Export limit exceeded: 330772 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29828 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29828 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-39862 | 2 Google, Samsung | 2 Android, Dynamic Lockscreen | 2024-11-21 | 5.3 Medium |
| Improper authorization in Dynamic Lockscreen prior to SMR Sep-2022 Release 1 in Android R(11) and 3.3.03.66 in Android S(12) allows unauthorized use of javascript interface api. | ||||
| CVE-2022-39860 | 1 Samsung | 1 Quick Share | 2024-11-21 | 4.4 Medium |
| Improper access control vulnerability in QuickShare prior to version 13.2.3.5 allows attackers to access sensitive information via implicit broadcast. | ||||
| CVE-2022-39857 | 1 Samsung | 1 Factorycamerafb | 2024-11-21 | 7.3 High |
| Improper access control vulnerability in CameraTestActivity in FactoryCameraFB prior to version 3.5.51 allows attackers to access broadcasting Intent as system uid privilege. | ||||
| CVE-2022-39856 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Improper access control vulnerability in imsservice application prior to SMR Oct-2022 Release 1 allows local attackers to access call information. | ||||
| CVE-2022-39855 | 1 Google | 1 Android | 2024-11-21 | 5.1 Medium |
| Improper access control vulnerability in FACM application prior to SMR Oct-2022 Release 1 allows a local attacker to connect arbitrary AP and Bluetooth devices. | ||||
| CVE-2022-39854 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 6.4 Medium |
| Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory. | ||||
| CVE-2022-39851 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Improper access control vulnerability in CocktailBarService prior to SMR Oct-2022 Release 1 allows local attacker to bind service that require BIND_REMOTEVIEWS permission. | ||||
| CVE-2022-39850 | 1 Google | 1 Android | 2024-11-21 | 3.3 Low |
| Improper access control in mum_container_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data. | ||||
| CVE-2022-39849 | 1 Google | 1 Android | 2024-11-21 | 3.3 Low |
| Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data. | ||||
| CVE-2022-39190 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| An issue was discovered in net/netfilter/nf_tables_api.c in the Linux kernel before 5.19.6. A denial of service can occur upon binding to an already bound chain. | ||||
| CVE-2022-39010 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 7.5 High |
| The HwChrService module has a vulnerability in permission control. Successful exploitation of this vulnerability may cause disclosure of user network information. | ||||
| CVE-2022-38999 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 9.8 Critical |
| The AOD module has the improper update of reference count vulnerability. Successful exploitation of this vulnerability may affect data integrity, confidentiality, and availability. | ||||
| CVE-2022-38880 | 1 Democritus Urls Project | 1 Democritus Urls | 2024-11-21 | 9.8 Critical |
| The d8s-urls for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The affected version is 0.1.0. | ||||
| CVE-2022-38792 | 1 Exotel Project | 1 Exotel | 2024-11-21 | 9.8 Critical |
| The exotel (aka exotel-py) package in PyPI as of 0.1.6 includes a code execution backdoor inserted by a third party. | ||||
| CVE-2022-38788 | 1 Nokia | 2 Fastmile 5g Receiver, Fastmile 5g Receiver Firmware | 2024-11-21 | 4.3 Medium |
| An issue was discovered in Nokia FastMile 5G Receiver 5G14-B 1.2104.00.0281. Bluetooth on the Nokia ODU uses outdated pairing mechanisms, allowing an attacker to passively intercept a paring handshake and (after offline cracking) retrieve the PIN and LTK (long-term key). | ||||
| CVE-2022-38786 | 1 Intel | 1 Battery Life Diagnostic Tool | 2024-11-21 | 6.7 Medium |
| Improper access control in some Intel Battery Life Diagnostic Tool software before version 2.2.1 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-38770 | 1 Transtek | 1 Mojodat Fixed Asset Management | 2024-11-21 | 5.3 Medium |
| The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to fetch other users' data upon a successful login request. | ||||
| CVE-2022-38769 | 1 Transtek | 1 Mojodat Fixed Asset Management | 2024-11-21 | 7.5 High |
| The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to fetch cleartext passwords upon a successful login request. | ||||
| CVE-2022-38768 | 1 Transtek | 1 Mojodat Fixed Asset Management | 2024-11-21 | 9.8 Critical |
| The mobile application in Transtek Mojodat FAM (Fixed Asset Management) 2.4.6 allows remote attackers to bypass authorization. | ||||
| CVE-2022-38715 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-11-21 | 8.8 High |
| A leftover debug code vulnerability exists in the httpd shell.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability. | ||||