Search Results (45946 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-4742 2 Json-pointer Project, Redhat 2 Json-pointer, Service Registry 2024-11-21 6.3 Medium
A vulnerability, which was classified as critical, has been found in json-pointer up to 0.6.1. Affected by this issue is the function set of the file index.js. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). The attack may be launched remotely. Upgrading to version 0.6.2 is able to address this issue. The patch is identified as 859c9984b6c407fc2d5a0a7e47c7274daa681941. It is recommended to upgrade the affected component. VDB-216794 is the identifier assigned to this vulnerability.
CVE-2022-4603 1 Samba 1 Ppp 2024-11-21 4.3 Medium
A vulnerability classified as problematic has been found in ppp. Affected is the function dumpppp of the file pppdump/pppdump.c of the component pppdump. The manipulation of the argument spkt.buf/rpkt.buf leads to improper validation of array index. The real existence of this vulnerability is still doubted at the moment. The name of the patch is a75fb7b198eed50d769c80c36629f38346882cbf. It is recommended to apply a patch to fix this issue. VDB-216198 is the identifier assigned to this vulnerability. NOTE: pppdump is not used in normal process of setting up a PPP connection, is not installed setuid-root, and is not invoked automatically in any scenario.
CVE-2022-4584 1 Axiosys 1 Bento4 2024-11-21 6.3 Medium
A vulnerability was found in Axiomatic Bento4 up to 1.6.0-639. It has been rated as critical. Affected by this issue is some unknown functionality of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-216170 is the identifier assigned to this vulnerability.
CVE-2022-4338 3 Debian, Openvswitch, Redhat 3 Debian Linux, Openvswitch, Enterprise Linux 2024-11-21 9.8 Critical
An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.
CVE-2022-4337 3 Debian, Openvswitch, Redhat 3 Debian Linux, Openvswitch, Enterprise Linux 2024-11-21 9.8 Critical
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.
CVE-2022-4046 1 Codesys 14 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 11 more 2024-11-21 8.8 High
In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device.
CVE-2022-48623 1 Rurban 1 Cpanel\ 2024-11-21 9.1 Critical
The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that allows attackers to obtain sensitive information or cause a denial of service.
CVE-2022-48578 1 Apple 1 Macos 2024-11-21 7.1 High
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.5. Processing an AppleScript may result in unexpected termination or disclosure of process memory.
CVE-2022-48554 3 Debian, File Project, Redhat 3 Debian Linux, File, Enterprise Linux 2024-11-21 5.5 Medium
File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project.
CVE-2022-48522 1 Perl 1 Perl 2024-11-21 9.8 Critical
In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation.
CVE-2022-48512 1 Huawei 2 Emui, Harmonyos 2024-11-21 9.8 Critical
Use After Free (UAF) vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image decoding feature to perform abnormally.
CVE-2022-48502 2 Linux, Netapp 6 Linux Kernel, H300s, H410c and 3 more 2024-11-21 7.1 High
An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c.
CVE-2022-48475 1 Cbm 1 Control De Ciber 2024-11-21 8.2 High
Buffer Overflow vulnerability in Control de Ciber version 1.650, in the printing function. Sending a modified request by the attacker could cause a Buffer Overflow when the adminitrator tries to accept or delete the print query created by the request.
CVE-2022-48183 3 Lenovo, Linux, Microsoft 6 Thinkpad T14s Gen 3, Thinkpad T14s Gen 3 Firmware, Thinkpad X13 Gen 3 and 3 more 2024-11-21 6.1 Medium
A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access.
CVE-2022-48182 3 Lenovo, Linux, Microsoft 6 Thinkpad T14s Gen 3, Thinkpad T14s Gen 3 Firmware, Thinkpad X13 Gen 3 and 3 more 2024-11-21 6.1 Medium
A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access.
CVE-2022-47673 1 Gnu 1 Binutils 2024-11-21 7.8 High
An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts.
CVE-2022-47375 1 Siemens 18 6ag1414-3em07-7ab0, 6ag1414-3em07-7ab0 Firmware, 6ag1416-3es07-7ab0 and 15 more 2024-11-21 7.5 High
A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle long file names correctly. This could allow an attacker to create a buffer overflow and create a denial of service condition for the device.
CVE-2022-47352 2 Google, Unisoc 3 Android, T610, T618 2024-11-21 4.4 Medium
In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
CVE-2022-47351 2 Google, Unisoc 10 Android, S8000, T606 and 7 more 2024-11-21 4.4 Medium
In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed
CVE-2022-47350 2 Google, Unisoc 12 Android, S8000, Sc9863a and 9 more 2024-11-21 4.4 Medium
In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed