• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors
Home » CVE’s

CVE’s


CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
CVE-2022-21825
2022-02-15
N/A
7.8 HIGH
An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111 with App Protection installed that can allow an attacker to perform local privilege escalation.
CVE-2022-21824
2022-11-10
N/A
8.2 HIGH
Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passed to the "properties" parameter while simultaneously passing a plain object with at least one property as the first parameter, which could be "__proto__". The prototype pollution has very limited control, in that it only allows an empty string to be assigned to numerical keys of the object prototype.Node.js >= 12.22.9, >= 14.18.3, >= 16.13.2, and >= 17.3.1 use a null protoype for the object these properties are being assigned to.
CVE-2022-21823
2022-01-14
N/A
5.5 MEDIUM
A insecure storage of sensitive information vulnerability exists in Ivanti Workspace Control <2021.2 (10.7.30.0) that could allow an attacker with locally authenticated low privileges to obtain key information due to an unspecified attack vector.
CVE-2022-21822
2022-06-15
N/A
7.5 HIGH
NVIDIA FLARE contains a vulnerability in the admin interface, where an un-authorized attacker can cause Allocation of Resources Without Limits or Throttling, which may lead to cause system unavailable.
CVE-2022-21821
2022-04-08
N/A
7.8 HIGH
NVIDIA CUDA Toolkit SDK contains an integer overflow vulnerability in cuobjdump.To exploit this vulnerability, a remote attacker would require a local user to download a specially crafted, corrupted file and locally execute cuobjdump against the file. Such an attack may lead to remote code execution that causes complete denial of service and an impact on data confidentiality and integrity.
CVE-2022-21820
Linux, Linux Kernel
Acrn, Audit, Dhcp6c, Direct_connect, Infiniband_hfi1_driver, Ipsec_tools_racoon_daemon, Kernel, Layer_2_tunneling_protocol, Linux_kernel, Linux_kernel_i40e/i40evf
2022-10-19
N/A
6.3 MEDIUM
NVIDIA DCGM contains a vulnerability in nvhostengine, where a network user can cause detection of error conditions without action, which may lead to limited code execution, some denial of service, escalation of privileges, and limited impacts to both data confidentiality and integrity.
CVE-2022-2182
2022-08-26
N/A
7.8 HIGH
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-21819
2022-03-22
N/A
7.6 HIGH
NVIDIA distributions of Jetson Linux contain a vulnerability where an error in the IOMMU configuration may allow an unprivileged attacker with physical access to the board direct read/write access to the entire system address space through the PCI bus. Such an attack could result in denial of service, code execution, escalation of privileges, and impact to data integrity and confidentiality. The scope impact may extend to other components.
CVE-2022-21818
2022-02-23
N/A
5.4 MEDIUM
NVIDIA License System contains a vulnerability in the installation scripts for the DLS virtual appliance, where a user on a network after signing in to the portal can access other users’ credentials, allowing them to gain escalated privileges, resulting in limited impact to both confidentiality and integrity.
CVE-2022-21817
Linux, Linux Kernel
Acrn, Audit, Dhcp6c, Direct_connect, Infiniband_hfi1_driver, Ipsec_tools_racoon_daemon, Kernel, Layer_2_tunneling_protocol, Linux_kernel, Linux_kernel_i40e/i40evf
2022-02-07
N/A
9.3 CRITICAL
NVIDIA Omniverse Launcher contains a Cross-Origin Resource Sharing (CORS) vulnerability which can allow an unprivileged remote attacker, if they can get user to browse malicious site, to acquire access tokens allowing them to access resources in other security domains, which may lead to code execution, escalation of privileges, and impact to confidentiality and integrity.
« Previous 1 … 10,730 10,731 10,732 10,733 10,734 … 11,258 Next »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE