Lista CVE - 2022 / Novembre
Visualizzazione 1 - 100 di 2020 CVE per Novembre 2022 (Pagina 1 di 21)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2022-3315 | 2022-11-01 | Type confusion in Blink in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Low) |
| CVE-2022-3316 | 2022-11-01 | Insufficient validation of untrusted input in Safe Browsing in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass security feature via a crafted HTML page. (Chromium security severity:... |
| CVE-2022-3317 | 2022-11-01 | Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 106.0.5249.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security... |
| CVE-2022-3318 | 2022-11-01 | Use after free in ChromeOS Notifications in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker who convinced a user to reboot Chrome OS to potentially exploit heap... |
| CVE-2022-3370 | 2022-11-01 | Use after free in Custom Elements in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2022-3443 | 2022-11-01 | Insufficient data validation in File System API in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass File System restrictions via a crafted HTML page. (Chromium security severity:... |
| CVE-2022-3444 | 2022-11-01 | Insufficient data validation in File System API in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to bypass File System restrictions via a crafted HTML page and malicious file.... |
| CVE-2022-3652 | 2022-11-01 | Type confusion in V8 in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2022-3653 | 2022-11-01 | Heap buffer overflow in Vulkan in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2022-3654 | 2022-11-01 | Use after free in Layout in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2022-3655 | 2022-11-01 | Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via... |
| CVE-2022-3656 | 2022-11-01 | Insufficient data validation in File System in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass file system restrictions via a crafted HTML page. (Chromium security severity: Medium) |
| CVE-2022-3657 | 2022-11-01 | Use after free in Extensions in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a... |
| CVE-2022-3658 | 2022-11-01 | Use after free in Feedback service on Chrome OS in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension... |
| CVE-2022-3659 | 2022-11-01 | Use after free in Accessibility in Google Chrome on Chrome OS prior to 107.0.5304.62 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially... |
| CVE-2022-3660 | 2022-11-01 | Inappropriate implementation in Full screen mode in Google Chrome on Android prior to 107.0.5304.62 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted... |
| CVE-2022-3661 | 2022-11-01 | Insufficient data validation in Extensions in Google Chrome prior to 107.0.5304.62 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted Chrome extension.... |
| CVE-2022-3801 | 2022-11-01 | IBAX go-ibax rowsInfo sql injection |
| CVE-2022-3812 | 2022-11-01 | Axiomatic Bento4 mp4encrypt AP4_ContainerAtom memory leak |
| CVE-2022-42309 | 2022-11-01 | Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an... |
| CVE-2022-42310 | 2022-11-01 | Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction resulting in an error, a malicious guest can create orphaned nodes in the Xenstore data base,... |
| CVE-2022-42319 | 2022-11-01 | Xenstore: Guests can cause Xenstore to not free temporary memory When working on a request of a guest, xenstored might need to allocate quite large amounts of memory temporarily. This... |
| CVE-2022-42320 | 2022-11-01 | Xenstore: Guests can get access to Xenstore nodes of deleted domains Access rights of Xenstore nodes are per domid. When a domain is gone, there might be Xenstore nodes left... |
| CVE-2022-42321 | 2022-11-01 | Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations (e.g. for deleting a sub-tree of Xenstore nodes). With sufficiently deep nesting levels... |
| CVE-2022-42322 | 2022-11-01 | Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of... |
| CVE-2022-42323 | 2022-11-01 | Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of... |
| CVE-2022-42324 | 2022-11-01 | Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32_t out of the ring and... |
| CVE-2022-42325 | 2022-11-01 | Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a... |
| CVE-2022-42789 | 2022-11-01 | An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be... |
| CVE-2022-42790 | 2022-11-01 | A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey... |
| CVE-2022-22658 | 2022-11-01 | An input validation issue was addressed with improved input validation. This issue is fixed in iOS 16.0.3. Processing a maliciously crafted email message may lead to a denial-of-service. |
| CVE-2022-22677 | 2022-11-01 | A logic issue in the handling of concurrent media was addressed with improved state handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. Video self-preview... |
| CVE-2022-23738 | 2022-11-01 | Incomplete cache verification issue in GitHub Enterprise Server leading to exposure of private repo files |
| CVE-2022-2572 | 2022-11-01 | In affected versions of Octopus Server where access is managed by an external authentication provider, it was possible that the API key/keys of a disabled/deleted user were still valid after... |
| CVE-2022-25892 | 2022-11-01 | Denial of Service (DoS) |
| CVE-2022-26709 | 2022-11-01 | A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5.... |
| CVE-2022-26710 | 2022-11-01 | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, tvOS 15.5, watchOS 8.6. Processing maliciously... |
| CVE-2022-26716 | 2022-11-01 | A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing... |
| CVE-2022-26717 | 2022-11-01 | A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, Safari 15.5,... |
| CVE-2022-26719 | 2022-11-01 | A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4, Safari 15.5. Processing... |
| CVE-2022-26730 | 2022-11-01 | A memory corruption issue existed in the processing of ICC profiles. This issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13. Processing a maliciously... |
| CVE-2022-26762 | 2022-11-01 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious application may be able to... |
| CVE-2022-27582 | 2022-11-01 | Password recovery vulnerability in SICK SIM4000 (PPC) Partnumber 1078787 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method.... |
| CVE-2022-27584 | 2022-11-01 | Password recovery vulnerability in SICK SIM2000ST Partnumber 1080579 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password recovery mechanism method. This... |
| CVE-2022-27585 | 2022-11-01 | Password recovery vulnerability in SICK SIM1000 FX Partnumber 1097816 and 1097817 with firmware version <1.6.0 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by... |
| CVE-2022-27586 | 2022-11-01 | Password recovery vulnerability in SICK SIM1004 Partnumber 1098148 with firmware version <2.0.0 allows an unprivileged remote attacker to gain access to the userlevel defined as RecoverableUserLevel by invocating the password... |
| CVE-2022-31777 | 2022-11-01 | Apache Spark XSS vulnerability in log viewer UI Javascript |
| CVE-2022-32794 | 2022-11-01 | A logic issue was addressed with improved state management. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. An app may be able... |
| CVE-2022-32827 | 2022-11-01 | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to cause a denial-of-service. |
| CVE-2022-32835 | 2022-11-01 | This issue was addressed with improved entitlements. This issue is fixed in iOS 16, watchOS 9. An app may be able to read a persistent device identifier. |
| CVE-2022-32858 | 2022-11-01 | The issue was addressed with improved memory handling. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. An app may be able to leak sensitive kernel state. |
| CVE-2022-32859 | 2022-11-01 | A logic issue was addressed with improved state management. This issue is fixed in iOS 16. Deleted contacts may still appear in spotlight search results. |
| CVE-2022-32862 | 2022-11-01 | This issue was addressed with improved data protection. This issue is fixed in macOS Big Sur 11.7.1, macOS Ventura 13, macOS Monterey 12.6.1. An app with root privileges may be... |
| CVE-2022-32865 | 2022-11-01 | The issue was addressed with improved memory handling. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. |
| CVE-2022-32866 | 2022-11-01 | The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may... |
| CVE-2022-32867 | 2022-11-01 | This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. A user with physical access to an iOS device may be able... |
| CVE-2022-32870 | 2022-11-01 | A logic issue was addressed with improved state management. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. A user with physical access to a device may... |
| CVE-2022-32875 | 2022-11-01 | A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6. An app... |
| CVE-2022-32877 | 2022-11-01 | A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Monterey 12.6. An app may be able to access user-sensitive data. |
| CVE-2022-32879 | 2022-11-01 | A logic issue was addressed with improved state management. This issue is fixed in macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, tvOS 16. A user... |
| CVE-2022-32881 | 2022-11-01 | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An... |
| CVE-2022-32887 | 2022-11-01 | The issue was addressed with improved memory handling. This issue is fixed in iOS 16. An app may be able to execute arbitrary code with kernel privileges. |
| CVE-2022-32888 | 2022-11-01 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS... |
| CVE-2022-32889 | 2022-11-01 | The issue was addressed with improved memory handling. This issue is fixed in iOS 16, watchOS 9. An app may be able to execute arbitrary code with kernel privileges. |
| CVE-2022-32890 | 2022-11-01 | A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. A sandboxed process may be able to circumvent sandbox restrictions. |
| CVE-2022-32892 | 2022-11-01 | An access issue was addressed with improvements to the sandbox. This issue is fixed in Safari 16, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13. A sandboxed process... |
| CVE-2022-32895 | 2022-11-01 | A race condition was addressed with improved state handling. This issue is fixed in macOS Ventura 13. An app may be able to modify protected parts of the file system. |
| CVE-2022-32898 | 2022-11-01 | The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13, watchOS 9. An app may be able... |
| CVE-2022-32899 | 2022-11-01 | The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7 and iPadOS 15.7, iOS 16, macOS Ventura 13, watchOS 9. An app may be able... |
| CVE-2022-32903 | 2022-11-01 | A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to execute arbitrary... |
| CVE-2022-32904 | 2022-11-01 | An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. An app may be able to... |
| CVE-2022-32905 | 2022-11-01 | This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted DMG file may lead to arbitrary code execution with... |
| CVE-2022-32907 | 2022-11-01 | This issue was addressed with improved checks. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to execute arbitrary code with kernel privileges. |
| CVE-2022-32909 | 2022-11-01 | The issue was addressed with improved handling of caches. This issue is fixed in iOS 16. An app may be able to access user-sensitive data. |
| CVE-2022-32910 | 2022-11-01 | A logic issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.6.8, macOS Monterey 12.5, Security Update 2022-005 Catalina. An archive may be able to... |
| CVE-2022-32913 | 2022-11-01 | The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS... |
| CVE-2022-32914 | 2022-11-01 | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6,... |
| CVE-2022-32915 | 2022-11-01 | A type confusion issue was addressed with improved checks. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. |
| CVE-2022-32918 | 2022-11-01 | This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to bypass Privacy preferences. |
| CVE-2022-32922 | 2022-11-01 | A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. Processing maliciously crafted web... |
| CVE-2022-32923 | 2022-11-01 | A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1,... |
| CVE-2022-32924 | 2022-11-01 | The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, macOS Big Sur 11.7, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS... |
| CVE-2022-32925 | 2022-11-01 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16, iOS 16, watchOS 9. An app may be able to cause unexpected system... |
| CVE-2022-32926 | 2022-11-01 | The issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16.... |
| CVE-2022-32927 | 2022-11-01 | The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. Joining a malicious Wi-Fi network may result... |
| CVE-2022-32928 | 2022-11-01 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 16, macOS Ventura 13, watchOS 9. A user in a privileged network position may be able... |
| CVE-2022-32929 | 2022-11-01 | A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 15.7 and iPadOS 15.7, iOS 16.1 and iPadOS 16. An app... |
| CVE-2022-32932 | 2022-11-01 | The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, watchOS 9.1. An app may be able... |
| CVE-2022-32934 | 2022-11-01 | The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. A remote user may be able to... |
| CVE-2022-32935 | 2022-11-01 | A lock screen issue was addressed with improved state management. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. A user... |
| CVE-2022-32936 | 2022-11-01 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13. An app may be able to disclose kernel memory. |
| CVE-2022-32938 | 2022-11-01 | A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. A shortcut... |
| CVE-2022-32939 | 2022-11-01 | The issue was addressed with improved bounds checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An app may be able to execute... |
| CVE-2022-32940 | 2022-11-01 | The issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able... |
| CVE-2022-32941 | 2022-11-01 | The issue was addressed with improved bounds checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS... |
| CVE-2022-32944 | 2022-11-01 | A memory corruption issue was addressed with improved state management. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and... |
| CVE-2022-32946 | 2022-11-01 | This issue was addressed with improved entitlements. This issue is fixed in iOS 16.1 and iPadOS 16. An app may be able to record audio using a pair of connected... |
| CVE-2022-32947 | 2022-11-01 | The issue was addressed with improved memory handling. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute... |
| CVE-2022-3304 | 2022-11-01 | Use after free in CSS in Google Chrome prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2022-3305 | 2022-11-01 | Use after free in survey in Google Chrome on ChromeOS prior to 106.0.5249.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity:... |