Total
11483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-22434 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-07 | 7.5 HIGH | 9.8 CRITICAL |
| There is a memory address out of bounds vulnerability in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. | |||||
| CVE-2021-22432 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-07 | 10.0 HIGH | 9.8 CRITICAL |
| There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access. | |||||
| CVE-2021-22433 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-07 | 7.5 HIGH | 9.8 CRITICAL |
| There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. | |||||
| CVE-2021-22431 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-07 | 7.5 HIGH | 9.8 CRITICAL |
| There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access. | |||||
| CVE-2021-22429 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-07 | 10.0 HIGH | 9.8 CRITICAL |
| There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. | |||||
| CVE-2021-22426 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-07 | 7.5 HIGH | 9.8 CRITICAL |
| There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. | |||||
| CVE-2003-1397 | 1 Opera | 1 Opera Browser | 2022-03-01 | 4.3 MEDIUM | N/A |
| The PluginContext object of Opera 6.05 and 7.0 allows remote attackers to cause a denial of service (crash) via an HTTP request containing a long string that gets passed to the ShowDocument method. | |||||
| CVE-2021-33627 | 2 Insyde, Siemens | 29 Insydeh2o, Simatic Field Pg M5, Simatic Field Pg M5 Firmware and 26 more | 2022-03-01 | 7.2 HIGH | 8.2 HIGH |
| An issue was discovered in Insyde InsydeH2O 5.x, affecting FwBlockServiceSmm. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses | |||||
| CVE-2021-41837 | 2 Insyde, Siemens | 29 Insydeh2o, Simatic Field Pg M5, Simatic Field Pg M5 Firmware and 26 more | 2022-03-01 | 7.2 HIGH | 8.2 HIGH |
| An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that causes SMM memory corruption, an attacker may be able to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM. | |||||
| CVE-2021-41838 | 2 Insyde, Siemens | 29 Insydeh2o, Simatic Field Pg M5, Simatic Field Pg M5 Firmware and 26 more | 2022-03-01 | 7.2 HIGH | 8.2 HIGH |
| An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of a Numeric Range Comparison Without a Minimum Check. | |||||
| CVE-2017-9998 | 1 Libdwarf Project | 1 Libdwarf | 2022-03-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| The _dwarf_decode_s_leb128_chk function in dwarf_leb.c in libdwarf through 2017-06-28 allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file. | |||||
| CVE-2022-24063 | 1 Santesoft | 1 Dicom Viewer Pro | 2022-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 13.2.0.21165. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15105. | |||||
| CVE-2006-3353 | 1 Opera | 1 Opera Browser | 2022-02-28 | 5.0 MEDIUM | N/A |
| Opera 9 allows remote attackers to cause a denial of service (crash) via a crafted web page that triggers an out-of-bounds memory access, related to an iframe and JavaScript that accesses certain style sheets properties. | |||||
| CVE-2006-3199 | 1 Opera | 1 Opera Browser | 2022-02-28 | 5.0 MEDIUM | N/A |
| Opera 9 allows remote attackers to cause a denial of service (crash) via an A tag with an href attribute with a URL containing a long hostname, which triggers an out-of-bounds operation. | |||||
| CVE-2021-46157 | 1 Siemens | 1 Simcenter Femap | 2022-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains a memory corruption vulnerability while parsing NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14757) | |||||
| CVE-2021-46153 | 1 Siemens | 1 Simcenter Femap | 2022-02-28 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap V2020.2 (All versions), Simcenter Femap V2021.1 (All versions). Affected application contains a memory corruption vulnerability while parsing NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-14645, ZDI-CAN-15305, ZDI-CAN-15589, ZDI-CAN-15599) | |||||
| CVE-2010-1291 | 3 Adobe, Apple, Microsoft | 7 Shockwave Player, Macos, Windows and 4 more | 2022-02-28 | 9.3 HIGH | N/A |
| Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, and CVE-2010-1290. | |||||
| CVE-2010-1286 | 3 Adobe, Apple, Microsoft | 7 Shockwave Player, Macos, Windows and 4 more | 2022-02-28 | 9.3 HIGH | N/A |
| Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1287, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291. | |||||
| CVE-2010-1288 | 3 Adobe, Apple, Microsoft | 7 Shockwave Player, Macos, Windows and 4 more | 2022-02-28 | 9.3 HIGH | N/A |
| Buffer overflow in Adobe Shockwave Player before 11.5.7.609 might allow attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2010-1289 | 3 Adobe, Apple, Microsoft | 7 Shockwave Player, Macos, Windows and 4 more | 2022-02-28 | 9.3 HIGH | N/A |
| Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291. | |||||