Export limit exceeded: 10497 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10497 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-34001 | 1 Unit4 | 1 Enterprise Resource Planning | 2024-11-21 | 6.5 Medium |
| Unit4 ERP through 7.9 allows XXE via ExecuteServerProcessAsynchronously. | ||||
| CVE-2022-34000 | 1 Libjxl Project | 1 Libjxl | 2024-11-21 | 6.5 Medium |
| libjxl 0.6.1 has an assertion failure in LowMemoryRenderPipeline::Init() in render_pipeline/low_memory_render_pipeline.cc. | ||||
| CVE-2022-33987 | 2 Got Project, Redhat | 4 Got, Enterprise Linux, Rhel Eus and 1 more | 2024-11-21 | 5.3 Medium |
| The got package before 12.1.0 (also fixed in 11.8.5) for Node.js allows a redirect to a UNIX socket. | ||||
| CVE-2022-33712 | 2 Google, Samsung | 2 Android, Camera | 2024-11-21 | 5.3 Medium |
| Intent redirection vulnerability using implict intent in Camera prior to versions 12.0.01.64 ,12.0.3.23, 12.0.0.98, 12.0.6.11, 12.0.3.19 in Android S(12) allows attacker to get sensitive information. | ||||
| CVE-2022-33700 | 1 Google | 1 Android | 2024-11-21 | 2 Low |
| Exposure of Sensitive Information in putDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log. | ||||
| CVE-2022-33699 | 1 Google | 1 Android | 2024-11-21 | 2 Low |
| Exposure of Sensitive Information in getDsaSimImsi in TelephonyUI prior to SMR Jul-2022 Release 1 allows local attacker to access imsi via log. | ||||
| CVE-2022-33698 | 1 Google | 1 Android | 2024-11-21 | 3.3 Low |
| Exposure of Sensitive Information in Telecom application prior to SMR Jul-2022 Release 1 allows local attackers to access ICCID via log. | ||||
| CVE-2022-33696 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Exposure of Sensitive Information in Telephony service prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log. | ||||
| CVE-2022-33694 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Exposure of Sensitive Information in CSC application prior to SMR Jul-2022 Release 1 allows local attacker to access wifi information via unprotected intent broadcasting. | ||||
| CVE-2022-33692 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Exposure of Sensitive Information in Messaging application prior to SMR Jul-2022 Release 1 allows local attacker to access imsi and iccid via log. | ||||
| CVE-2022-33296 | 1 Qualcomm | 228 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8905 and 225 more | 2024-11-21 | 5.9 Medium |
| Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message. | ||||
| CVE-2022-33272 | 1 Qualcomm | 98 Ar8035, Ar8035 Firmware, Qca6390 and 95 more | 2024-11-21 | 7.5 High |
| Transient DOS in modem due to reachable assertion. | ||||
| CVE-2022-33254 | 1 Qualcomm | 128 Aqt1000, Aqt1000 Firmware, Ar8035 and 125 more | 2024-11-21 | 7.5 High |
| Transient DOS due to reachable assertion in Modem while processing SIB1 Message. | ||||
| CVE-2022-33251 | 1 Qualcomm | 148 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 145 more | 2024-11-21 | 7.5 High |
| Transient DOS due to reachable assertion in Modem because of invalid network configuration. | ||||
| CVE-2022-33250 | 1 Qualcomm | 130 Ar8035, Ar8035 Firmware, Qca6390 and 127 more | 2024-11-21 | 7.5 High |
| Transient DOS due to reachable assertion in modem when network repeatedly sent invalid message container for NR to LTE handover. | ||||
| CVE-2022-33248 | 1 Qualcomm | 324 Apq8009, Apq8009 Firmware, Apq8009w and 321 more | 2024-11-21 | 7.8 High |
| Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http. | ||||
| CVE-2022-33244 | 1 Qualcomm | 78 Ar8035, Ar8035 Firmware, Qca6391 and 75 more | 2024-11-21 | 7.5 High |
| Transient DOS due to reachable assertion in modem during MIB reception and SIB timeout | ||||
| CVE-2022-33146 | 1 Web2py | 1 Web2py | 2024-11-21 | 6.1 Medium |
| Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL. | ||||
| CVE-2022-33139 | 1 Siemens | 4 Cerberus Dms, Desigo Cc, Desigo Cc Compact and 1 more | 2024-11-21 | 9.8 Critical |
| A vulnerability has been identified in Cerberus DMS (All versions), Desigo CC (All versions), Desigo CC Compact (All versions), SIMATIC WinCC OA V3.16 (All versions in default configuration), SIMATIC WinCC OA V3.17 (All versions in non-default configuration), SIMATIC WinCC OA V3.18 (All versions in non-default configuration). Affected applications use client-side only authentication, when neither server-side authentication (SSA) nor Kerberos authentication is enabled. In this configuration, attackers could impersonate other users or exploit the client-server protocol without being authenticated. | ||||
| CVE-2022-33137 | 1 Siemens | 12 Simatic Mv540 H, Simatic Mv540 H Firmware, Simatic Mv540 S and 9 more | 2024-11-21 | 8.0 High |
| A vulnerability has been identified in SIMATIC MV540 H (All versions < V3.3), SIMATIC MV540 S (All versions < V3.3), SIMATIC MV550 H (All versions < V3.3), SIMATIC MV550 S (All versions < V3.3), SIMATIC MV560 U (All versions < V3.3), SIMATIC MV560 X (All versions < V3.3). The web session management of affected devices does not invalidate session ids in certain logout scenarios. This could allow an authenticated remote attacker to hijack other users' sessions. | ||||