Export limit exceeded: 45922 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (45922 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-28246 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2024-11-21 5.5 Medium
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-28241 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2024-11-21 7.8 High
Acrobat Reader DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-28213 1 Sap 1 Businessobjects Business Intelligence Platform 2024-11-21 8.1 High
When a user access SOAP Web services in SAP BusinessObjects Business Intelligence Platform - version 420, 430, it does not sufficiently validate the XML document accepted from an untrusted source, which might result in arbitrary files retrieval from the server and in successful exploits of DoS.
CVE-2022-28200 1 Nvidia 2 Dgx A100, Dgx A100 Firmware 2024-11-21 8.2 High
NVIDIA DGX A100 contains a vulnerability in SBIOS in the BiosCfgTool, where a local user with elevated privileges can read and write beyond intended bounds in SMRAM, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other components.
CVE-2022-28199 4 Linux, Microsoft, Nvidia and 1 more 4 Linux Kernel, Windows, Data Plane Development Kit and 1 more 2024-11-21 6.5 Medium
NVIDIA’s distribution of the Data Plane Development Kit (MLNX_DPDK) contains a vulnerability in the network stack, where error recovery is not handled properly, which can allow a remote attacker to cause denial of service and some impact to data integrity and confidentiality.
CVE-2022-28197 1 Nvidia 3 Jetson Agx Xavier, Jetson Linux, Jetson Xavier Nx 2024-11-21 5 Medium
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_mount function, where Insufficient validation of untrusted data may allow a highly privileged local attacker to cause an integer overflow. This difficult-to-exploit vulnerability may lead to code execution, escalation of privileges, limited denial of service, and some impact to confidentiality and integrity. The scope of impact can extend to other components.
CVE-2022-28195 1 Nvidia 3 Jetson Agx Xavier, Jetson Linux, Jetson Xavier Nx 2024-11-21 5.7 Medium
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_read_file function, where insufficient validation of untrusted data may allow a highly privileged local attacker to cause a integer overflow, which may lead to code execution, escalation of privileges, limited denial of service, and some impact to confidentiality and integrity. The scope of impact can extend to other components.
CVE-2022-28194 1 Nvidia 3 Jetson Agx Xavier, Jetson Linux, Jetson Xavier Nx 2024-11-21 7.3 High
NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where, if TFTP is enabled, a local attacker with elevated privileges can cause a memory buffer overflow, which may lead to code execution, loss of Integrity, limited denial of service, and some impact to confidentiality.
CVE-2022-28183 1 Nvidia 2 Gpu Display Driver, Virtual Gpu 2024-11-21 7.7 High
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause an out-of-bounds read, which may lead to denial of service and information disclosure.
CVE-2022-28131 4 Fedoraproject, Golang, Netapp and 1 more 16 Fedora, Go, Cloud Insights Telegraf and 13 more 2024-11-21 7.5 High
Uncontrolled recursion in Decoder.Skip in encoding/xml before Go 1.17.12 and Go 1.18.4 allows an attacker to cause a panic due to stack exhaustion via a deeply nested XML document.
CVE-2022-28048 2 Fedoraproject, Stb Project 2 Fedora, Stb 2024-11-21 8.8 High
STB v2.27 was discovered to contain an integer shift of invalid size in the component stbi__jpeg_decode_block_prog_ac.
CVE-2022-28041 3 Debian, Fedoraproject, Nothings 3 Debian Linux, Fedora, Stb Image.h 2024-11-21 6.5 Medium
stb_image.h v2.27 was discovered to contain an integer overflow via the function stbi__jpeg_decode_block_prog_dc. This vulnerability allows attackers to cause a Denial of Service (DoS) via unspecified vectors.
CVE-2022-27942 2 Broadcom, Fedoraproject 2 Tcpreplay, Fedora 2024-11-21 7.8 High
tcpprep in Tcpreplay 4.4.1 has a heap-based buffer over-read in parse_mpls in common/get.c.
CVE-2022-27941 2 Broadcom, Fedoraproject 2 Tcpreplay, Fedora 2024-11-21 7.8 High
tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_l2len_protocol in common/get.c.
CVE-2022-27940 2 Broadcom, Fedoraproject 2 Tcpreplay, Fedora 2024-11-21 7.8 High
tcprewrite in Tcpreplay 4.4.1 has a heap-based buffer over-read in get_ipv6_next in common/get.c.
CVE-2022-27881 1 Openbsd 1 Openbsd 2024-11-21 7.5 High
engine.c in slaacd in OpenBSD 6.9 and 7.0 before 2022-02-21 has a buffer overflow triggerable by an IPv6 router advertisement with more than seven nameservers. NOTE: privilege separation and pledge can prevent exploitation.
CVE-2022-27869 1 Autodesk 1 Autocad 2024-11-21 7.8 High
A maliciously crafted TIFF file in Autodesk AutoCAD 2023 can be forced to read and write beyond allocated boundaries when parsing the TIFF file. This vulnerability can be exploited to execute arbitrary code.
CVE-2022-27866 1 Autodesk 1 Design Review 2024-11-21 7.8 High
A maliciously crafted TIFF file when consumed through DesignReview.exe application can be forced to read beyond allocated boundaries when parsing the TIFF file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
CVE-2022-27833 2 Google, Samsung 4 Android, Exynos 2100, Exynos 980 and 1 more 2024-11-21 4.4 Medium
Improper input validation in DSP driver prior to SMR Apr-2022 Release 1 allows out-of-bounds write by integer overflow.
CVE-2022-27832 1 Google 1 Android 2024-11-21 4 Medium
Improper boundary check in media.extractor library prior to SMR Apr-2022 Release 1 allows attackers to cause denial of service via a crafted media file.