ReportizFlow
Filtered by vendor
Subscriptions
Total
13064 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-33876 | 1 Fortinet | 1 Fortiadc | 2024-11-21 | 5.1 Medium |
| Multiple instances of improper input validation vulnerability in Fortinet FortiADC version 7.1.0, version 7.0.0 through 7.0.2 and version 6.2.4 and below allows an authenticated attacker to retrieve files with specific extension from the underlying Linux system via crafted HTTP requests. | ||||
| CVE-2022-33754 | 1 Broadcom | 1 Ca Automic Automation | 2024-11-21 | 9.8 Critical |
| CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. | ||||
| CVE-2022-33752 | 1 Broadcom | 1 Ca Automic Automation | 2024-11-21 | 9.8 Critical |
| CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code. | ||||
| CVE-2022-33729 | 1 Google | 1 Android | 2024-11-21 | 5.9 Medium |
| Improper restriction of broadcasting Intent in ConfirmConnectActivity of?NFC prior to SMR Aug-2022 Release 1 leaks MAC address of the connected Bluetooth device. | ||||
| CVE-2022-33719 | 1 Google | 1 Android | 2024-11-21 | 8.6 High |
| Improper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause integer overflow to heap overflow. | ||||
| CVE-2022-33715 | 1 Google | 1 Android | 2024-11-21 | 5.3 Medium |
| Improper access control and path traversal vulnerability in LauncherProvider prior to SMR Aug-2022 Release 1 allow local attacker to access files of One UI. | ||||
| CVE-2022-33710 | 1 Samsung | 1 Galaxy Store | 2024-11-21 | 7.8 High |
| Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | ||||
| CVE-2022-33709 | 1 Samsung | 1 Galaxy Store | 2024-11-21 | 7.8 High |
| Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | ||||
| CVE-2022-33708 | 1 Samsung | 1 Galaxy Store | 2024-11-21 | 7.8 High |
| Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege. | ||||
| CVE-2022-33704 | 1 Google | 1 Android | 2024-11-21 | 8.5 High |
| Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities. | ||||
| CVE-2022-33703 | 1 Google | 1 Android | 2024-11-21 | 8.5 High |
| Improper validation vulnerability in CACertificateInfo prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities. | ||||
| CVE-2022-33690 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to access arbitrary file. | ||||
| CVE-2022-33216 | 1 Qualcomm | 36 Qam8295p, Qam8295p Firmware, Qca6574a and 33 more | 2024-11-21 | 6 Medium |
| Transient Denial-of-service in Automotive due to improper input validation while parsing ELF file. | ||||
| CVE-2022-33211 | 1 Qualcomm | 24 Mdm8207, Mdm8207 Firmware, Mdm9205 and 21 more | 2024-11-21 | 9.8 Critical |
| memory corruption in modem due to improper check while calculating size of serialized CoAP message | ||||
| CVE-2022-33124 | 1 Aiohttp | 1 Aiohttp | 2024-11-21 | 5.5 Medium |
| AIOHTTP 3.8.1 can report a "ValueError: Invalid IPv6 URL" outcome, which can lead to a Denial of Service (DoS). NOTE: multiple third parties dispute this issue because there is no example of a context in which denial of service would occur, and many common contexts have exception handing in the calling application | ||||
| CVE-2022-33082 | 1 Openpolicyagent | 1 Open Policy Agent | 2024-11-21 | 7.5 High |
| An issue in the AST parser (ast/compile.go) of Open Policy Agent v0.10.2 allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2022-32591 | 2 Google, Mediatek | 38 Android, Mt6580, Mt6739 and 35 more | 2024-11-21 | 7.5 High |
| In ril, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07257259; Issue ID: ALPS07257259. | ||||
| CVE-2022-32534 | 1 Bosch | 2 Pra-es8p2s, Pra-es8p2s Firmware | 2024-11-21 | 8.8 High |
| The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands. | ||||
| CVE-2022-32253 | 1 Siemens | 1 Sinema Remote Connect Server | 2024-11-21 | 4.9 Medium |
| A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). Due to improper input validation, the OpenSSL certificate's password could be printed to a file reachable by an attacker. | ||||
| CVE-2022-32248 | 1 Sap | 1 S\/4hana | 2024-11-21 | 5.3 Medium |
| Due to missing input validation in the Manage Checkbooks component of SAP S/4HANA - version 101, 102, 103, 104, 105, 106, an attacker could insert or edit the value of an existing field in the database. This leads to an impact on the integrity of the data. | ||||