Filtered by NVD-CWE-noinfo
Total 35577 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-34082 1 Getgrav 1 Grav 2025-01-02 8.5 High
Grav is a file-based Web platform. Prior to version 1.7.46, a low privilege user account with page edit privilege can read any server files using Twig Syntax. This includes Grav user account files - `/grav/user/accounts/*.yaml`. This file stores hashed user password, 2FA secret, and the password reset token. This can allow an adversary to compromise any registered account and read any file in the web server by resetting a password for a user to get access to the password reset token from the file or by cracking the hashed password. A low privileged user may also perform a full account takeover of other registered users including Administrators. Version 1.7.46 contains a patch.
CVE-2024-32645 1 Vyperlang 1 Vyper 2025-01-02 5.3 Medium
Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, incorrect values can be logged when `raw_log` builtin is called with memory or storage arguments to be used as topics. A contract search was performed and no vulnerable contracts were found in production. The `build_IR` function of the `RawLog` class fails to properly unwrap the variables provided as topics. Consequently, incorrect values are logged as topics. As of time of publication, no fixed version is available.
CVE-2022-41083 1 Microsoft 1 Jupyter 2025-01-02 7.8 High
Visual Studio Code Elevation of Privilege Vulnerability
CVE-2022-41081 1 Microsoft 21 Windows 10, Windows 10 1507, Windows 10 1607 and 18 more 2025-01-02 8.1 High
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVE-2022-41064 1 Microsoft 13 .net, .net Framework, Nuget and 10 more 2025-01-02 5.8 Medium
.NET Framework Information Disclosure Vulnerability
CVE-2022-41043 1 Microsoft 2 Office, Office Long Term Servicing Channel 2025-01-02 3.3 Low
Microsoft Office Information Disclosure Vulnerability
CVE-2022-41042 1 Microsoft 1 Visual Studio Code 2025-01-02 7.4 High
Visual Studio Code Information Disclosure Vulnerability
CVE-2022-41038 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2025-01-02 8.8 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-41037 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2025-01-02 8.8 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-41036 1 Microsoft 2 Sharepoint Foundation, Sharepoint Server 2025-01-02 8.8 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-41034 1 Microsoft 1 Visual Studio Code 2025-01-02 7.8 High
Visual Studio Code Remote Code Execution Vulnerability
CVE-2022-41031 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2025-01-02 7.8 High
Microsoft Word Remote Code Execution Vulnerability
CVE-2022-38053 1 Microsoft 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server 2025-01-02 8.8 High
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2022-38051 1 Microsoft 10 Windows 10, Windows 11, Windows 7 and 7 more 2025-01-02 7.8 High
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2022-38050 1 Microsoft 4 Windows 10, Windows 11, Windows Server 2019 and 1 more 2025-01-02 7.8 High
Win32k Elevation of Privilege Vulnerability
CVE-2022-38049 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2025-01-02 7.8 High
Microsoft Office Graphics Remote Code Execution Vulnerability
CVE-2022-38048 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2025-01-02 7.8 High
Microsoft Office Remote Code Execution Vulnerability
CVE-2022-38046 1 Microsoft 4 Windows 10, Windows 11, Windows Server 2019 and 1 more 2025-01-02 7.5 High
Web Account Manager Information Disclosure Vulnerability
CVE-2022-38045 1 Microsoft 17 Windows 10, Windows 10 1507, Windows 10 1607 and 14 more 2025-01-02 8.8 High
Windows Server Service Elevation of Privilege Vulnerability
CVE-2022-38043 1 Microsoft 20 Windows 10, Windows 10 1507, Windows 10 1607 and 17 more 2025-01-02 5.5 Medium
Windows Security Support Provider Interface Information Disclosure Vulnerability