Lista CVE - 2022 / Ottobre
Visualizzazione 701 - 800 di 1849 CVE per Ottobre 2022 (Pagina 8 di 19)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2021-46839 | 2022-10-14 | The HW_KEYMASTER module has a vulnerability of missing bounds check on length.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access. |
| CVE-2021-46840 | 2022-10-14 | The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access. |
| CVE-2022-20397 | 2022-10-14 | In SitRilClient_OnResponse of SitRilSe.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution... |
| CVE-2022-20464 | 2022-10-14 | In various functions of ap_input_processor.c, there is a possible way to record audio during a phone call due to a logic error in the code. This could lead to local... |
| CVE-2022-2780 | 2022-10-14 | In affected versions of Octopus Server it is possible to use the Git Connectivity test function on the VCS project to initiate an SMB request resulting in the potential for... |
| CVE-2022-2850 | 2022-10-14 | A flaw was found In 389-ds-base. When the Content Synchronization plugin is enabled, an authenticated user can reach a NULL pointer dereference using a specially crafted query. This flaw allows... |
| CVE-2022-2879 | 2022-10-14 | Unbounded memory consumption when reading headers in archive/tar |
| CVE-2022-2880 | 2022-10-14 | Incorrect sanitization of forwarded query parameters in net/http/httputil |
| CVE-2022-2963 | 2022-10-14 | A vulnerability found in jasper. This security vulnerability happens because of a memory leak bug in function cmdopts_parse that can cause a crash or segmentation fault. |
| CVE-2022-2984 | 2022-10-14 | In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| CVE-2022-2985 | 2022-10-14 | In music service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed. |
| CVE-2022-32149 | 2022-10-14 | Denial of service via crafted Accept-Language header in golang.org/x/text/language |
| CVE-2022-3439 | 2022-10-14 | Allocation of Resources Without Limits or Throttling in ikus060/rdiffweb |
| CVE-2022-3495 | 2022-10-14 | SourceCodester Simple Online Public Access Catalog Admin Login sql injection |
| CVE-2022-3503 | 2022-10-14 | SourceCodester Purchase Order Management System Supplier cross site scripting |
| CVE-2022-3504 | 2022-10-14 | SourceCodester Sanitization Management System sql injection |
| CVE-2022-35040 | 2022-10-14 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b5567. |
| CVE-2022-35041 | 2022-10-14 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b558f. |
| CVE-2022-35042 | 2022-10-14 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x4adb11. |
| CVE-2022-35043 | 2022-10-14 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c08a6. |
| CVE-2022-35044 | 2022-10-14 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x617087. |
| CVE-2022-35045 | 2022-10-14 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0d63. |
| CVE-2022-35046 | 2022-10-14 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0466. |
| CVE-2022-35047 | 2022-10-14 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b05aa. |
| CVE-2022-35048 | 2022-10-14 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0b2c. |
| CVE-2022-35049 | 2022-10-14 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b03b5. |
| CVE-2022-3505 | 2022-10-14 | SourceCodester Sanitization Management System cross site scripting |
| CVE-2022-35050 | 2022-10-14 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b04de. |
| CVE-2022-35052 | 2022-10-14 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b84b1. |
| CVE-2022-35053 | 2022-10-14 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x61731f. |
| CVE-2022-35054 | 2022-10-14 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6171b2. |
| CVE-2022-35055 | 2022-10-14 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0473. |
| CVE-2022-35056 | 2022-10-14 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0478. |
| CVE-2022-35058 | 2022-10-14 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b05ce. |
| CVE-2022-35059 | 2022-10-14 | OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0414. |
| CVE-2022-3506 | 2022-10-14 | Cross-site Scripting (XSS) - Stored in barrykooij/related-posts-for-wp |
| CVE-2022-37602 | 2022-10-14 | Prototype pollution vulnerability in karma-runner grunt-karma 4.0.1 via the key variable in grunt-karma.js. |
| CVE-2022-37603 | 2022-10-14 | A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js. |
| CVE-2022-38669 | 2022-10-14 | In soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed. |
| CVE-2022-38670 | 2022-10-14 | In soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed. |
| CVE-2022-38672 | 2022-10-14 | In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| CVE-2022-38673 | 2022-10-14 | In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| CVE-2022-38676 | 2022-10-14 | In gpu driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| CVE-2022-38677 | 2022-10-14 | In cell service, there is a missing permission check. This could lead to local denial of service in cell service with no additional execution privileges needed. |
| CVE-2022-38679 | 2022-10-14 | In music service, there is a missing permission check. This could lead to local denial of service in music service with no additional execution privileges needed. |
| CVE-2022-38687 | 2022-10-14 | In messaging service, there is a missing permission check. This could lead to local denial of service in messaging service with no additional execution privileges needed. |
| CVE-2022-38688 | 2022-10-14 | In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| CVE-2022-38689 | 2022-10-14 | In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| CVE-2022-38690 | 2022-10-14 | In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel. |
| CVE-2022-38697 | 2022-10-14 | In messaging service, there is a missing permission check. This could lead to access unexpected provider in contacts service with no additional execution privileges needed. |
| CVE-2022-38698 | 2022-10-14 | In messaging service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed. |
| CVE-2022-38977 | 2022-10-14 | The HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data. |
| CVE-2022-38980 | 2022-10-14 | The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions. |
| CVE-2022-38981 | 2022-10-14 | The HwAirlink module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause information leakage. |
| CVE-2022-38982 | 2022-10-14 | The fingerprint module has service logic errors.Successful exploitation of this vulnerability will cause the phone lock to be cracked. |
| CVE-2022-38983 | 2022-10-14 | The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution. |
| CVE-2022-38984 | 2022-10-14 | The HIPP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality. |
| CVE-2022-38985 | 2022-10-14 | The facial recognition module has a vulnerability in input validation.Successful exploitation of this vulnerability may affect data confidentiality. |
| CVE-2022-38986 | 2022-10-14 | The HIPP module has a vulnerability of bypassing the check of the data transferred in the kernel space.Successful exploitation of this vulnerability may cause out-of-bounds access to the HIPP module... |
| CVE-2022-38998 | 2022-10-14 | The HISP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality. |
| CVE-2022-39011 | 2022-10-14 | The HISP module has a vulnerability of bypassing the check of the data transferred in the kernel space.Successful exploitation of this vulnerability may cause unauthorized access to the HISP module. |
| CVE-2022-39064 | 2022-10-14 | An attacker sending a single malformed IEEE 802.15.4 (Zigbee) frame makes the TRÅDFRI bulb blink, and if they replay (i.e. resend) the same frame multiple times, the bulb performs a... |
| CVE-2022-39065 | 2022-10-14 | A single malformed IEEE 802.15.4 (Zigbee) frame makes the TRÅDFRI gateway unresponsive, such that connected lighting cannot be controlled with the IKEA Home Smart app and TRÅDFRI remote control. The... |
| CVE-2022-39080 | 2022-10-14 | In messaging service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed. |
| CVE-2022-39103 | 2022-10-14 | In Gallery service, there is a missing permission check. This could lead to local denial of service in Gallery service with no additional execution privileges needed. |
| CVE-2022-39105 | 2022-10-14 | In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| CVE-2022-39107 | 2022-10-14 | In Soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in Soundrecorder service with no additional execution privileges needed. |
| CVE-2022-39108 | 2022-10-14 | In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed. |
| CVE-2022-39109 | 2022-10-14 | In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed. |
| CVE-2022-39110 | 2022-10-14 | In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed. |
| CVE-2022-39111 | 2022-10-14 | In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed. |
| CVE-2022-39112 | 2022-10-14 | In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed. |
| CVE-2022-39113 | 2022-10-14 | In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed. |
| CVE-2022-39114 | 2022-10-14 | In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed. |
| CVE-2022-39115 | 2022-10-14 | In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed. |
| CVE-2022-39117 | 2022-10-14 | In messaging service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. |
| CVE-2022-39120 | 2022-10-14 | In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| CVE-2022-39121 | 2022-10-14 | In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| CVE-2022-39122 | 2022-10-14 | In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| CVE-2022-39123 | 2022-10-14 | In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| CVE-2022-39124 | 2022-10-14 | In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| CVE-2022-39125 | 2022-10-14 | In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| CVE-2022-39126 | 2022-10-14 | In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| CVE-2022-39127 | 2022-10-14 | In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| CVE-2022-39128 | 2022-10-14 | In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| CVE-2022-39308 | 2022-10-14 | GoCD API authentication of user access tokens subject to timing attack during comparison |
| CVE-2022-39309 | 2022-10-14 | GoCD server secret encryption/decryption key leaked to agents during material serialization |
| CVE-2022-39310 | 2022-10-14 | Malicious agent may be able to impersonate another agent in GoCD |
| CVE-2022-39311 | 2022-10-14 | Compromised agents may be able to execute remote code on GoCD Server |
| CVE-2022-41302 | 2022-10-14 | An Out-Of-Bounds Read Vulnerability in Autodesk FBX SDK version 2020. and prior may lead to code execution or information disclosure through maliciously crafted FBX files. This vulnerability in conjunction with... |
| CVE-2022-41303 | 2022-10-14 | A user may be tricked into opening a malicious FBX file which may exploit a use-after-free vulnerability in Autodesk FBX SDK 2020 version causing the application to reference a memory... |
| CVE-2022-41304 | 2022-10-14 | An Out-Of-Bounds Write Vulnerability in Autodesk FBX SDK 2020 version and prior may lead to code execution through maliciously crafted FBX files or information disclosure. |
| CVE-2022-41305 | 2022-10-14 | A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to... |
| CVE-2022-41306 | 2022-10-14 | A maliciously crafted PCT file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to... |
| CVE-2022-41307 | 2022-10-14 | A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to... |
| CVE-2022-41308 | 2022-10-14 | A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to... |
| CVE-2022-41416 | 2022-10-14 | Online Tours & Travels Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /user/update_booking.php. |
| CVE-2022-41436 | 2022-10-14 | An issue in OXHOO TP50 OXH1.50 allows unauthenticated attackers to access the administrative panel via browsing to the URL http://device_ip/index1.html. |
| CVE-2022-41477 | 2022-10-14 | A security issue was discovered in WeBid <=1.2.2. A Server-Side Request Forgery (SSRF) vulnerability in the admin/theme.php file allows remote attackers to inject payloads via theme parameters to read files... |
| CVE-2022-41535 | 2022-10-14 | Open Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /sacco_shield/manage_borrower.php. |