Follow Security Vulnerabilities
in your software stack

It's easy to miss out on a security vulnerability announcements, and hard to filter through all the noise.

Use StackWatch to create a software stack (a list of software you use), then get a weekly email with security vulnerabilities that have been published for software within your stack.

Just click a Watch button to get started.

subscriber

Most Vulnerabilities most CVEs per product since 2018


Debian Linux 4344 vulnerabilities
OS

Canonical Ubuntu Linux 3158 vulnerabilities
Linux Operating System

Fedora Project Fedora 2799 vulnerabilities

Google Android 2441 vulnerabilities
Mobile operating system

Microsoft Windows 10 2264 vulnerabilities

Microsoft Windows Server 2016 2251 vulnerabilities

Microsoft Windows Server 2019 1984 vulnerabilities

Microsoft Windows Server 2012 1472 vulnerabilities

Microsoft Windows 8.1 1400 vulnerabilities

Google Chrome 1324 vulnerabilities
Web browser

Microsoft Windows Rt 8 1 1307 vulnerabilities

Microsoft Windows Server 2008 1297 vulnerabilities

Microsoft Windows 7 1276 vulnerabilities

Apple iOS 1199 vulnerabilities
The iOS Operating System used by iPhones.

Linux Kernel 1167 vulnerabilities

Red Hat Enterprise Linux Server 1063 vulnerabilities
RedHat Enterprise Linux (RHEL) Server. Includes software bundeled with RHEL server.

OpenSuse Leap 1062 vulnerabilities

Red Hat Enterprise Linux Workstation 1044 vulnerabilities
RedHat Enterprise Linux (RHEL) Workstation. Includes software bundled with RHEL Workstation.

Red Hat Enterprise Linux Desktop 1029 vulnerabilities
RedHat Enterprise Linux (RHEL) Desktop. Includes software bundled with RHEL desktop

Apple Mac OSX 1023 vulnerabilities
Macintosh Operating System

See More

Popular Vendors

Adobe Microsoft Apache NGINX Google Apple Linux PHP OpenSSL Ruby on Rails PostgreSQL jQuery nodejs MongoDB Docker Jenkins HashiCorp Ruby Programming Language Laravel Elastic Zoom NVIDIA

See More

Popular Products

Internet Information Server (IIS) Tomcat Java Runtime Environment (JRE) Chrome Firefox iOS MySQL Safari SQL Server Windows Server 2019 Kubernetes React Watch OS Photoshop CC Redis Caddy Web Server GitLab Go

See More

Recent Vulnerabilities

Temporary disruption of the ADM license service

CVE-2022-27512 5.3 - Medium - June 16, 2022

Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM.

CVE-2022-27512 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a small impact on availability.

Dangling pointer

Corruption of the system by a remote, unauthenticated user

CVE-2022-27511 8.1 - High - June 16, 2022

Corruption of the system by a remote, unauthenticated user. The impact of this can include the reset of the administrator password at the next device reboot, allowing an attacker with ssh access to connect with the default administrator credentials after the device has rebooted.

CVE-2022-27511 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. It has an exploitability score of 2.2 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

AuthZ

Windows Media Center Elevation of Privilege Vulnerability.

CVE-2022-30135 7.8 - High - June 15, 2022

Windows Media Center Elevation of Privilege Vulnerability.

CVE-2022-30135 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Network Address Translation (NAT) Denial of Service Vulnerability.

CVE-2022-30152 7.5 - High - June 15, 2022

Windows Network Address Translation (NAT) Denial of Service Vulnerability.

CVE-2022-30152 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Resource Exhaustion

Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability.

CVE-2022-30160 7.8 - High - June 15, 2022

Windows Advanced Local Procedure Call Elevation of Privilege Vulnerability.

CVE-2022-30160 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Microsoft Office Remote Code Execution Vulnerability.

CVE-2022-30174 7.8 - High - June 15, 2022

Microsoft Office Remote Code Execution Vulnerability.

CVE-2022-30174 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Microsoft Office Information Disclosure Vulnerability

CVE-2022-30172 5.5 - Medium - June 15, 2022

Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30171.

CVE-2022-30172 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Kernel Denial of Service Vulnerability.

CVE-2022-30155 5.5 - Medium - June 15, 2022

Windows Kernel Denial of Service Vulnerability.

CVE-2022-30155 can be exploited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality and integrity, and a high impact on availability.

Resource Exhaustion

Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability.

CVE-2022-30150 8.1 - High - June 15, 2022

Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability.

CVE-2022-30150 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. It has an exploitability score of 2.2 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Improper Privilege Management

HEVC Video Extensions Remote Code Execution Vulnerability

CVE-2022-29119 7.8 - High - June 15, 2022

HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29111, CVE-2022-30188.

CVE-2022-29119 can be exploited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Microsoft Photos App Remote Code Execution Vulnerability.

CVE-2022-30168 7.8 - High - June 15, 2022

Microsoft Photos App Remote Code Execution Vulnerability.

CVE-2022-30168 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Encrypting File System (EFS) Remote Code Execution Vulnerability.

CVE-2022-30145 8.1 - High - June 15, 2022

Windows Encrypting File System (EFS) Remote Code Execution Vulnerability.

CVE-2022-30145 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. It has an exploitability score of 2.2 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Code Injection

Kerberos AppContainer Security Feature Bypass Vulnerability.

CVE-2022-30164 7.8 - High - June 15, 2022

Kerberos AppContainer Security Feature Bypass Vulnerability.

CVE-2022-30164 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

AuthZ

Microsoft Office Information Disclosure Vulnerability

CVE-2022-30159 5.5 - Medium - June 15, 2022

Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30171, CVE-2022-30172.

CVE-2022-30159 can be exploited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability.

CVE-2022-22021 8.3 - High - June 15, 2022

Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability.

CVE-2022-22021 can be exploited with network access, requires user interaction. This vulnerability is consided to have a high level of attack complexity. It has an exploitability score of 1.6 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Microsoft Excel Remote Code Execution Vulnerability.

CVE-2022-30173 7.8 - High - June 15, 2022

Microsoft Excel Remote Code Execution Vulnerability.

CVE-2022-30173 can be exploited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

HEVC Video Extensions Remote Code Execution Vulnerability

CVE-2022-22018 7.8 - High - June 15, 2022

HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-29111, CVE-2022-29119, CVE-2022-30188.

CVE-2022-22018 is exploitable with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability.

CVE-2022-29149 7.8 - High - June 15, 2022

Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability.

CVE-2022-29149 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

CVE-2022-30141 8.1 - High - June 15, 2022

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161.

CVE-2022-30141 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. It has an exploitability score of 2.2 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Code Injection

Microsoft SQL Server Remote Code Execution Vulnerability.

CVE-2022-29143 7.5 - High - June 15, 2022

Microsoft SQL Server Remote Code Execution Vulnerability.

CVE-2022-29143 can be exploited with network access, and requires small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. It has an exploitability score of 1.6 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-30158 8.8 - High - June 15, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30157.

CVE-2022-30158 is exploitable with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Azure Service Fabric Container Elevation of Privilege Vulnerability.

CVE-2022-30137 6.7 - Medium - June 15, 2022

Azure Service Fabric Container Elevation of Privilege Vulnerability.

CVE-2022-30137 can be exploited with local system access, and requires user privileges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 0.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability.

CVE-2022-30131 7.8 - High - June 15, 2022

Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability.

CVE-2022-30131 can be exploited with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Container Manager Service Elevation of Privilege Vulnerability.

CVE-2022-30132 7.8 - High - June 15, 2022

Windows Container Manager Service Elevation of Privilege Vulnerability.

CVE-2022-30132 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

HEVC Video Extensions Remote Code Execution Vulnerability

CVE-2022-29111 7.8 - High - June 15, 2022

HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29119, CVE-2022-30188.

CVE-2022-29111 can be exploited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability.

CVE-2022-30154 5.3 - Medium - June 15, 2022

Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability.

CVE-2022-30154 is exploitable with network access, and requires small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. It has an exploitability score of 1.6 out of four. The potential impact of an exploit of this vulnerability is considered to have no impact on confidentiality, a high impact on integrity, and no impact on availability.

Improper Privilege Management

Microsoft Office Information Disclosure Vulnerability

CVE-2022-30171 5.5 - Medium - June 15, 2022

Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30172.

CVE-2022-30171 can be exploited with local system access, requires user interaction. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Windows Kernel Information Disclosure Vulnerability.

CVE-2022-30162 5.5 - Medium - June 15, 2022

Windows Kernel Information Disclosure Vulnerability.

CVE-2022-30162 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 1.8 out of four. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Microsoft SharePoint Server Remote Code Execution Vulnerability

CVE-2022-30157 8.8 - High - June 15, 2022

Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30158.

CVE-2022-30157 can be exploited with network access, and requires small amount of user privileges. This vulnerability is considered to have a low attack complexity. It has an exploitability score of 2.8 out of four. The potential impact of an exploit of this vulnerability is considered to be very high.

Windows Network File System Remote Code Execution Vulnerability.

CVE-2022-30136 9.8 - Critical - June 15, 2022

Windows Network File System Remote Code Execution Vulnerability.

CVE-2022-30136 is exploitable with network access, and does not require authorization privileges or user interaction. This vulnerability is considered to have a low attack complexity. It has the highest possible exploitability rating (3.9). The potential impact of an exploit of this vulnerability is considered to be critical as this vulnerability has a high impact to the confidentiality, integrity and availability of this component.

Built by Foundeo Inc., with data from the National Vulnerability Database (NVD), Icons by Icons8. Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.