IDCVSSSummaryLast (major) updatePublished
CVE-2021-37150 None
Improper Input Validation vulnerability in header parsing of Apache Traffic Server allows an attacker to request secure resources. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
13-08-2022 - 03:15 10-08-2022 - 06:15
CVE-2022-25763 None
Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
13-08-2022 - 03:15 10-08-2022 - 06:15
CVE-2022-28129 None
Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an attacker to send invalid headers. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
13-08-2022 - 03:15 10-08-2022 - 06:15
CVE-2022-31778 None
Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 8.0.0 to 9.0.2.
13-08-2022 - 03:15 10-08-2022 - 06:15
CVE-2022-31779 None
Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
13-08-2022 - 03:15 10-08-2022 - 06:15
CVE-2022-31780 None
Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.
13-08-2022 - 03:15 10-08-2022 - 06:15
CVE-2021-44537 6.8
ownCloud owncloud/client before 2.9.2 allows Resource Injection by a server into the desktop client via a URL, leading to remote code execution.
13-08-2022 - 03:15 15-01-2022 - 21:15
CVE-2022-20241 None
In Messaging, there is a possible way to attach a private file to an SMS message due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for expl
13-08-2022 - 02:18 11-08-2022 - 15:15
CVE-2022-20237 None
In BuildDevIDResponse of miscdatabuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitat
13-08-2022 - 02:18 11-08-2022 - 15:15
CVE-2022-20242 None
In Telephony, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. Use
13-08-2022 - 02:18 11-08-2022 - 15:15
CVE-2021-22289 None
Improper Input Validation vulnerability in the project upload mechanism in B&R Automation Studio version >=4.0 may allow an unauthenticated network attacker to execute code.
13-08-2022 - 02:17 11-08-2022 - 15:15
CVE-2022-20158 None
In bdi_put and bdi_unregister of backing-dev.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.P
13-08-2022 - 02:17 11-08-2022 - 15:15
CVE-2022-20180 None
In several functions of mali_gralloc_reference.cpp, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for
13-08-2022 - 02:17 11-08-2022 - 15:15
CVE-2021-0975 None
In USB Manager, there is a possible way to determine whether an app is installed, without query permissions, due to side channel information disclosure. This could lead to local information disclosure of installed packages with no additional executio
13-08-2022 - 02:14 11-08-2022 - 15:15
CVE-2021-0735 None
In PackageManager, there is a possible way to get information about installed packages ignoring limitations introduced in Android 11 due to a missing permission check. This could lead to local information disclosure with no additional execution privi
13-08-2022 - 02:14 11-08-2022 - 15:15
CVE-2021-0734 None
In Settings, there is a possible way to determine whether an app is installed without query permissions, due to side channel information disclosure. This could lead to local information disclosure of an installed package, without proper query permiss
13-08-2022 - 02:13 11-08-2022 - 15:15
CVE-2022-20239 None
'remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area), and because the 'vma->vm_page_prot' can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploit
13-08-2022 - 02:13 10-08-2022 - 20:15
CVE-2022-34235 None
Adobe Premiere Elements version 2020v20 (and earlier) is affected by an Uncontrolled Search Path Element which could lead to Privilege Escalation. An attacker could leverage this vulnerability to obtain admin using an existing low-privileged user. Ex
13-08-2022 - 02:08 11-08-2022 - 15:15
CVE-2022-20381 None
Product: AndroidVersions: Android kernelAndroid ID: A-188935887References: N/A
13-08-2022 - 02:01 11-08-2022 - 15:15
CVE-2022-20382 None
In (TBD) of (TBD), there is a possible out of bounds write due to kernel stack overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersion
13-08-2022 - 02:01 11-08-2022 - 15:15
CVE-2022-20408 None
Product: AndroidVersions: Android kernelAndroid ID: A-204782372References: N/A
13-08-2022 - 02:01 11-08-2022 - 15:15
CVE-2022-20378 None
Product: AndroidVersions: Android kernelAndroid ID: A-234657153References: N/A
13-08-2022 - 02:00 11-08-2022 - 15:15
CVE-2022-20379 None
In lwis_buffer_alloc of lwis_buffer.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Pro
13-08-2022 - 02:00 11-08-2022 - 15:15
CVE-2022-20380 None
Product: AndroidVersions: Android kernelAndroid ID: A-212625740References: N/A
13-08-2022 - 02:00 11-08-2022 - 15:15
CVE-2022-20377 None
In TBD of keymaster_ipc.cpp, there is a possible to force gatekeeper, fingerprint, and faceauth to use a known HMAC key. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed f
13-08-2022 - 01:57 11-08-2022 - 15:15
CVE-2022-20373 None
In st21nfc_loc_set_polaritymode of fc/st21nfc.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Pro
13-08-2022 - 01:51 11-08-2022 - 15:15
CVE-2022-20374 None
On specific devices, there is a possible bypass of configuration integrity due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation
13-08-2022 - 01:51 11-08-2022 - 15:15
CVE-2022-20375 None
In LteRrcNrProAsnDecode of LteRrcNr_Codec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploita
13-08-2022 - 01:51 11-08-2022 - 15:15
CVE-2022-20376 None
In trusty_log_seq_start of trusty-log.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: An
13-08-2022 - 01:51 11-08-2022 - 15:15
CVE-2022-20372 None
In exynos5_i2c_irq of (TBD), there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVe
13-08-2022 - 01:50 11-08-2022 - 15:15
CVE-2022-20383 None
In AllocateInternalBuffers of g3aa_buffer_allocator.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not neede
13-08-2022 - 01:11 11-08-2022 - 15:15
CVE-2022-20384 None
Product: AndroidVersions: Android kernelAndroid ID: A-211727306References: N/A
13-08-2022 - 01:11 11-08-2022 - 15:15
CVE-2022-20400 None
In cd_CodeMsg of cd_codec.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: Andr
13-08-2022 - 01:10 11-08-2022 - 15:15
CVE-2022-20407 None
Product: AndroidVersions: Android kernelAndroid ID: A-210916981References: N/A
13-08-2022 - 01:10 11-08-2022 - 15:15
CVE-2022-20406 None
Product: AndroidVersions: Android kernelAndroid ID: A-184676385References: N/A
13-08-2022 - 01:09 11-08-2022 - 15:15
CVE-2022-20401 None
In SAEMM_RetrievEPLMNList of SAEMM_ContextManagement.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure post-authentication with no additional execution privileges needed. User in
13-08-2022 - 01:08 11-08-2022 - 15:15
CVE-2022-20402 None
Product: AndroidVersions: Android kernelAndroid ID: A-218701042References: N/A
13-08-2022 - 01:08 11-08-2022 - 15:15
CVE-2022-20403 None
Product: AndroidVersions: Android kernelAndroid ID: A-207975764References: N/A
13-08-2022 - 01:08 11-08-2022 - 15:15
CVE-2022-20404 None
Product: AndroidVersions: Android kernelAndroid ID: A-205714161References: N/A
13-08-2022 - 01:07 11-08-2022 - 15:15
CVE-2022-20405 None
Product: AndroidVersions: Android kernelAndroid ID: A-216363416References: N/A
13-08-2022 - 01:06 11-08-2022 - 15:15
CVE-2022-35936 None
Ethermint is an Ethereum library. In Ethermint running versions before `v0.17.2`, the contract `selfdestruct` invocation permanently removes the corresponding bytecode from the internal database storage. However, due to a bug in the `DeleteAccount`fu
13-08-2022 - 00:59 05-08-2022 - 13:15
CVE-2021-33646 None
The th_read() function doesn’t free a variable t->th_buf.gnu_longname after allocating memory, which may cause a memory leak.
13-08-2022 - 00:20 10-08-2022 - 20:15
CVE-2021-33645 None
The th_read() function doesn’t free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.
13-08-2022 - 00:20 10-08-2022 - 20:15
CVE-2021-33644 None
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longname, causing an out-of-bounds read.
13-08-2022 - 00:19 10-08-2022 - 20:15
CVE-2021-33643 None
An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.
13-08-2022 - 00:17 10-08-2022 - 20:15
CVE-2022-35715 None
IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in a stack trace. This information could be used in further attacks against the system. IBM X-For
13-08-2022 - 00:17 10-08-2022 - 17:15
CVE-2022-35280 None
IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 230634.
13-08-2022 - 00:16 10-08-2022 - 17:15
CVE-2022-34365 None
WMS 3.7 contains a Path Traversal Vulnerability in Device API. An attacker could potentially exploit this vulnerability, to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application
13-08-2022 - 00:14 10-08-2022 - 17:15
CVE-2022-33929 None
Dell Wyse Management Suite 3.6.1 and below contains a Reflected Cross-Site Scripting Vulnerability in EndUserSummary page. An authenticated attacker could potentially exploit this vulnerability, leading to the execution of malicious HTML or JavaScrip
13-08-2022 - 00:13 10-08-2022 - 17:15
CVE-2022-33930 None
Dell Wyse Management Suite 3.6.1 and below contains Information Disclosure in Devices error pages. An attacker could potentially exploit this vulnerability, leading to the disclosure of certain sensitive information. The attacker may be able to use t
13-08-2022 - 00:13 10-08-2022 - 17:15
Back to Top Mark selected
Back to Top