Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by CWE-668
Total 688 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-32559 1 Couchbase 1 Couchbase Server 2022-06-24 6.4 MEDIUM 9.1 CRITICAL
An issue was discovered in Couchbase Server before 7.0.4. Random HTTP requests lead to leaked metrics.
CVE-2022-31846 1 Wavlink 2 Wn535g3, Wn535g3 Firmware 2022-06-23 5.0 MEDIUM 7.5 HIGH
A vulnerability in live_mfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.
CVE-2022-31847 1 Wavlink 2 Wn579x3, Wn579x3 Firmware 2022-06-23 5.0 MEDIUM 7.5 HIGH
A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via a crafted POST request.
CVE-2022-31845 1 Wavlink 2 Wn535g3, Wn535g3 Firmware 2022-06-23 5.0 MEDIUM 7.5 HIGH
A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function.
CVE-2021-30345 1 Qualcomm 56 Ar8035, Ar8035 Firmware, Qca9984 and 53 more 2022-06-22 4.9 MEDIUM 5.5 MEDIUM
RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2021-30346 1 Qualcomm 56 Ar8035, Ar8035 Firmware, Qca9984 and 53 more 2022-06-22 4.9 MEDIUM 5.5 MEDIUM
RPM secure Stream can access any secure resource due to improper SMMU configuration in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2022-32328 1 Fast Food Ordering System Project 1 Fast Food Ordering System 2022-06-22 6.4 MEDIUM 9.1 CRITICAL
Fast Food Ordering System v1.0 is vulnerable to Delete any file. via /ffos/classes/Master.php?f=delete_img.
CVE-2021-35092 1 Qualcomm 166 Apq8053, Apq8053 Firmware, Apq8096au and 163 more 2022-06-22 4.6 MEDIUM 6.7 MEDIUM
Processing DCB/AVB algorithm with an invalid queue index from IOCTL request could lead to arbitrary address modification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CVE-2022-31309 1 Wavlink 2 Aerial X 1200m, Aerial X 1200m Firmware 2022-06-22 5.0 MEDIUM 7.5 HIGH
A vulnerability in live_check.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to obtain sensitive router information via execution of the exec cmd function.
CVE-2022-31308 1 Wavlink 2 Aerial X 1200m, Aerial X 1200m Firmware 2022-06-22 5.0 MEDIUM 7.5 HIGH
A vulnerability in live_mfg.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.191012 allows attackers to obtain sensitive router information via execution of the exec cmd function.
CVE-2020-36532 1 Klapp 1 App 2022-06-14 4.0 MEDIUM 6.5 MEDIUM
A vulnerability has been found in Klapp App and classified as problematic. This vulnerability affects unknown code of the component Authorization. The manipulation leads to information disclosure (Credentials). The attack can be initiated remotely. It is recommended to upgrade the affected app.
CVE-2022-30746 1 Samsung 1 Smartthings 2022-06-14 5.0 MEDIUM 7.5 HIGH
Missing caller check in Smart Things prior to version 1.7.85.12 allows attacker to access senstive information remotely using javascript interface API.
CVE-2021-43560 2 Fedoraproject, Moodle 3 Extra Packages For Enterprise Linux, Fedora, Moodle 2022-06-14 5.0 MEDIUM 5.3 MEDIUM
A flaw was found in Moodle in versions 3.11 to 3.11.3, 3.10 to 3.10.7, 3.9 to 3.9.10 and earlier unsupported versions. Insufficient capability checks made it possible to fetch other users' calendar action events.
CVE-2022-26869 1 Dell 3 Powerstore T, Powerstore X, Powerstoreos 2022-06-13 7.5 HIGH 9.8 CRITICAL
Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contains an open port vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure and arbitrary code execution.
CVE-2022-30734 1 Samsung 1 Account 2022-06-10 5.0 MEDIUM 5.3 MEDIUM
Sensitive information exposure in Sign-out log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission.
CVE-2022-30732 1 Samsung 1 Account 2022-06-10 5.0 MEDIUM 7.5 HIGH
Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6 allows attacker to access sensitive information via onActivityResult.
CVE-2022-30728 1 Google 1 Android 2022-06-10 2.1 LOW 3.3 LOW
Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.
CVE-2022-30714 1 Google 1 Android 2022-06-10 2.1 LOW 3.3 LOW
Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information.
CVE-2022-28794 1 Google 1 Android 2022-06-10 2.1 LOW 3.3 LOW
Sensitive information exposure in low-battery dumpstate log prior to SMR Jun-2022 Release 1 allows local attackers to get SIM card information.
CVE-2018-4048 1 Gog 1 Galaxy 2022-06-07 7.2 HIGH 7.8 HIGH
An exploitable local privilege elevation vulnerability exists in the file system permissions of the `Temp` directory in GOG Galaxy 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of the Desktop Galaxy Updater to exploit this vulnerability and execute arbitrary code with SYSTEM privileges.