Windows Server 2022, 23h2 Edition (server Core Installation) Security Vulnerabilities

CVE-2024-30931

Stored Cross Site Scripting vulnerability in Emby Media Server Emby Media Server 4.8.3.0 allows a remote attacker to escalate privileges via the notifications.html...

CVE-2024-35527

An arbitrary file upload vulnerability in /fileupload/upload.cfm in Daemon PTY Limited FarCry Core framework before 7.2.14 allows attackers to execute arbitrary code via uploading a crafted .cfm...

CVE-2024-30931

Stored Cross Site Scripting vulnerability in Emby Media Server Emby Media Server 4.8.3.0 allows a remote attacker to escalate privileges via the notifications.html...

CVE-2024-35527

An arbitrary file upload vulnerability in /fileupload/upload.cfm in Daemon PTY Limited FarCry Core framework before 7.2.14 allows attackers to execute arbitrary code via uploading a crafted .cfm...

CVE-2024-5016

In WhatsUp Gold versions released before 2023.1.3, Distributed Edition installations can be exploited by using a deserialization tool to achieve a Remote Code Execution as SYSTEM. The vulnerability exists in the main message processing routines NmDistributed.DistributedServiceBehavior.OnMessage...

CVE-2024-5016

In WhatsUp Gold versions released before 2023.1.3, Distributed Edition installations can be exploited by using a deserialization tool to achieve a Remote Code Execution as SYSTEM. The vulnerability exists in the main message processing routines NmDistributed.DistributedServiceBehavior.OnMessage...

CVE-2024-5013

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Denial of Service vulnerability was identified. An unauthenticated attacker can put the application into the SetAdminPassword installation step, which renders the application...

CVE-2024-5013

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Denial of Service vulnerability was identified. An unauthenticated attacker can put the application into the SetAdminPassword installation step, which renders the application...

CVE-2024-5014

In WhatsUp Gold versions released before 2023.1.3, a Server Side Request Forgery vulnerability exists in the GetASPReport feature. This allows any authenticated user to retrieve ASP reports from an HTML...

CVE-2024-5014

In WhatsUp Gold versions released before 2023.1.3, a Server Side Request Forgery vulnerability exists in the GetASPReport feature. This allows any authenticated user to retrieve ASP reports from an HTML...

CVE-2024-35526

An issue in Daemon PTY Limited FarCry Core framework before 7.2.14 allows attackers to access sensitive information in the /facade...

CVE-2024-35526

An issue in Daemon PTY Limited FarCry Core framework before 7.2.14 allows attackers to access sensitive information in the /facade...

CVE-2022-3857 affecting package syslinux 6.04-10

CVE-2022-3857 affecting package syslinux 6.04-10. No patch is available...

CVE-2022-3162 affecting package keda 2.4.0-19

CVE-2022-3162 affecting package keda 2.4.0-19. No patch is available...

CVE-2022-31321 affecting package bolt 0.9.2-2

CVE-2022-31321 affecting package bolt 0.9.2-2. This CVE either no longer is or was never...

CVE-2022-41725 affecting package msft-golang for versions less than 1.19.6-1

CVE-2022-41725 affecting package msft-golang for versions less than 1.19.6-1. A patched version of the package is...

CVE-2022-45639 affecting package sleuthkit 4.9.0-4

CVE-2022-45639 affecting package sleuthkit 4.9.0-4. No patch is available...

CVE-2022-47021 affecting package opusfile 0.12-2

CVE-2022-47021 affecting package opusfile 0.12-2. No patch is available...

CVE-2022-4123 affecting package podman 4.1.1-20

CVE-2022-4123 affecting package podman 4.1.1-20. No patch is available...

CVE-2022-4055 affecting package xdg-utils 1.1.3-7

CVE-2022-4055 affecting package xdg-utils 1.1.3-7. No patch is available...

CVE-2022-42969 affecting package python-py 1.10.0-3

CVE-2022-42969 affecting package python-py 1.10.0-3. No patch is available...

CVE-2022-2929 affecting package dhcp 4.4.3-3

CVE-2022-2929 affecting package dhcp 4.4.3-3. This CVE either no longer is or was never...

CVE-2022-31629 affecting package php 7.4.14-3

CVE-2022-31629 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2022-38752 affecting package snakeyaml 1.25-2

CVE-2022-38752 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...

CVE-2022-36069 affecting package poetry 1.0.10-2

CVE-2022-36069 affecting package poetry 1.0.10-2. No patch is available...

CVE-2022-1615 affecting package samba 4.12.5-6

CVE-2022-1615 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-25857 affecting package snakeyaml 1.25-2

CVE-2022-25857 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...

CVE-2022-36033 affecting package jsoup 1.11.3-3

CVE-2022-36033 affecting package jsoup 1.11.3-3. No patch is available...

CVE-2022-3294 affecting package k3s 1.24.12-2

CVE-2022-3294 affecting package k3s 1.24.12-2. This CVE either no longer is or was never...

CVE-2022-3162 affecting package rook 1.6.2-19

CVE-2022-3162 affecting package rook 1.6.2-19. No patch is available...

CVE-2022-3162 affecting package kube-vip-cloud-provider 0.0.2-16

CVE-2022-3162 affecting package kube-vip-cloud-provider 0.0.2-16. No patch is available...

CVE-2022-1941 affecting package grpc 1.42.0-7

CVE-2022-1941 affecting package grpc 1.42.0-7. This CVE either no longer is or was never...

CVE-2022-40898 affecting package python-wheel 0.33.6-7

CVE-2022-40898 affecting package python-wheel 0.33.6-7. No patch is available...

CVE-2022-3114 affecting package kernel 5.15.158.2-1

CVE-2022-3114 affecting package kernel 5.15.158.2-1. No patch is available...

CVE-2022-45885 affecting package kernel 5.15.158.2-1

CVE-2022-45885 affecting package kernel 5.15.158.2-1. No patch is available...

CVE-2022-41854 affecting package snakeyaml 1.25-2

CVE-2022-41854 affecting package snakeyaml 1.25-2. This CVE either no longer is or was never...

CVE-2022-2928 affecting package dhcp 4.4.3-3

CVE-2022-2928 affecting package dhcp 4.4.3-3. This CVE either no longer is or was never...

CVE-2022-31628 affecting package php 7.4.14-3

CVE-2022-31628 affecting package php 7.4.14-3. This CVE either no longer is or was never...

CVE-2022-40133 affecting package kernel 5.15.158.2-1

CVE-2022-40133 affecting package kernel 5.15.158.2-1. No patch is available...

CVE-2022-32743 affecting package samba 4.12.5-6

CVE-2022-32743 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-2961 affecting package kernel 5.15.158.2-1

CVE-2022-2961 affecting package kernel 5.15.158.2-1. No patch is available...

CVE-2022-0336 affecting package samba 4.12.5-6

CVE-2022-0336 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-32744 affecting package samba 4.12.5-6

CVE-2022-32744 affecting package samba 4.12.5-6. No patch is available...

CVE-2022-28506 affecting package giflib 5.2.1-6

CVE-2022-28506 affecting package giflib 5.2.1-6. No patch is available...

CVE-2022-34176 affecting package junit 4.13-5

CVE-2022-34176 affecting package junit 4.13-5. No patch is available...

CVE-2022-25345 affecting package opus 1.3.1-4

CVE-2022-25345 affecting package opus 1.3.1-4. No patch is available...

CVE-2022-28506 affecting package giflib 5.2.1-5

CVE-2022-28506 affecting package giflib 5.2.1-5. This CVE either no longer is or was never...

CVE-2022-0529 affecting package unzip 6.0-20

CVE-2022-0529 affecting package unzip 6.0-20. No patch is available...

CVE-2022-29526 affecting package golang for versions less than 1.21.6-1

CVE-2022-29526 affecting package golang for versions less than 1.21.6-1. A patched version of the package is...

CVE-2022-29526 affecting package prometheus for versions less than 2.37.0-1

CVE-2022-29526 affecting package prometheus for versions less than 2.37.0-1. A patched version of the package is...