Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-35621 | 1 Evohclaimable Project | 1 Evohclaimable | 2022-09-26 | N/A | 5.3 MEDIUM |
| Access control vulnerability in Evoh NFT EvohClaimable contract with sha256 hash code fa2084d5abca91a62ed1d2f1cad3ec318e6a9a2d7f1510a00d898737b05f48ae allows remote attackers to execute fraudulent NFT transfers. | |||||
| CVE-2022-40089 | 1 Simple College Website Project | 1 Simple College Website | 2022-09-26 | N/A | 9.8 CRITICAL |
| A remote file inclusion (RFI) vulnerability in Simple College Website v1.0 allows attackers to execute arbitrary code via a crafted PHP file. This vulnerability is exploitable when the directive allow_url_include is set to On. | |||||
| CVE-2021-25472 | 1 Google | 1 Android | 2022-09-23 | 2.1 LOW | 3.3 LOW |
| An improper access control vulnerability in BluetoothSettingsProvider prior to SMR Oct-2021 Release 1 allows untrusted application to overwrite some Bluetooth information. | |||||
| CVE-2021-25366 | 1 Samsung | 1 Internet | 2022-09-23 | 3.6 LOW | 2.9 LOW |
| Improper access control in Samsung Internet prior to version 13.2.1.70 allows physically proximate attackers to bypass the secret mode's authentication. | |||||
| CVE-2021-25340 | 1 Google | 1 Android | 2022-09-23 | 2.1 LOW | 2.4 LOW |
| Improper access control vulnerability in Samsung keyboard version prior to SMR Feb-2021 Release 1 allows physically proximate attackers to change in arbitrary settings during Initialization State. | |||||
| CVE-2021-25361 | 1 Google | 1 Android | 2022-09-23 | 7.2 HIGH | 8.8 HIGH |
| An improper access control vulnerability in stickerCenter prior to SMR APR-2021 Release 1 allows local attackers to read or write arbitrary files of system process via untrusted applications. | |||||
| CVE-2021-25351 | 2 Google, Samsung | 2 Android, Account | 2022-09-23 | 2.1 LOW | 2.4 LOW |
| Improper Access Control in EmailValidationView in Samsung Account prior to version 10.7.0.7 and 12.1.1.3 allows physically proximate attackers to log out user account on device without user password. | |||||
| CVE-2021-25378 | 1 Samsung | 1 Smartthings | 2022-09-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper access control of certain port in SmartThings prior to version 1.7.63.6 allows remote temporary denial of service. | |||||
| CVE-2021-25426 | 1 Google | 1 Android | 2022-09-23 | 5.0 MEDIUM | 7.5 HIGH |
| Improper component protection vulnerability in SmsViewerActivity of Samsung Message prior to SMR July-2021 Release 1 allows untrusted applications to access Message files. | |||||
| CVE-2021-25459 | 1 Google | 1 Android | 2022-09-23 | 2.1 LOW | 5.5 MEDIUM |
| An improper access control vulnerability in sspInit() in BlockchainTZService prior to SMR Sep-2021 Release 1 allows attackers to start BlockchainTZService. | |||||
| CVE-2021-25448 | 1 Samsung | 1 Smart Touch Call | 2022-09-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper access control vulnerability in Smart Touch Call prior to version 1.0.0.5 allows arbitrary webpage loading in webview. | |||||
| CVE-2021-25453 | 1 Google | 1 Android | 2022-09-23 | 2.1 LOW | 5.5 MEDIUM |
| Some improper access control in Bluetooth APIs prior to SMR Sep-2021 Release 1 allows untrusted application to get Bluetooth information. | |||||
| CVE-2021-25447 | 1 Samsung | 2 Smartthings, Smartthings Firmware | 2022-09-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause local file inclusion in webview. | |||||
| CVE-2021-25446 | 1 Samsung | 2 Smartthings, Smartthings Firmware | 2022-09-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| Improper access control vulnerability in SmartThings prior to version 1.7.67.25 allows untrusted applications to cause arbitrary webpage loading in webview. | |||||
| CVE-2021-25460 | 1 Google | 1 Android | 2022-09-23 | 2.1 LOW | 5.5 MEDIUM |
| An improper access control vulnerability in sspExit() in BlockchainTZService prior to SMR Sep-2021 Release 1 allows attackers to terminate BlockchainTZService. | |||||
| CVE-2022-40428 | 1 D8s-mpeg Project | 1 D8s Mpeg | 2022-09-21 | N/A | 9.8 CRITICAL |
| The d8s-mpeg for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0. | |||||
| CVE-2022-40429 | 1 D8s-ip-addresses Project | 1 D8s-ip-addresses | 2022-09-21 | N/A | 9.8 CRITICAL |
| The d8s-ip-addresses for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0. | |||||
| CVE-2022-40425 | 1 D8s-html Project | 1 D8s-html | 2022-09-21 | N/A | 9.8 CRITICAL |
| The d8s-html for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0. | |||||
| CVE-2022-40426 | 1 D8s-asns Project | 1 D8s-asns | 2022-09-21 | N/A | 9.8 CRITICAL |
| The d8s-asns for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0. | |||||
| CVE-2022-40430 | 1 D8s-utility Project | 1 D8s-utility | 2022-09-21 | N/A | 9.8 CRITICAL |
| The d8s-utility for python, as distributed on PyPI, included a potential code-execution backdoor inserted by a third party. The backdoor is the democritus-networking package. The affected version is 0.1.0. | |||||