Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-15339 | 1 Zyxel | 1 Cloudcnm Secumanager | 2022-10-27 | N/A | 6.1 MEDIUM |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows live/CPEManager/AXCampaignManager/handle_campaign_script_link?script_name= XSS. | |||||
| CVE-2022-36836 | 1 Samsung | 2 Charm, Charm Firmware | 2022-10-27 | N/A | 5.5 MEDIUM |
| Unprotected provider vulnerability in Charm by Samsung prior to version 1.2.3 allows attackers to read connection state without permission. | |||||
| CVE-2020-15338 | 1 Zyxel | 1 Cloudcnm Secumanager | 2022-10-27 | N/A | 5.3 MEDIUM |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /cnr requests. | |||||
| CVE-2020-15347 | 1 Zyxel | 1 Cloudcnm Secumanager | 2022-10-27 | N/A | 9.8 CRITICAL |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the q6xV4aW8bQ4cfD-b password for the axiros account. | |||||
| CVE-2020-15346 | 1 Zyxel | 1 Cloudcnm Secumanager | 2022-10-27 | N/A | 5.3 MEDIUM |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a /live/GLOBALS API with the CLOUDCNM key. | |||||
| CVE-2020-15345 | 1 Zyxel | 1 Cloudcnm Secumanager | 2022-10-27 | N/A | 5.3 MEDIUM |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_get_instances_for_update API. | |||||
| CVE-2022-36835 | 1 Samsung | 1 Samsung Internet Browser | 2022-10-27 | N/A | 3.3 LOW |
| Implicit Intent hijacking vulnerability in Samsung Internet Browser prior to version 17.0.7.34 allows attackers to access arbitrary files. | |||||
| CVE-2021-42260 | 2 Debian, Tinyxml Project | 2 Debian Linux, Tinyxml | 2022-10-27 | 5.0 MEDIUM | 7.5 HIGH |
| TinyXML through 2.6.2 has an infinite loop in TiXmlParsingData::Stamp in tinyxmlparser.cpp via the TIXML_UTF_LEAD_0 case. It can be triggered by a crafted XML message and leads to a denial of service. | |||||
| CVE-2019-17545 | 5 Debian, Fedoraproject, Opensuse and 2 more | 6 Debian Linux, Fedora, Backports Sle and 3 more | 2022-10-27 | 7.5 HIGH | 9.8 CRITICAL |
| GDAL through 3.0.1 has a poolDestroy double free in OGRExpatRealloc in ogr/ogr_expat.cpp when the 10MB threshold is exceeded. | |||||
| CVE-2022-36833 | 2 Google, Samsung | 2 Android, Gameoptimizingservice | 2022-10-27 | N/A | 7.8 HIGH |
| Improper Privilege Management vulnerability in Game Optimizing Service prior to versions 3.3.04.0 in Android 10, and 3.5.04.8 in Android 11 and above allows local attacker to execute hidden function for developer by changing package name. | |||||
| CVE-2022-36832 | 1 Samsung | 1 Cameralyzer | 2022-10-27 | N/A | 3.3 LOW |
| Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22, 3.4.22 and 3.5.51 allows attackers to access external storage as Cameralyzer privilege. | |||||
| CVE-2022-36831 | 1 Samsung | 1 Notes | 2022-10-27 | N/A | 5.5 MEDIUM |
| Path traversal vulnerability in UriFileUtils of Samsung Notes prior to version 4.3.14.39 allows attacker to access some file as Samsung Notes permission. | |||||
| CVE-2022-36830 | 1 Samsung | 2 Charm, Charm Firmware | 2022-10-27 | N/A | 5.5 MEDIUM |
| PendingIntent hijacking vulnerability in cancelAlarmManager in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. | |||||
| CVE-2022-36829 | 1 Samsung | 2 Charm, Charm Firmware | 2022-10-27 | N/A | 5.5 MEDIUM |
| PendingIntent hijacking vulnerability in releaseAlarm in Charm by Samsung prior to version 1.2.3 allows local attackers to access files without permission via implicit intent. | |||||
| CVE-2020-15341 | 1 Zyxel | 1 Cloudcnm Secumanager | 2022-10-27 | N/A | 7.5 HIGH |
| Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated update_all_realm_license API. | |||||
| CVE-2022-3593 | 2022-10-27 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2022-3530 | 2022-10-27 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2022-3529 | 2022-10-27 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2022-3528 | 2022-10-27 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2022-3527 | 2022-10-27 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||