Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-36846 | 1 Google | 1 Android | 2022-09-09 | N/A | 7.8 HIGH |
| A heap-based overflow vulnerability in ConstructDictionary function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | |||||
| CVE-2022-36853 | 1 Google | 1 Android | 2022-09-09 | N/A | 7.5 HIGH |
| Intent redirection in Photo Editor prior to SMR Sep-2022 Release 1 allows attacker to get sensitive information. | |||||
| CVE-2022-36852 | 1 Google | 1 Android | 2022-09-09 | N/A | 3.3 LOW |
| Improper Authorization vulnerability in Video Editor prior to SMR Sep-2022 Release 1 allows local attacker to access internal application data. | |||||
| CVE-2022-36854 | 1 Google | 1 Android | 2022-09-09 | N/A | 5.5 MEDIUM |
| Out of bound read in libapexjni.media.samsung.so prior to SMR Sep-2022 Release 1 allows attacker access unauthorized information. | |||||
| CVE-2022-36857 | 2 Google, Samsung | 2 Android, Photo Editor | 2022-09-09 | N/A | 2.4 LOW |
| Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data. | |||||
| CVE-2022-36856 | 1 Google | 1 Android | 2022-09-09 | N/A | 3.3 LOW |
| Improper access control vulnerability in Telecom application prior to SMR Sep-2022 Release 1 allows attacker to start emergency calls via undefined permission. | |||||
| CVE-2022-36855 | 1 Google | 1 Android | 2022-09-09 | N/A | 7.8 HIGH |
| A use after free vulnerability in iva_ctl driver prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | |||||
| CVE-2022-36860 | 1 Google | 1 Android | 2022-09-09 | N/A | 7.8 HIGH |
| A heap-based overflow vulnerability in LoadEnvironment function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | |||||
| CVE-2022-36858 | 1 Google | 1 Android | 2022-09-09 | N/A | 7.8 HIGH |
| A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc() function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | |||||
| CVE-2022-36863 | 1 Google | 1 Android | 2022-09-09 | N/A | 7.8 HIGH |
| A heap-based overflow vulnerability in GetCorrectDbLanguageTypeEsPKc function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | |||||
| CVE-2022-36861 | 1 Google | 1 Android | 2022-09-09 | N/A | 5.3 MEDIUM |
| Custom permission misuse vulnerability in SystemUI prior to SMR Sep-2022 Release 1 allows attacker to use some protected functions with SystemUI privilege. | |||||
| CVE-2022-37403 | 1 Add User Role Project | 1 Add User Role | 2022-09-09 | N/A | 4.8 MEDIUM |
| Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Nikhil Vaghela's Add User Role plugin <= 0.0.1 at WordPress. | |||||
| CVE-2022-37335 | 1 Webhelpagency | 1 Word Search Puzzles | 2022-09-09 | N/A | 4.8 MEDIUM |
| Authenticated (author+) Stored Cross-Site Scripting (XSS) vulnerability in WHA's Word Search Puzzles game plugin <= 2.0.1 at WordPress. | |||||
| CVE-2022-37299 | 1 Shirne Cms Project | 1 Shirne Cms | 2022-09-09 | N/A | 6.5 MEDIUM |
| An issue was discovered in Shirne CMS 1.2.0. There is a Path Traversal vulnerability which could cause arbitrary file read via /static/ueditor/php/controller.php | |||||
| CVE-2022-37405 | 1 Better Font Awesome Project | 1 Better Font Awesome | 2022-09-09 | N/A | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Mickey Kay's Better Font Awesome plugin <= 2.0.1 at WordPress. | |||||
| CVE-2022-37404 | 1 Add2fav Project | 1 Add2fav | 2022-09-09 | N/A | 4.8 MEDIUM |
| Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Christian Salazar's add2fav plugin <= 1.0 at WordPress. | |||||
| CVE-2022-37407 | 1 Wpchill | 1 Gallery Photoblocks | 2022-09-09 | N/A | 5.4 MEDIUM |
| Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in WPChill Gallery PhotoBlocks plugin <= 1.2.6 at WordPress. | |||||
| CVE-2022-38058 | 1 Wpvar | 1 Wp Shamsi | 2022-09-09 | N/A | 4.3 MEDIUM |
| Authenticated (subscriber+) Plugin Setting change vulnerability in WP Shamsi plugin <= 4.1.1 at WordPress. | |||||
| CVE-2022-37412 | 1 Better Delete Revision Project | 1 Better Delete Revision | 2022-09-09 | N/A | 4.8 MEDIUM |
| Authenticated (admin+) Reflected Cross-Site Scripting (XSS) vulnerability in Galerio & Urda's Better Delete Revision plugin <= 1.6.1 at WordPress. | |||||
| CVE-2022-38059 | 1 Access Code Feeder Project | 1 Access Code Feeder | 2022-09-09 | N/A | 8.0 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability in Alexey Trofimov's Access Code Feeder plugin <= 1.0.3 at WordPress. | |||||