Export limit exceeded: 337337 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10159 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-40523 | 1 Qualcomm | 370 9205 Lte Modem, 9205 Lte Modem Firmware, Aqt1000 and 367 more | 2024-11-21 | 7.1 High |
| Information disclosure in Kernel due to indirect branch misprediction. | ||||
| CVE-2022-40508 | 1 Qualcomm | 136 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 133 more | 2024-11-21 | 7.5 High |
| Transient DOS due to reachable assertion in Modem while processing config related to cross carrier scheduling, which is not supported. | ||||
| CVE-2022-40504 | 1 Qualcomm | 378 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8905 and 375 more | 2024-11-21 | 7.5 High |
| Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network. | ||||
| CVE-2022-40234 | 1 Ibm | 1 Spectrum Protect Plus | 2024-11-21 | 5.9 Medium |
| Versions of IBM Spectrum Protect Plus prior to 10.1.12 (excluding 10.1.12) include the private key information for a certificate inside the generated .crt file when uploading a TLS certificate to IBM Spectrum Protect Plus. If this generated .crt file is shared, an attacker can obtain the private key information for the uploaded certificate. IBM X-Force ID: 235718. | ||||
| CVE-2022-40225 | 1 Siemens | 3 Siplus Tim 1531 Irc, Siplus Tim 1531 Irc Firmware, Tim 1531 Irc | 2024-11-21 | 6.5 Medium |
| A vulnerability has been identified in SIPLUS TIM 1531 IRC (6AG1543-1MX00-7XE0) (All versions < V2.4.8), TIM 1531 IRC (6GK7543-1MX00-0XE0) (All versions < V2.4.8). Casting an internal value could lead to floating point exception under certain circumstances. This could allow an attacker to cause a denial of service condition on affected devices. | ||||
| CVE-2022-40138 | 1 Facebook | 1 Hermes | 2024-11-21 | 9.8 Critical |
| An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used to perform Out-Of-Bounds operations and subsequently execute arbitrary code. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected. | ||||
| CVE-2022-3996 | 1 Openssl | 1 Openssl | 2024-11-21 | 7.5 High |
| If an X.509 certificate contains a malformed policy constraint and policy processing is enabled, then a write lock will be taken twice recursively. On some operating systems (most widely: Windows) this results in a denial of service when the affected process hangs. Policy processing being enabled on a publicly facing server is not considered to be a common setup. Policy processing is enabled by passing the `-policy' argument to the command line utilities or by calling the `X509_VERIFY_PARAM_set1_policies()' function. Update (31 March 2023): The description of the policy processing enablement was corrected based on CVE-2023-0466. | ||||
| CVE-2022-3916 | 1 Redhat | 9 Enterprise Linux, Keycloak, Openshift Container Platform and 6 more | 2024-11-21 | 6.8 Medium |
| A flaw was found in the offline_access scope in Keycloak. This issue would affect users of shared computers more (especially if cookies are not cleared), due to a lack of root session validation, and the reuse of session ids across root and user authentication sessions. This enables an attacker to resolve a user session attached to a previously authenticated user; when utilizing the refresh token, they will be issued a token for the original user. | ||||
| CVE-2022-3565 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 4.6 Medium |
| A vulnerability, which was classified as critical, has been found in Linux Kernel. Affected by this issue is the function del_timer of the file drivers/isdn/mISDN/l1oip_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211088. | ||||
| CVE-2022-3438 | 1 Ikus-soft | 1 Rdiffweb | 2024-11-21 | 6.1 Medium |
| Open Redirect in GitHub repository ikus060/rdiffweb prior to 2.5.0a4. | ||||
| CVE-2022-3252 | 1 Apple | 1 Swift-nio-extras | 2024-11-21 | 7.5 High |
| Improper detection of complete HTTP body decompression SwiftNIO Extras provides a pair of helpers for transparently decompressing received HTTP request or response bodies. These two objects (HTTPRequestDecompressor and HTTPResponseDecompressor) both failed to detect when the decompressed body was considered complete. If trailing junk data was appended to the HTTP message body, the code would repeatedly attempt to decompress this data and fail. This would lead to an infinite loop making no forward progress, leading to livelock of the system and denial-of-service. This issue can be triggered by any attacker capable of sending a compressed HTTP message. Most commonly this is HTTP servers, as compressed HTTP messages cannot be negotiated for HTTP requests, but it is possible that users have configured decompression for HTTP requests as well. The attack is low effort, and likely to be reached without requiring any privilege or system access. The impact on availability is high: the process immediately becomes unavailable but does not immediately crash, meaning that it is possible for the process to remain in this state until an administrator intervenes or an automated circuit breaker fires. If left unchecked this issue will very slowly exhaust memory resources due to repeated buffer allocation, but the buffers are not written to and so it is possible that the processes will not terminate for quite some time. This risk can be mitigated by removing transparent HTTP message decompression. The issue is fixed by correctly detecting the termination of the compressed body as reported by zlib and refusing to decompress further data. The issue was found by Vojtech Rylko (https://github.com/vojtarylko) and reported publicly on GitHub. | ||||
| CVE-2022-3222 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.5 Medium |
| Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV. | ||||
| CVE-2022-3218 | 1 Necta | 1 Wifi Mouse Server | 2024-11-21 | 9.8 Critical |
| Due to a reliance on client-side authentication, the WiFi Mouse (Mouse Server) from Necta LLC's authentication mechanism is trivially bypassed, which can result in remote code execution. | ||||
| CVE-2022-3174 | 1 Ikus-soft | 1 Rdiffweb | 2024-11-21 | 7.5 High |
| Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository ikus060/rdiffweb prior to 2.4.2. | ||||
| CVE-2022-3152 | 1 Php-fusion | 1 Phpfusion | 2024-11-21 | 8.8 High |
| Unverified Password Change in GitHub repository phpfusion/phpfusion prior to 9.10.20. | ||||
| CVE-2022-3080 | 3 Fedoraproject, Isc, Redhat | 3 Fedora, Bind, Enterprise Linux | 2024-11-21 | 7.5 High |
| By sending specific queries to the resolver, an attacker can cause named to crash. | ||||
| CVE-2022-3032 | 2 Mozilla, Redhat | 4 Thunderbird, Enterprise Linux, Rhel E4s and 1 more | 2024-11-21 | 6.5 Medium |
| When receiving an HTML email that contained an <code>iframe</code> element, which used a <code>srcdoc</code> attribute to define the inner HTML document, remote objects specified in the nested document, for example images or videos, were not blocked. Rather, the network was accessed, the objects were loaded and displayed. This vulnerability affects Thunderbird < 102.2.1 and Thunderbird < 91.13.1. | ||||
| CVE-2022-3028 | 4 Debian, Fedoraproject, Linux and 1 more | 6 Debian Linux, Fedora, Linux Kernel and 3 more | 2024-11-21 | 7.0 High |
| A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. | ||||
| CVE-2022-3019 | 1 Tooljet | 1 Tooljet | 2024-11-21 | 8.8 High |
| The forgot password token basically just makes us capable of taking over the account of whoever comment in an app that we can see (bruteforcing comment id's might also be an option but I wouldn't count on it, since it would take a long time to find a valid one). | ||||
| CVE-2022-39954 | 1 Fortinet | 2 Fortinac, Fortinac-f | 2024-11-21 | 6.9 Medium |
| An improper restriction of xml external entity reference in Fortinet FortiNAC version 9.4.0 through 9.4.1, FortiNAC version 9.2.0 through 9.2.7, FortiNAC version 9.1.0 through 9.1.8, FortiNAC version 8.8.0 through 8.8.11, FortiNAC version 8.7.0 through 8.7.6, FortiNAC version 8.6.0 through 8.6.5, FortiNAC version 8.5.0 through 8.5.4, FortiNAC version 8.3.7 allows attacker to read arbitrary files or trigger a denial of service via specifically crafted XML documents. | ||||