Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-40030 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-08-12 | N/A | 7.5 HIGH |
| The My HUAWEI app has a defect in the design. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2021-39696 | 1 Google | 1 Android | 2022-08-12 | N/A | 7.8 HIGH |
| In Task.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12Android ID: A-185810717 | |||||
| CVE-2021-40034 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-08-12 | N/A | 7.5 HIGH |
| The video framework has the memory overwriting vulnerability caused by addition overflow. Successful exploitation of this vulnerability may affect the availability. | |||||
| CVE-2022-35509 | 1 Eyoucms | 1 Eyoucms | 2022-08-12 | N/A | 5.4 MEDIUM |
| An issue was discovered in EyouCMS 1.5.8. There is a Storage XSS vulnerability that can allows an attacker to execute arbitrary Web scripts or HTML by injecting a special payload via the title parameter in the foreground contribution, allowing the attacker to obtain sensitive information. | |||||
| CVE-2022-35824 | 1 Microsoft | 1 Azure Site Recovery | 2022-08-12 | N/A | 7.2 HIGH |
| Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35772. | |||||
| CVE-2022-35491 | 1 Totolink | 2 A3002ru, A3002ru Firmware | 2022-08-12 | N/A | 9.8 CRITICAL |
| TOTOLINK A3002RU V3.0.0-B20220304.1804 has a hardcoded password for root in /etc/shadow.sample. | |||||
| CVE-2022-35426 | 1 Ucms Project | 1 Ucms | 2022-08-12 | N/A | 9.8 CRITICAL |
| UCMS 1.6 is vulnerable to arbitrary file upload via ucms/sadmin/file PHP file. | |||||
| CVE-2022-30580 | 1 Golang | 1 Go | 2022-08-12 | N/A | 7.8 HIGH |
| Code injection in Cmd.Start in os/exec before Go 1.17.11 and Go 1.18.3 allows execution of any binaries in the working directory named either "..com" or "..exe" by calling Cmd.Run, Cmd.Start, Cmd.Output, or Cmd.CombinedOutput when Cmd.Path is unset. | |||||
| CVE-2022-28881 | 3 Apple, F-secure, Microsoft | 10 Macos, Atlant, Cloud Protection For Salesforce and 7 more | 2022-08-12 | N/A | 7.5 HIGH |
| A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the aerdl.dll component used in certain WithSecure products unpacker function crashes which leads to scanning engine crash. The exploit can be triggered remotely by an attacker. | |||||
| CVE-2022-20713 | 1 Cisco | 1 Adaptive Security Appliance Software | 2022-08-12 | N/A | 6.1 MEDIUM |
| A vulnerability in the Clientless SSL VPN (WebVPN) component of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct browser-based attacks. This vulnerability is due to improper validation of input that is passed to the Clientless SSL VPN component. An attacker could exploit this vulnerability by convincing a targeted user to visit a website that can pass malicious requests to an ASA device that has the Clientless SSL VPN feature enabled. A successful exploit could allow the attacker to conduct browser-based attacks, including cross-site scripting attacks, against the targeted user. | |||||
| CVE-2022-34703 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2022-08-12 | N/A | 7.8 HIGH |
| Windows Partition Management Driver Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33670. | |||||
| CVE-2022-34702 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-08-12 | N/A | 8.1 HIGH |
| Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34714, CVE-2022-35745, CVE-2022-35752, CVE-2022-35753, CVE-2022-35766, CVE-2022-35767, CVE-2022-35794. | |||||
| CVE-2022-34699 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server 2016 and 2 more | 2022-08-12 | N/A | 7.8 HIGH |
| Windows Win32k Elevation of Privilege Vulnerability. | |||||
| CVE-2022-34696 | 1 Microsoft | 7 Windows 10, Windows 11, Windows 8.1 and 4 more | 2022-08-12 | N/A | 7.8 HIGH |
| Windows Hyper-V Remote Code Execution Vulnerability. | |||||
| CVE-2022-34692 | 1 Microsoft | 1 Exchange Server | 2022-08-12 | N/A | 5.3 MEDIUM |
| Microsoft Exchange Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-21979, CVE-2022-30134. | |||||
| CVE-2022-34691 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-08-12 | N/A | 8.8 HIGH |
| Active Directory Domain Services Elevation of Privilege Vulnerability. | |||||
| CVE-2022-35825 | 1 Microsoft | 4 Visual Studio, Visual Studio 2017, Visual Studio 2019 and 1 more | 2022-08-12 | N/A | 8.8 HIGH |
| Visual Studio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-35777, CVE-2022-35826, CVE-2022-35827. | |||||
| CVE-2022-34690 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-08-12 | N/A | 7.1 HIGH |
| Windows Fax Service Elevation of Privilege Vulnerability. | |||||
| CVE-2019-12261 | 6 Belden, Netapp, Oracle and 3 more | 51 Garrettcom Magnum Dx940e, Garrettcom Magnum Dx940e Firmware, Hirschmann Dragon Mach4000 and 48 more | 2022-08-12 | 7.5 HIGH | 9.8 CRITICAL |
| Wind River VxWorks 6.7 though 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 3 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion during connect() to a remote host. | |||||
| CVE-2019-12260 | 6 Belden, Netapp, Oracle and 3 more | 51 Garrettcom Magnum Dx940e, Garrettcom Magnum Dx940e Firmware, Hirschmann Dragon Mach4000 and 48 more | 2022-08-12 | 7.5 HIGH | 9.8 CRITICAL |
| Wind River VxWorks 6.9 and vx7 has a Buffer Overflow in the TCP component (issue 2 of 4). This is an IPNET security vulnerability: TCP Urgent Pointer state confusion caused by a malformed TCP AO option. | |||||