Export limit exceeded: 349498 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 349498 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 349498 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 80155 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (80155 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-27872 | 1 Autodesk | 1 Navisworks | 2024-11-21 | 7.8 High |
| A maliciously crafted PDF file may be used to dereference a pointer for read or write operation while parsing PDF files in Autodesk Navisworks 2022. The vulnerability exists because the application fails to handle a crafted PDF file, which causes an unhandled exception. An attacker can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code. | ||||
| CVE-2022-27871 | 1 Autodesk | 14 3ds Max, Advance Steel, Autocad and 11 more | 2024-11-21 | 7.8 High |
| Autodesk AutoCAD product suite, Revit, Design Review and Navisworks releases using PDFTron prior to 9.1.17 version may be used to write beyond the allocated buffer while parsing PDF files. This vulnerability may be exploited to execute arbitrary code. | ||||
| CVE-2022-27870 | 1 Autodesk | 1 Autocad | 2024-11-21 | 7.8 High |
| A maliciously crafted TGA file in Autodesk AutoCAD 2023 may be used to write beyond the allocated buffer while parsing TGA file. This vulnerability may be exploited to execute arbitrary code. | ||||
| CVE-2022-27869 | 1 Autodesk | 1 Autocad | 2024-11-21 | 7.8 High |
| A maliciously crafted TIFF file in Autodesk AutoCAD 2023 can be forced to read and write beyond allocated boundaries when parsing the TIFF file. This vulnerability can be exploited to execute arbitrary code. | ||||
| CVE-2022-27868 | 1 Autodesk | 1 Autocad | 2024-11-21 | 7.8 High |
| A maliciously crafted CAT file in Autodesk AutoCAD 2023 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution. | ||||
| CVE-2022-27867 | 1 Autodesk | 1 Autocad | 2024-11-21 | 7.8 High |
| A maliciously crafted JT file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to trigger use-after-free vulnerability. Exploitation of this vulnerability may lead to code execution. | ||||
| CVE-2022-27866 | 1 Autodesk | 1 Design Review | 2024-11-21 | 7.8 High |
| A maliciously crafted TIFF file when consumed through DesignReview.exe application can be forced to read beyond allocated boundaries when parsing the TIFF file. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | ||||
| CVE-2022-27865 | 1 Autodesk | 1 Design Review | 2024-11-21 | 7.8 High |
| A maliciously crafted TGA or PCX file may be used to write beyond the allocated buffer through DesignReview.exe application while parsing TGA and PCX files. This vulnerability may be exploited to execute arbitrary code. | ||||
| CVE-2022-27864 | 1 Autodesk | 1 Design Review | 2024-11-21 | 8.8 High |
| A Double Free vulnerability allows remote attackers to execute arbitrary code through DesignReview.exe application on PDF files within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. | ||||
| CVE-2022-27838 | 1 Samsung | 1 Factorycamera | 2024-11-21 | 7.7 High |
| Improper access control vulnerability in FactoryCamera prior to version 2.1.96 allows attacker to access the file with system privilege. | ||||
| CVE-2022-27836 | 1 Google | 1 Android | 2024-11-21 | 8.4 High |
| Improper access control and path traversal vulnerability in Storage Manager and Storage Manager Service prior to SMR Apr-2022 Release 1 allow local attackers to access arbitrary system files without a proper permission. The patch adds proper validation logic to prevent arbitrary files access. | ||||
| CVE-2022-27835 | 1 Google | 1 Android | 2024-11-21 | 7.6 High |
| Improper boundary check in UWB firmware prior to SMR Apr-2022 Release 1 allows arbitrary memory write. | ||||
| CVE-2022-27830 | 1 Google | 1 Android | 2024-11-21 | 8.5 High |
| Improper validation vulnerability in SemBlurInfo prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities. | ||||
| CVE-2022-27829 | 1 Google | 1 Android | 2024-11-21 | 8.5 High |
| Improper validation vulnerability in VerifyCredentialResponse prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities. | ||||
| CVE-2022-27828 | 1 Google | 1 Android | 2024-11-21 | 8.5 High |
| Improper validation vulnerability in MediaMonitorEvent prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities. | ||||
| CVE-2022-27827 | 1 Google | 1 Android | 2024-11-21 | 8.5 High |
| Improper validation vulnerability in MediaMonitorDimension prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities. | ||||
| CVE-2022-27826 | 1 Google | 1 Android | 2024-11-21 | 8.5 High |
| Improper validation vulnerability in SemSuspendDialogInfo prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities. | ||||
| CVE-2022-27816 | 1 Waycrate | 1 Swhkd | 2024-11-21 | 7.1 High |
| SWHKD 1.1.5 unsafely uses the /tmp/swhks.pid pathname. There can be data loss or a denial of service. | ||||
| CVE-2022-27815 | 1 Waycrate | 1 Swhkd | 2024-11-21 | 7.8 High |
| SWHKD 1.1.5 unsafely uses the /tmp/swhkd.pid pathname. There can be an information leak or denial of service. | ||||
| CVE-2022-27813 | 1 Motorola | 4 Mtm5400, Mtm5400 Firmware, Mtm5500 and 1 more | 2024-11-21 | 8.1 High |
| Motorola MTM5000 series firmwares lack properly configured memory protection of pages shared between the OMAP-L138 ARM and DSP cores. The SoC provides two memory protection units, MPU1 and MPU2, to enforce the trust boundary between the two cores. Since both units are left unconfigured by the firmwares, an adversary with control over either core can trivially gain code execution on the other, by overwriting code located in shared RAM or DDR2 memory regions. | ||||