The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2022-34093 | Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via access_token.php. | MEDIUM | Jul 15, 2022 |
| CVE-2022-34092 | Portal do Software Publico Brasileiro i3geo v7.0.5 was discovered to contain a cross-site scripting (XSS) vulnerability via svg2img.php. | MEDIUM | Jul 15, 2022 |
| CVE-2022-33911 | An issue was discovered in Couchbase Server 7.x before 7.0.4. Field names are not redacted in logged validation messages for Analytics Service. An Unauthorized Actor may be able to obtain Sensitive Information. | MEDIUM | Jul 12, 2022 |
| CVE-2022-33736 | A vulnerability has been identified in Opcenter Quality V13.1 (All versions < V13.1.20220624), Opcenter Quality V13.2 (All versions < V13.2.20220624). The affected applications do not properly validate login information during authentication. This could lead to denial of service condition for existing users or allow unauthenticated remote attackers to successfully login without credentials. | MEDIUM | Jul 12, 2022 |
| CVE-2022-33713 | Implicit Intent hijacking vulnerability in Samsung Cloud prior to version 5.2.0 allows attacker to get sensitive information. | MEDIUM | Jul 12, 2022 |
| CVE-2022-33712 | Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3.23, 12.0.0.98, 12.0.6.11, 12.0.3.19 in Android S(12) allows attacker to get sensitive information. | MEDIUM | Jul 12, 2022 |
| CVE-2022-33707 | Improper identifier creation logic in Find My Mobile prior to version 7.2.24.12 allows attacker to identify the device. | MEDIUM | Jul 16, 2022 |
| CVE-2022-33704 | Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities. | MEDIUM | Jul 16, 2022 |
| CVE-2022-33703 | Improper validation vulnerability in CACertificateInfo prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities. | MEDIUM | Jul 16, 2022 |
| CVE-2022-33695 | Use of improper permission in InputManagerService prior to SMR Jul-2022 Release 1 allows unauthorized access to the service. | MEDIUM | Jul 15, 2022 |
| CVE-2022-33678 | Azure Site Recovery Remote Code Execution Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33677 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33676 | Azure Site Recovery Remote Code Execution Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33675 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33674 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33673 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33672 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33671 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33669 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33668 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33667 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33666 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33665 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33664 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33663 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33662 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33661 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33660 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33659 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33658 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33657 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33656 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33655 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33654 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33653 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33652 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33651 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33650 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33644 | Xbox Live Save Service Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33643 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33642 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33641 | Azure Site Recovery Elevation of Privilege Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33637 | Microsoft Defender for Endpoint Tampering Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33633 | Skype for Business and Lync Remote Code Execution Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33632 | Microsoft Office Security Feature Bypass Vulnerability | MEDIUM | Jul 13, 2022 |
| CVE-2022-33173 | An algorithm-downgrade issue was discovered in Couchbase Server before 7.0.4. Analytics Remote Links may temporarily downgrade to non-TLS connection to determine the TLS port number, using SCRAM-SHA instead. | MEDIUM | Jul 12, 2022 |
| CVE-2022-33157 | The libconnect extension before 7.0.8 and 8.x before 8.1.0 for TYPO3 allows XSS. | MEDIUM | Jul 13, 2022 |
| CVE-2022-33156 | The matomo_integration (aka Matomo Integration) extension before 1.3.2 for TYPO3 allows XSS. | MEDIUM | Jul 13, 2022 |
| CVE-2022-33138 | A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). Affected devices do not perform authentication for several web API endpoints. This could allow an unauthenticated remote attacker to read and download data from the device. | MEDIUM | Jul 15, 2022 |
| CVE-2022-33137 | A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). The web session management of affected devices does not invalidate session ids in certain logout scenarios. This could allow an authenticated remote attacker to hijack other users\' sessions. | MEDIUM | Jul 15, 2022 |
