Search
Search Results (40752 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-25858 | 2 Redhat, Terser | 4 Acm, Service Mesh, Service Registry and 1 more | 2024-11-21 | 5.3 Medium |
| The package terser before 4.8.1, from 5.0.0 and before 5.14.2 are vulnerable to Regular Expression Denial of Service (ReDoS) due to insecure usage of regular expressions. | ||||
| CVE-2022-25821 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 3.3 Low |
| Improper use of SMS buffer pointer in Shannon baseband prior to SMR Mar-2022 Release 1 allows OOB read. | ||||
| CVE-2022-25819 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 5.3 Medium |
| OOB read vulnerability in hdcp2 device node prior to SMR Mar-2022 Release 1 allow an attacker to view Kernel stack memory. | ||||
| CVE-2022-25818 | 1 Google | 1 Android | 2024-11-21 | 6.5 Medium |
| Improper boundary check in UWB stack prior to SMR Mar-2022 Release 1 allows arbitrary code execution. | ||||
| CVE-2022-25813 | 1 Apache | 1 Ofbiz | 2024-11-21 | 7.5 High |
| In Apache OFBiz, versions 18.12.05 and earlier, an attacker acting as an anonymous user of the ecommerce plugin, can insert a malicious content in a message “Subject” field from the "Contact us" page. Then a party manager needs to list the communications in the party component to activate the SSTI. A RCE is then possible. | ||||
| CVE-2022-25794 | 1 Autodesk | 1 Fbx Review | 2024-11-21 | 7.8 High |
| An Out-Of-Bounds Read Vulnerability in Autodesk FBX Review version 1.5.2 and prior may lead to code execution through maliciously crafted ActionScript Byte Code 'ABC' files or information disclosure. ABC files are created by the Flash compiler and contain executable code. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | ||||
| CVE-2022-25793 | 1 Autodesk | 1 3ds Max | 2024-11-21 | 7.8 High |
| A Stack-based Buffer Overflow Vulnerability in Autodesk 3ds Max 2022, 2021, and 2020 may lead to code execution through the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer when parsing ActionScript Byte Code files. This vulnerability may allow arbitrary code execution on affected installations of Autodesk 3ds Max. | ||||
| CVE-2022-25785 | 1 Secomea | 18 Sitemanager 1129, Sitemanager 1129 Firmware, Sitemanager 1139 and 15 more | 2024-11-21 | 6.6 Medium |
| Stack-based Buffer Overflow vulnerability in SiteManager allows logged-in or local user to cause arbitrary code execution. This issue affects: Secomea SiteManager all versions prior to 9.7. | ||||
| CVE-2022-25758 | 1 Scss-tokenizer Project | 1 Scss-tokenizer | 2024-11-21 | 5.3 Medium |
| All versions of package scss-tokenizer are vulnerable to Regular Expression Denial of Service (ReDoS) via the loadAnnotation() function, due to the usage of insecure regex. | ||||
| CVE-2022-25753 | 1 Siemens | 48 Scalance X302-7eec, Scalance X302-7eec Firmware, Scalance X304-2fe and 45 more | 2024-11-21 | 8.8 High |
| A vulnerability has been identified in SCALANCE X302-7 EEC (230V), SCALANCE X302-7 EEC (230V, coated), SCALANCE X302-7 EEC (24V), SCALANCE X302-7 EEC (24V, coated), SCALANCE X302-7 EEC (2x 230V), SCALANCE X302-7 EEC (2x 230V, coated), SCALANCE X302-7 EEC (2x 24V), SCALANCE X302-7 EEC (2x 24V, coated), SCALANCE X304-2FE, SCALANCE X306-1LD FE, SCALANCE X307-2 EEC (230V), SCALANCE X307-2 EEC (230V, coated), SCALANCE X307-2 EEC (24V), SCALANCE X307-2 EEC (24V, coated), SCALANCE X307-2 EEC (2x 230V), SCALANCE X307-2 EEC (2x 230V, coated), SCALANCE X307-2 EEC (2x 24V), SCALANCE X307-2 EEC (2x 24V, coated), SCALANCE X307-3, SCALANCE X307-3, SCALANCE X307-3LD, SCALANCE X307-3LD, SCALANCE X308-2, SCALANCE X308-2, SCALANCE X308-2LD, SCALANCE X308-2LD, SCALANCE X308-2LH, SCALANCE X308-2LH, SCALANCE X308-2LH+, SCALANCE X308-2LH+, SCALANCE X308-2M, SCALANCE X308-2M, SCALANCE X308-2M PoE, SCALANCE X308-2M PoE, SCALANCE X308-2M TS, SCALANCE X308-2M TS, SCALANCE X310, SCALANCE X310, SCALANCE X310FE, SCALANCE X310FE, SCALANCE X320-1 FE, SCALANCE X320-1-2LD FE, SCALANCE X408-2, SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on front), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (230V, ports on rear), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on front), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M (24V, ports on rear), SCALANCE XR324-12M TS (24V), SCALANCE XR324-12M TS (24V), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on front), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (24V, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on front), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 100-240VAC/60-250VDC, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on front), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M EEC (2x 24V, ports on rear), SCALANCE XR324-4M PoE (230V, ports on front), SCALANCE XR324-4M PoE (230V, ports on rear), SCALANCE XR324-4M PoE (24V, ports on front), SCALANCE XR324-4M PoE (24V, ports on rear), SCALANCE XR324-4M PoE TS (24V, ports on front), SIPLUS NET SCALANCE X308-2. The handling of arguments such as IP addresses in the CLI of affected devices is prone to buffer overflows. This could allow an authenticated remote attacker to execute arbitrary code on the device. | ||||
| CVE-2022-25740 | 1 Qualcomm | 24 Mdm8207, Mdm8207 Firmware, Mdm9205 and 21 more | 2024-11-21 | 9.8 Critical |
| Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the iface | ||||
| CVE-2022-25738 | 1 Qualcomm | 70 Ar8031, Ar8031 Firmware, Csra6620 and 67 more | 2024-11-21 | 8.2 High |
| Information disclosure in modem due to buffer over-red while performing checksum of packet received | ||||
| CVE-2022-25732 | 1 Qualcomm | 66 Ar8031, Ar8031 Firmware, Csra6620 and 63 more | 2024-11-21 | 8.2 High |
| Information disclosure in modem due to buffer over read in dns client due to missing length check | ||||
| CVE-2022-25731 | 1 Qualcomm | 26 Mdm8207, Mdm8207 Firmware, Mdm9205 and 23 more | 2024-11-21 | 7.5 High |
| Information disclosure in modem due to buffer over-read while processing packets from DNS server | ||||
| CVE-2022-25730 | 1 Qualcomm | 54 Mdm8207, Mdm8207 Firmware, Mdm9205 and 51 more | 2024-11-21 | 8.2 High |
| Information disclosure in modem due to improper check of IP type while processing DNS server query | ||||
| CVE-2022-25728 | 1 Qualcomm | 68 Ar8031, Ar8031 Firmware, Csra6620 and 65 more | 2024-11-21 | 8.2 High |
| Information disclosure in modem due to buffer over-read while processing response from DNS server | ||||
| CVE-2022-25726 | 1 Qualcomm | 52 Mdm8207, Mdm8207 Firmware, Mdm9205 and 49 more | 2024-11-21 | 8.2 High |
| Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet | ||||
| CVE-2022-25713 | 1 Qualcomm | 110 Ar8035, Ar8035 Firmware, Qam8295p and 107 more | 2024-11-21 | 7.8 High |
| Memory corruption in Automotive due to Improper Restriction of Operations within the Bounds of a Memory Buffer while exporting a shared key. | ||||
| CVE-2022-25706 | 1 Qualcomm | 257 Apq8009w, Apq8009w Firmware, Apq8017 and 254 more | 2024-11-21 | 8.2 High |
| Information disclosure in Bluetooth driver due to buffer over-read while reading l2cap length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | ||||
| CVE-2022-25705 | 1 Qualcomm | 402 Apq8009, Apq8009 Firmware, Apq8009w and 399 more | 2024-11-21 | 7.8 High |
| Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response | ||||