ReportizFlow
Filtered by vendor
Subscriptions
Total
8947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-33273 | 1 Qualcomm | 198 Aqt1000, Aqt1000 Firmware, Ar8035 and 195 more | 2024-11-21 | 7.3 High |
| Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report generation. | ||||
| CVE-2022-33271 | 1 Qualcomm | 490 Apq8096au, Apq8096au Firmware, Aqt1000 and 487 more | 2024-11-21 | 8.2 High |
| Information disclosure due to buffer over-read in WLAN while parsing NMF frame. | ||||
| CVE-2022-33258 | 1 Qualcomm | 30 9205 Lte Modem Firmware, 9206 Lte Modem Firmware, 9207 Lte Modem Firmware and 27 more | 2024-11-21 | 8.2 High |
| Information disclosure due to buffer over-read in modem while reading configuration parameters. | ||||
| CVE-2022-33229 | 1 Qualcomm | 42 Ar8031, Ar8031 Firmware, Csra6620 and 39 more | 2024-11-21 | 8.2 High |
| Information disclosure due to buffer over-read in Modem while using static array to process IPv4 packets. | ||||
| CVE-2022-33228 | 1 Qualcomm | 24 Mdm8207, Mdm8207 Firmware, Mdm9205 and 21 more | 2024-11-21 | 8.2 High |
| Information disclosure sue to buffer over-read in modem while processing ipv6 packet with hop-by-hop or destination option in header. | ||||
| CVE-2022-33222 | 1 Qualcomm | 26 Mdm8207, Mdm8207 Firmware, Mdm9205 and 23 more | 2024-11-21 | 8.2 High |
| Information disclosure due to buffer over-read while parsing DNS response packets in Modem. | ||||
| CVE-2022-33221 | 1 Qualcomm | 28 Sd 8 Gen1 5g Firmware, Sm8475, Ssg2115p and 25 more | 2024-11-21 | 6.8 Medium |
| Information disclosure in Trusted Execution Environment due to buffer over-read while processing metadata verification requests. | ||||
| CVE-2022-33220 | 1 Qualcomm | 90 Aqt1000, Aqt1000 Firmware, Qam8295p and 87 more | 2024-11-21 | 5.1 Medium |
| Information disclosure in Automotive multimedia due to buffer over-read. | ||||
| CVE-2022-33021 | 1 Openhwgroup | 1 Cva6 | 2024-11-21 | 7.5 High |
| CVA6 commit 909d85a accesses invalid memory when reading the value of MHPMCOUNTER30. | ||||
| CVE-2022-32990 | 2 Gimp, Redhat | 2 Gimp, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| An issue in gimp_layer_invalidate_boundary of GNOME GIMP 2.10.30 allows attackers to trigger an unhandled exception via a crafted XCF file, causing a Denial of Service (DoS). | ||||
| CVE-2022-32745 | 1 Samba | 1 Samba | 2024-11-21 | 8.1 High |
| A flaw was found in Samba. Samba AD users can cause the server to access uninitialized data with an LDAP add or modify the request, usually resulting in a segmentation fault. | ||||
| CVE-2022-32325 | 2 Fedoraproject, Jpegoptim Project | 2 Fedora, Jpegoptim | 2024-11-21 | 6.5 Medium |
| JPEGOPTIM v1.4.7 was discovered to contain a segmentation violation which is caused by a READ memory access at jpegoptim.c. | ||||
| CVE-2022-32200 | 1 Libdwarf Project | 1 Libdwarf | 2024-11-21 | 7.8 High |
| libdwarf 0.4.0 has a heap-based buffer over-read in _dwarf_check_string_valid in dwarf_util.c. | ||||
| CVE-2022-32141 | 1 Codesys | 2 Plcwinnt, Runtime Toolkit | 2024-11-21 | 6.5 Medium |
| Multiple CODESYS Products are prone to a buffer over read. A low privileged remote attacker may craft a request with an invalid offset, which can cause an internal buffer over-read, resulting in a denial-of-service condition. User interaction is not required. | ||||
| CVE-2022-32139 | 1 Codesys | 2 Plcwinnt, Runtime Toolkit | 2024-11-21 | 6.5 Medium |
| In multiple CODESYS products, a low privileged remote attacker may craft a request, which cause an out-of-bounds read, resulting in a denial-of-service condition. User Interaction is not required. | ||||
| CVE-2022-31796 | 1 Jpeg | 1 Libjpeg | 2024-11-21 | 6.5 Medium |
| libjpeg 1.63 has a heap-based buffer over-read in HierarchicalBitmapRequester::FetchRegion in hierarchicalbitmaprequester.cpp because the MCU size can be different between allocation and use. | ||||
| CVE-2022-31630 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2024-11-21 | 6.5 Medium |
| In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont() function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar() function, the read outside allocated buffer will be used. This can lead to crashes or disclosure of confidential information. | ||||
| CVE-2022-31212 | 2 Dbus-broker Project, Redhat | 2 Dbus-broker, Enterprise Linux | 2024-11-21 | 7.5 High |
| An issue was discovered in dbus-broker before 31. It depends on c-uitl/c-shquote to parse the DBus service's Exec line. c-shquote contains a stack-based buffer over-read if a malicious Exec line is supplied. | ||||
| CVE-2022-31001 | 2 Debian, Signalwire | 2 Debian Linux, Sofia-sip | 2024-11-21 | 7.5 High |
| Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause crash. This type of crash may be caused by `#define MATCH(s, m) (strncmp(s, m, n = sizeof(m) - 1) == 0)`, which will make `n` bigger and trigger out-of-bound access when `IS_NON_WS(s[n])`. Version 1.13.8 contains a patch for this issue. | ||||
| CVE-2022-30976 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.1 High |
| GPAC 2.0.0 misuses a certain Unicode utf8_wcslen (renamed gf_utf8_wcslen) function in utils/utf.c, resulting in a heap-based buffer over-read, as demonstrated by MP4Box. | ||||