Export limit exceeded: 45946 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45946 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-4742 | 2 Json-pointer Project, Redhat | 2 Json-pointer, Service Registry | 2024-11-21 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in json-pointer up to 0.6.1. Affected by this issue is the function set of the file index.js. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). The attack may be launched remotely. Upgrading to version 0.6.2 is able to address this issue. The patch is identified as 859c9984b6c407fc2d5a0a7e47c7274daa681941. It is recommended to upgrade the affected component. VDB-216794 is the identifier assigned to this vulnerability. | ||||
| CVE-2022-4603 | 1 Samba | 1 Ppp | 2024-11-21 | 4.3 Medium |
| A vulnerability classified as problematic has been found in ppp. Affected is the function dumpppp of the file pppdump/pppdump.c of the component pppdump. The manipulation of the argument spkt.buf/rpkt.buf leads to improper validation of array index. The real existence of this vulnerability is still doubted at the moment. The name of the patch is a75fb7b198eed50d769c80c36629f38346882cbf. It is recommended to apply a patch to fix this issue. VDB-216198 is the identifier assigned to this vulnerability. NOTE: pppdump is not used in normal process of setting up a PPP connection, is not installed setuid-root, and is not invoked automatically in any scenario. | ||||
| CVE-2022-4584 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.3 Medium |
| A vulnerability was found in Axiomatic Bento4 up to 1.6.0-639. It has been rated as critical. Affected by this issue is some unknown functionality of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-216170 is the identifier assigned to this vulnerability. | ||||
| CVE-2022-4338 | 3 Debian, Openvswitch, Redhat | 3 Debian Linux, Openvswitch, Enterprise Linux | 2024-11-21 | 9.8 Critical |
| An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. | ||||
| CVE-2022-4337 | 3 Debian, Openvswitch, Redhat | 3 Debian Linux, Openvswitch, Enterprise Linux | 2024-11-21 | 9.8 Critical |
| An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch. | ||||
| CVE-2022-4046 | 1 Codesys | 14 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 11 more | 2024-11-21 | 8.8 High |
| In CODESYS Control in multiple versions a improper restriction of operations within the bounds of a memory buffer allow an remote attacker with user privileges to gain full access of the device. | ||||
| CVE-2022-48623 | 1 Rurban | 1 Cpanel\ | 2024-11-21 | 9.1 Critical |
| The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that allows attackers to obtain sensitive information or cause a denial of service. | ||||
| CVE-2022-48578 | 1 Apple | 1 Macos | 2024-11-21 | 7.1 High |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.5. Processing an AppleScript may result in unexpected termination or disclosure of process memory. | ||||
| CVE-2022-48554 | 3 Debian, File Project, Redhat | 3 Debian Linux, File, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the name of an Open Source project. | ||||
| CVE-2022-48522 | 1 Perl | 1 Perl | 2024-11-21 | 9.8 Critical |
| In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote code execution or local privilege escalation. | ||||
| CVE-2022-48512 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 9.8 Critical |
| Use After Free (UAF) vulnerability in the Vdecoderservice service. Successful exploitation of this vulnerability may cause the image decoding feature to perform abnormally. | ||||
| CVE-2022-48502 | 2 Linux, Netapp | 6 Linux Kernel, H300s, H410c and 3 more | 2024-11-21 | 7.1 High |
| An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c. | ||||
| CVE-2022-48475 | 1 Cbm | 1 Control De Ciber | 2024-11-21 | 8.2 High |
| Buffer Overflow vulnerability in Control de Ciber version 1.650, in the printing function. Sending a modified request by the attacker could cause a Buffer Overflow when the adminitrator tries to accept or delete the print query created by the request. | ||||
| CVE-2022-48183 | 3 Lenovo, Linux, Microsoft | 6 Thinkpad T14s Gen 3, Thinkpad T14s Gen 3 Firmware, Thinkpad X13 Gen 3 and 3 more | 2024-11-21 | 6.1 Medium |
| A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access. | ||||
| CVE-2022-48182 | 3 Lenovo, Linux, Microsoft | 6 Thinkpad T14s Gen 3, Thinkpad T14s Gen 3 Firmware, Thinkpad X13 Gen 3 and 3 more | 2024-11-21 | 6.1 Medium |
| A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper detection mechanism to not trigger under specific circumstances which could allow unauthorized access. | ||||
| CVE-2022-47673 | 1 Gnu | 1 Binutils | 2024-11-21 | 7.8 High |
| An issue was discovered in Binutils addr2line before 2.39.3, function parse_module contains multiple out of bound reads which may cause a denial of service or other unspecified impacts. | ||||
| CVE-2022-47375 | 1 Siemens | 18 6ag1414-3em07-7ab0, 6ag1414-3em07-7ab0 Firmware, 6ag1416-3es07-7ab0 and 15 more | 2024-11-21 | 7.5 High |
| A vulnerability has been identified in SIMATIC PC-Station Plus (All versions), SIMATIC S7-400 CPU 412-2 PN V7 (All versions), SIMATIC S7-400 CPU 414-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 414F-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416-3 PN/DP V7 (All versions), SIMATIC S7-400 CPU 416F-3 PN/DP V7 (All versions), SINAMICS S120 (incl. SIPLUS variants) (All versions < V5.2 SP3 HF15), SIPLUS S7-400 CPU 414-3 PN/DP V7 (All versions), SIPLUS S7-400 CPU 416-3 PN/DP V7 (All versions). The affected products do not handle long file names correctly. This could allow an attacker to create a buffer overflow and create a denial of service condition for the device. | ||||
| CVE-2022-47352 | 2 Google, Unisoc | 3 Android, T610, T618 | 2024-11-21 | 4.4 Medium |
| In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | ||||
| CVE-2022-47351 | 2 Google, Unisoc | 10 Android, S8000, T606 and 7 more | 2024-11-21 | 4.4 Medium |
| In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | ||||
| CVE-2022-47350 | 2 Google, Unisoc | 12 Android, S8000, Sc9863a and 9 more | 2024-11-21 | 4.4 Medium |
| In camera driver, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | ||||