Total
12847 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-39131 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel. | ||||
| CVE-2022-38690 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel. | ||||
| CVE-2022-38161 | 1 Gumstix | 1 Overo Sbc | 2024-11-21 | 7.5 High |
| The Gumstix Overo SBC on the VSKS board through 2022-08-09, as used on the Orlan-10 and other platforms, allows unrestricted remapping of the NOR flash memory containing the bitstream for the FPGA. | ||||
| CVE-2022-38105 | 1 Asus | 2 Rt-ax82u, Rt-ax82u Firmware | 2024-11-21 | 7.5 High |
| An information disclosure vulnerability exists in the cm_processREQ_NC opcode of Asus RT-AX82U 3.0.0.4.386_49674-ge182230 router's configuration service. A specially-crafted network packets can lead to a disclosure of sensitive information. An attacker can send a network request to trigger this vulnerability. | ||||
| CVE-2022-37770 | 1 Jpeg | 1 Libjpeg | 2024-11-21 | 6.5 Medium |
| libjpeg commit 281daa9 was discovered to contain a segmentation fault via LineMerger::GetNextLowpassLine at linemerger.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. | ||||
| CVE-2022-37769 | 1 Jpeg | 1 Libjpeg | 2024-11-21 | 6.5 Medium |
| libjpeg commit 281daa9 was discovered to contain a segmentation fault via HuffmanDecoder::Get at huffmandecoder.hpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. | ||||
| CVE-2022-37331 | 1 Openbabel | 1 Open Babel | 2024-11-21 | 7.3 High |
| An out-of-bounds write vulnerability exists in the Gaussian format orientation functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2022-37302 | 1 Schneider-electric | 1 Ecostruxure Control Expert | 2024-11-21 | 5.5 Medium |
| A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a crash of the Control Expert software when an incorrect project file is opened. Affected Products: EcoStruxure Control Expert(V15.1 HF001 and prior). | ||||
| CVE-2022-36372 | 1 Intel | 69 Bios, Nuc 8 Compute Element Cm8ccb4r, Nuc 8 Compute Element Cm8ccb4r Firmware and 66 more | 2024-11-21 | 7.5 High |
| Improper buffer restrictions in some Intel(R) NUC BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-36086 | 1 Rust-osdev | 1 Linked-list-allocator | 2024-11-21 | 8.4 High |
| linked_list_allocator is an allocator usable for no_std systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller than `3 * size_of::<usize>` because of metadata write operations. This vulnerability impacts all the initialization functions on the `Heap` and `LockedHeap` types, including `Heap::new`, `Heap::init`, `Heap::init_from_slice`, and `LockedHeap::new`. It also affects multiple uses of the `Heap::extend` method. Version 0.10.2 contains a patch for the issue. As a workaround, ensure that the heap is only initialized with a size larger than `3 * size_of::<usize>` and that the `Heap::extend` method is only called with sizes larger than `2 * size_of::<usize>()`. Also, ensure that the total heap size is (and stays) a multiple of `2 * size_of::<usize>()`. | ||||
| CVE-2022-35911 | 1 Patlite | 4 Nhl-fb2, Nhl-fb2 Firmware, Nhp-fb2 and 1 more | 2024-11-21 | 7.5 High |
| On Patlite NH-FB series devices through 1.46, remote attackers can cause a denial of service by omitting the query string. NOTE: the vendor's perspective is that "omitting the query string does not cause a denial of service and the indicated event can not be reproduced. | ||||
| CVE-2022-35486 | 1 Otfcc Project | 1 Otfcc | 2024-11-21 | 6.5 Medium |
| OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6badae. | ||||
| CVE-2022-35019 | 2 Advancemame, Fedoraproject | 2 Advancecomp, Fedora | 2024-11-21 | 5.5 Medium |
| Advancecomp v2.3 was discovered to contain a segmentation fault. | ||||
| CVE-2022-35018 | 2 Advancemame, Fedoraproject | 2 Advancecomp, Fedora | 2024-11-21 | 5.5 Medium |
| Advancecomp v2.3 was discovered to contain a segmentation fault. | ||||
| CVE-2022-35014 | 2 Advancemame, Fedoraproject | 2 Advancecomp, Fedora | 2024-11-21 | 5.5 Medium |
| Advancecomp v2.3 contains a segmentation fault. | ||||
| CVE-2022-34764 | 1 Schneider-electric | 4 Opc Ua Module For M580, Opc Ua Module For M580 Firmware, X80 Advanced Rtu Module and 1 more | 2024-11-21 | 5.9 Medium |
| A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service when parsing the URL. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V1.0), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior) | ||||
| CVE-2022-34503 | 1 Qpdf Project | 1 Qpdf | 2024-11-21 | 6.5 Medium |
| QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF::processXRefStream. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file. | ||||
| CVE-2022-34399 | 1 Dell | 30 Alienware M15 A6, Alienware M15 A6 Firmware, Alienware M15 Ryzen Edition R5 and 27 more | 2024-11-21 | 5.1 Medium |
| Dell Alienware m17 R5 BIOS version prior to 1.2.2 contain a buffer access vulnerability. A malicious user with admin privileges could potentially exploit this vulnerability by sending input larger than expected in order to leak certain sections of SMRAM. | ||||
| CVE-2022-34391 | 1 Dell | 4 Alienware Area-51 R4, Alienware Area-51 R4 Firmware, Alienware Area-51 R5 and 1 more | 2024-11-21 | 7.5 High |
| Dell Client BIOS Versions prior to the remediated version contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||||
| CVE-2022-34291 | 1 Siemens | 1 Pads Viewer | 2024-11-21 | 5.5 Medium |
| A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-057, FG-VD-22-058, FG-VD-22-060) | ||||