability.
The Invitation Based Registrations WordPress plugin through 2.2.84 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed (for example in multisite setup)
TeamViewer Linux versions before 15.28 do not properly execute a deletion command for the connection password in case of a process crash. Knowledge of the crash event and the TeamViewer ID as well as either possession of the pre-crash connection password or local authenticated access to the machine would have allowed to establish a remote connection by reusing the not properly deleted connection password.
