A local privilege escalation vulnerability in UI Desktop for Windows (Version 0.55.1.2 and earlier) allows a malicious actor with local access to a Windows device with UI Desktop to run arbitrary commands as SYSTEM.
NVD-CWE-noinfo
CVE-2022-35283
IBM Security Verify Information Queue 10.0.2 could allow an authenticated user to cause a denial of service with a specially crafted HTTP request.
CVE-2022-35290
Under certain conditions SAP Authenticator for Android allows an attacker to access information which would otherwise be restricted.
CVE-2022-35195
TestLink 1.9.20 Raijin was discovered to contain a broken access control vulnerability at /lib/attachments/attachmentdownload.php
CVE-2022-35201
Tenda-AC18 V15.03.05.05 was discovered to contain a remote command execution (RCE) vulnerability.
CVE-2022-35228
SAP BusinessObjects CMC allows an unauthenticated attacker to retrieve token information over the network which would otherwise be restricted. This can be achieved only when a legitimate user accesses the application and a local compromise occurs, like sniffing or social engineering. On successful exploitation, the attacker can completely compromise the application.