Lista CVE - 2022 / Dicembre
Visualizzazione 701 - 800 di 2356 CVE per Dicembre 2022 (Pagina 8 di 24)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2022-44679 | 2022-12-13 | Windows Graphics Component Information Disclosure Vulnerability |
| CVE-2022-44680 | 2022-12-13 | Windows Graphics Component Elevation of Privilege Vulnerability |
| CVE-2022-44681 | 2022-12-13 | Windows Print Spooler Elevation of Privilege Vulnerability |
| CVE-2022-44682 | 2022-12-13 | Windows Hyper-V Denial of Service Vulnerability |
| CVE-2022-44683 | 2022-12-13 | Windows Kernel Elevation of Privilege Vulnerability |
| CVE-2022-44687 | 2022-12-13 | Raw Image Extension Remote Code Execution Vulnerability |
| CVE-2022-44688 | 2022-12-13 | Microsoft Edge (Chromium-based) Spoofing Vulnerability |
| CVE-2022-44690 | 2022-12-13 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2022-44692 | 2022-12-13 | Microsoft Office Graphics Remote Code Execution Vulnerability |
| CVE-2022-44693 | 2022-12-13 | Microsoft SharePoint Server Remote Code Execution Vulnerability |
| CVE-2022-44694 | 2022-12-13 | Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2022-44695 | 2022-12-13 | Microsoft Office Visio Remote Code Execution Vulnerability |
| CVE-2022-44697 | 2022-12-13 | Windows Graphics Component Elevation of Privilege Vulnerability |
| CVE-2022-44699 | 2022-12-13 | Azure Network Watcher Agent Security Feature Bypass Vulnerability |
| CVE-2022-44702 | 2022-12-13 | Windows Terminal Remote Code Execution Vulnerability |
| CVE-2022-44707 | 2022-12-13 | Windows Kernel Denial of Service Vulnerability |
| CVE-2022-44708 | 2022-12-13 | Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability |
| CVE-2022-44710 | 2022-12-13 | DirectX Graphics Kernel Elevation of Privilege Vulnerability |
| CVE-2022-44713 | 2022-12-13 | Microsoft Outlook for Mac Spoofing Vulnerability |
| CVE-2022-45044 | 2022-12-13 | A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.50), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.50), SIPROTEC 5... |
| CVE-2022-46143 | 2022-12-13 | Affected devices do not check the TFTP blocksize correctly. This could allow an authenticated attacker to read from an uninitialized buffer that potentially contains previously allocated data. |
| CVE-2022-46345 | 2022-12-13 | A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170),... |
| CVE-2022-46346 | 2022-12-13 | A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170),... |
| CVE-2022-47211 | 2022-12-13 | Microsoft Office Graphics Remote Code Execution Vulnerability |
| CVE-2022-47212 | 2022-12-13 | Microsoft Office Graphics Remote Code Execution Vulnerability |
| CVE-2022-47213 | 2022-12-13 | Microsoft Office Graphics Remote Code Execution Vulnerability |
| CVE-2021-0934 | 2022-12-13 | In findAllDeAccounts of AccountsDb.java, there is a possible denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User... |
| CVE-2021-32415 | 2022-12-13 | EXEMSI MSI Wrapper Versions prior to 10.0.50 and at least since version 6.0.91 will introduce a local privilege escalation vulnerability in installers it creates. |
| CVE-2021-39660 | 2022-12-13 | In TBD of TBD, there is a possible way to archive arbitrary code execution in kernel due to a race condition. This could lead to local escalation of privilege with... |
| CVE-2021-40365 | 2022-12-13 | Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. |
| CVE-2021-44693 | 2022-12-13 | Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. |
| CVE-2021-44694 | 2022-12-13 | Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. |
| CVE-2021-44695 | 2022-12-13 | Affected devices don't process correctly certain special crafted packets sent to port 102/tcp, which could allow an attacker to cause a denial of service in the device. |
| CVE-2022-20240 | 2022-12-13 | In sOpAllowSystemRestrictionBypass of AppOpsManager.java, there is a possible leak of location information due to a missing permission check. This could lead to local escalation of privilege with System execution privileges... |
| CVE-2022-20411 | 2022-12-13 | In avdt_msg_asmbl of avdt_msg.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional... |
| CVE-2022-20442 | 2022-12-13 | In onCreate of ReviewPermissionsActivity.java, there is a possible way to grant permissions for a separate app with API level < 23 due to a tapjacking/overlay attack. This could lead to... |
| CVE-2022-20449 | 2022-12-13 | In writeApplicationRestrictionsLAr of UserManagerService.java, there is a possible overwrite of system files due to a path traversal error. This could lead to local denial of service with System execution privileges... |
| CVE-2022-20466 | 2022-12-13 | In applyKeyguardFlags of NotificationShadeWindowControllerImpl.java, there is a possible way to observe the user's password on a secondary display due to an insecure default value. This could lead to local information... |
| CVE-2022-20468 | 2022-12-13 | In BNEP_ConnectResp of bnep_api.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure over Bluetooth with no additional... |
| CVE-2022-20469 | 2022-12-13 | In avct_lcb_msg_asmbl of avct_lcb_act.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege over Bluetooth with no... |
| CVE-2022-20470 | 2022-12-13 | In bindRemoteViewsService of AppWidgetServiceImpl.java, there is a possible way to bypass background activity launch due to improper input validation. This could lead to local escalation of privilege with no additional... |
| CVE-2022-20471 | 2022-12-13 | In SendIncDecRestoreCmdPart2 of NxpMfcReader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2022-20472 | 2022-12-13 | In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges... |
| CVE-2022-20473 | 2022-12-13 | In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges... |
| CVE-2022-20474 | 2022-12-13 | In readLazyValue of Parcel.java, there is a possible loading of arbitrary code into the System Settings app due to a confused deputy. This could lead to local escalation of privilege... |
| CVE-2022-20475 | 2022-12-13 | In test of ResetTargetTaskHelper.java, there is a possible hijacking of any app which sets allowTaskReparenting="true" due to a confused deputy. This could lead to local escalation of privilege with no... |
| CVE-2022-20476 | 2022-12-13 | In setEnabledSetting of PackageManager.java, there is a possible way to get the device into an infinite reboot loop due to resource exhaustion. This could lead to local denial of service... |
| CVE-2022-20477 | 2022-12-13 | In shouldHideNotification of KeyguardNotificationVisibilityProvider.kt, there is a possible way to show hidden notifications due to a logic error in the code. This could lead to local escalation of privilege with... |
| CVE-2022-20478 | 2022-12-13 | In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2022-20479 | 2022-12-13 | In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2022-20480 | 2022-12-13 | In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2022-20482 | 2022-12-13 | In createNotificationChannel of NotificationManager.java, there is a possible way to make the device unusable and require factory reset due to resource exhaustion. This could lead to local denial of service... |
| CVE-2022-20483 | 2022-12-13 | In several functions that parse avrc response in avrc_pars_ct.cc and related files, there are possible out of bounds reads due to integer overflows. This could lead to remote information disclosure... |
| CVE-2022-20484 | 2022-12-13 | In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2022-20485 | 2022-12-13 | In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2022-20486 | 2022-12-13 | In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2022-20487 | 2022-12-13 | In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2022-20488 | 2022-12-13 | In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2022-20491 | 2022-12-13 | In NotificationChannel of NotificationChannel.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privilege with no additional execution privileges... |
| CVE-2022-20495 | 2022-12-13 | In getEnabledAccessibilityServiceList of AccessibilityManager.java, there is a possible way to hide an accessibility service due to a logic error in the code. This could lead to local escalation of privilege... |
| CVE-2022-20496 | 2022-12-13 | In setDataSource of initMediaExtractor.cpp, there is a possibility of arbitrary code execution due to a use after free. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2022-20497 | 2022-12-13 | In updatePublicMode of NotificationLockscreenUserManagerImpl.java, there is a possible way to reveal sensitive notifications on the lockscreen due to an incorrect state transition. This could lead to local information disclosure with... |
| CVE-2022-20498 | 2022-12-13 | In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed.... |
| CVE-2022-20500 | 2022-12-13 | In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed.... |
| CVE-2022-20501 | 2022-12-13 | In onCreate of EnableAccountPreferenceActivity.java, there is a possible way to mislead the user into enabling a malicious phone account due to a tapjacking/overlay attack. This could lead to local escalation... |
| CVE-2022-20502 | 2022-12-13 | In GetResolvedMethod of entrypoint_utils-inl.h, there is a possible use after free due to a stale cache. This could lead to local information disclosure with no additional execution privileges needed. User... |
| CVE-2022-20611 | 2022-12-13 | In deletePackageVersionedInternal of DeletePackageHelper.java, there is a possible way to bypass carrier restrictions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution... |
| CVE-2022-25672 | 2022-12-13 | Denial of service in MODEM due to reachable assertion while processing SIB1 with invalid Bandwidth in Snapdragon Mobile |
| CVE-2022-25673 | 2022-12-13 | Denial of service in MODEM due to reachable assertion while processing configuration from network in Snapdragon Mobile |
| CVE-2022-25675 | 2022-12-13 | Denial of service due to reachable assertion in modem while processing filter rule from application client in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile |
| CVE-2022-25677 | 2022-12-13 | Memory corruption in diag due to use after free while processing dci packet in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired... |
| CVE-2022-25681 | 2022-12-13 | Possible memory corruption in kernel while performing memory access due to hypervisor not correctly invalidated the processor translation caches in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT,... |
| CVE-2022-25682 | 2022-12-13 | Memory corruption in MODEM UIM due to usage of out of range pointer offset while decoding command from card in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon... |
| CVE-2022-25685 | 2022-12-13 | Denial of service in Modem module due to improper authorization while error handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables |
| CVE-2022-25689 | 2022-12-13 | Denial of service in Modem due to reachable assertion in Snapdragon Mobile |
| CVE-2022-25691 | 2022-12-13 | Denial of service in Modem due to reachable assertion while processing SIB1 with invalid SCS and bandwidth settings in Snapdragon Mobile |
| CVE-2022-25692 | 2022-12-13 | Denial of service in Modem due to reachable assertion while processing the common config procedure in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables |
| CVE-2022-25695 | 2022-12-13 | Memory corruption in MODEM due to Improper Validation of Array Index while processing GSTK Proactive commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon... |
| CVE-2022-25697 | 2022-12-13 | Memory corruption in i2c buses due to improper input validation while reading address configuration from i2c driver in Snapdragon Mobile, Snapdragon Wearables |
| CVE-2022-25698 | 2022-12-13 | Memory corruption in SPI buses due to improper input validation while reading address configuration from spi buses in Snapdragon Mobile, Snapdragon Wearables |
| CVE-2022-25702 | 2022-12-13 | Denial of service in modem due to reachable assertion while processing reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables |
| CVE-2022-25711 | 2022-12-13 | Memory corruption in camera due to improper validation of array index in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables |
| CVE-2022-25712 | 2022-12-13 | Memory corruption in camera due to buffer copy without checking size of input in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables |
| CVE-2022-27518 | 2022-12-13 | Unauthenticated remote arbitrary code execution |
| CVE-2022-27581 | 2022-12-13 | Use of a Broken or Risky Cryptographic Algorithm in SICK RFU61x firmware version <v2.25 allows a low-privileged remote attacker to decrypt the encrypted data if the user requested weak cipher... |
| CVE-2022-31696 | 2022-12-13 | VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to... |
| CVE-2022-31697 | 2022-12-13 | The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance... |
| CVE-2022-31698 | 2022-12-13 | The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger... |
| CVE-2022-31699 | 2022-12-13 | VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure. |
| CVE-2022-33235 | 2022-12-13 | Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon... |
| CVE-2022-33238 | 2022-12-13 | Transient DOS due to loop with unreachable exit condition in WLAN while processing an incoming FTM frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer... |
| CVE-2022-33268 | 2022-12-13 | Information disclosure due to buffer over-read in Bluetooth HOST while pairing and connecting A2DP. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice &... |
| CVE-2022-37155 | 2022-12-13 | RCE in SPIP 3.1.13 through 4.1.2 allows remote authenticated users to execute arbitrary code via the _oups parameter. |
| CVE-2022-38628 | 2022-12-13 | Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e were discovered to contain a cross-site scripting (XSS) vulnerability which is chained with a local session fixation. This... |
| CVE-2022-41279 | 2022-12-13 | A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions... |
| CVE-2022-41280 | 2022-12-13 | A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions... |
| CVE-2022-41281 | 2022-12-13 | A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions... |
| CVE-2022-41282 | 2022-12-13 | A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions... |
| CVE-2022-41283 | 2022-12-13 | A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions... |
| CVE-2022-41284 | 2022-12-13 | A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions... |