Security Vulnerabilities - CVEs Published In February 2022
Select Dell Client Commercial and Consumer platforms are vulnerable to an insufficient verification of data authenticity vulnerability. An authenticated malicious user may exploit this vulnerability in order to install modified BIOS firmware.
CVSS Score
4.7
EPSS Score
0.0
Published
2022-02-09
An Authentication Bypass vulnerability exists in Gitea before 1.5.0, which could let a malicious user gain privileges. If captured, the TOTP code for the 2FA can be submitted correctly more than once.
CVSS Score
9.8
EPSS Score
0.002
Published
2022-02-09
An issue exsits in Gitea through 1.15.7, which could let a malicious user gain privileges due to client side cookies not being deleted and the session remains valid on the server side for reuse.
CVSS Score
9.8
EPSS Score
0.011
Published
2022-02-09
Windows Common Log File System Driver Denial of Service Vulnerability
CVSS Score
5.5
EPSS Score
0.004
Published
2022-02-09
Windows Hyper-V Denial of Service Vulnerability
CVSS Score
5.6
EPSS Score
0.002
Published
2022-02-09
Named Pipe File System Elevation of Privilege Vulnerability
CVSS Score
7.8
EPSS Score
0.087
Published
2022-02-09
Microsoft Excel Information Disclosure Vulnerability
CVSS Score
5.5
EPSS Score
0.028
Published
2022-02-09
Windows Print Spooler Elevation of Privilege Vulnerability
CVSS Score
7.0
EPSS Score
0.004
Published
2022-02-09
CVE-2022-22718
Windows Print Spooler Elevation of Privilege Vulnerability
Known exploited
CVSS Score
7.8
EPSS Score
0.11
Published
2022-02-09
Microsoft Office Information Disclosure Vulnerability
CVSS Score
5.5
EPSS Score
0.003
Published
2022-02-09