ReportizFlow
Filtered by vendor
Subscriptions
Total
12661 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-32248 | 1 Sap | 1 S\/4hana | 2024-11-21 | 5.3 Medium |
| Due to missing input validation in the Manage Checkbooks component of SAP S/4HANA - version 101, 102, 103, 104, 105, 106, an attacker could insert or edit the value of an existing field in the database. This leads to an impact on the integrity of the data. | ||||
| CVE-2022-32243 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 5.5 Medium |
| When a user opens manipulated Scalable Vector Graphics (.svg, svg.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2022-32242 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 5.5 Medium |
| When a user opens manipulated Radiance Picture (.hdr, hdr.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2022-32241 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 5.5 Medium |
| When a user opens manipulated Portable Document Format (.pdf, PDFView.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2022-32240 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 5.5 Medium |
| When a user opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2022-32239 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 5.5 Medium |
| When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2022-32238 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 5.5 Medium |
| When a user opens manipulated Encapsulated Post Script (.eps, ai.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2022-32237 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 5.5 Medium |
| When a user opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2022-32236 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 5.5 Medium |
| When a user opens manipulated Windows Bitmap (.bmp, 2d.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2022-32235 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 5.5 Medium |
| When a user opens manipulated AutoCAD (.dwg, TeighaTranslator.exe) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application. | ||||
| CVE-2022-32154 | 1 Splunk | 2 Splunk, Splunk Cloud Platform | 2024-11-21 | 6.8 Medium |
| Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search commands into a form token when the token is used in a query in a cross-origin request. The result bypasses SPL safeguards for risky commands. See New capabilities can limit access to some custom and potentially risky commands (https://docs.splunk.com/Documentation/Splunk/9.0.0/Security/SPLsafeguards#New_capabilities_can_limit_access_to_some_custom_and_potentially_risky_commands) for more information. Note that the attack is browser-based and an attacker cannot exploit it at will. | ||||
| CVE-2022-31780 | 3 Apache, Debian, Fedoraproject | 3 Traffic Server, Debian Linux, Fedora | 2024-11-21 | 7.5 High |
| Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. | ||||
| CVE-2022-31779 | 3 Apache, Debian, Fedoraproject | 3 Traffic Server, Debian Linux, Fedora | 2024-11-21 | 7.5 High |
| Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. | ||||
| CVE-2022-31778 | 2 Apache, Debian | 2 Traffic Server, Debian Linux | 2024-11-21 | 7.5 High |
| Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 8.0.0 to 9.0.2. | ||||
| CVE-2022-31762 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 7.8 High |
| The AMS module has a vulnerability in input validation. Successful exploitation of this vulnerability may cause privilege escalation. | ||||
| CVE-2022-31630 | 2 Php, Redhat | 2 Php, Enterprise Linux | 2024-11-21 | 6.5 Medium |
| In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont() function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar() function, the read outside allocated buffer will be used. This can lead to crashes or disclosure of confidential information. | ||||
| CVE-2022-31321 | 1 Boltcms | 1 Bolt | 2024-11-21 | 9.1 Critical |
| The foldername parameter in Bolt 5.1.7 was discovered to have incorrect input validation, allowing attackers to perform directory enumeration or cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2022-30756 | 1 Google | 1 Android | 2024-11-21 | 8.5 High |
| Implicit Intent hijacking vulnerability in Finder prior to SMR Jul-2022 Release 1 allow allows attackers to launch certain activities with privilege of Finder. | ||||
| CVE-2022-30754 | 1 Google | 1 Android | 2024-11-21 | 8.5 High |
| Implicit Intent hijacking vulnerability in AppLinker prior to SMR Jul-2022 Release 1 allow allows attackers to launch certain activities with privilege of AppLinker. | ||||
| CVE-2022-30744 | 1 Samsung | 1 Kies | 2024-11-21 | 6.2 Medium |
| DLL hijacking vulnerability in KiesWrapper in Samsung Kies prior to version 2.6.4.22043_1 allows attacker to execute arbitrary code. | ||||