Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-25515 | 1 Google | 1 Android | 2022-08-01 | 2.1 LOW | 3.3 LOW |
| An improper usage of implicit intent in SemRewardManager prior to SMR Dec-2021 Release 1 allows attackers to access BSSID. | |||||
| CVE-2020-28438 | 1 Deferred-exec Project | 1 Deferred-exec | 2022-08-01 | N/A | 9.8 CRITICAL |
| This affects all versions of package deferred-exec. The injection point is located in line 42 in lib/deferred-exec.js | |||||
| CVE-2022-22555 | 1 Dell | 10 Emc Powerstore 1200t, Emc Powerstore 1200t Firmware, Emc Powerstore 3200t and 7 more | 2022-08-01 | N/A | 6.7 MEDIUM |
| Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the PowerStore underlying OS, with the privileges of the vulnerable application. Exploitation may lead to an elevation of privilege. | |||||
| CVE-2021-25526 | 1 Samsung | 1 Blockchain Wallet | 2022-08-01 | 2.1 LOW | 5.5 MEDIUM |
| Intent redirection vulnerability in Samsung Blockchain Wallet prior to version 1.3.02.8 allows attacker to execute privileged action. | |||||
| CVE-2021-25444 | 1 Google | 1 Android | 2022-08-01 | 2.1 LOW | 5.5 MEDIUM |
| An IV reuse vulnerability in keymaster prior to SMR AUG-2021 Release 1 allows decryption of custom keyblob with privileged process. | |||||
| CVE-2021-25449 | 1 Google | 1 Android | 2022-08-01 | 7.5 HIGH | 9.8 CRITICAL |
| An improper input validation vulnerability in libsapeextractor library prior to SMR Sep-2021 Release 1 allows attackers to execute arbitrary code in mediaextractor process. | |||||
| CVE-2021-25468 | 2 Google, Samsung | 2 Android, Exynos | 2022-08-01 | 2.1 LOW | 4.4 MEDIUM |
| A possible guessing and confirming a byte memory vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows attackers to read arbitrary memory address. | |||||
| CVE-2021-25470 | 2 Google, Samsung | 2 Android, Exynos | 2022-08-01 | 3.6 LOW | 7.9 HIGH |
| An improper caller check logic of SMC call in TEEGRIS secure OS prior to SMR Oct-2021 Release 1 can be used to compromise TEE. | |||||
| CVE-2021-25476 | 2 Google, Samsung | 2 Android, Exynos | 2022-08-01 | 2.1 LOW | 4.4 MEDIUM |
| An information disclosure vulnerability in Widevine TA log prior to SMR Oct-2021 Release 1 allows attackers to bypass the ASLR protection mechanism in TEE. | |||||
| CVE-2020-28436 | 1 Google-cloudstorage-commands Project | 1 Google-cloudstorage-commands | 2022-07-30 | N/A | 9.8 CRITICAL |
| This affects all versions of package google-cloudstorage-commands. | |||||
| CVE-2020-28435 | 1 Ffmpeg-sdk Project | 1 Ffmpeg-sdk | 2022-07-30 | N/A | 9.8 CRITICAL |
| This affects all versions of package ffmpeg-sdk. The injection point is located in line 9 in index.js. | |||||
| CVE-2022-29709 | 1 Communilink | 1 Clink Office | 2022-07-30 | N/A | 7.5 HIGH |
| CommuniLink Internet Limited CLink Office v2.0 was discovered to contain multiple SQL injection vulnerabilities via the username and password parameters. | |||||
| CVE-2022-34113 | 1 Dataease | 1 Dataease | 2022-07-30 | N/A | 9.8 CRITICAL |
| An issue in the component /api/plugin/upload of Dataease v1.11.1 allows attackers to execute arbitrary code via a crafted plugin. | |||||
| CVE-2022-34112 | 1 Dataease Project | 1 Dataease | 2022-07-30 | N/A | 6.5 MEDIUM |
| An access control issue in the component /api/plugin/uninstall Dataease v1.11.1 allows attackers to arbitrarily uninstall the plugin, a right normally reserved for the administrator. | |||||
| CVE-2022-31164 | 1 Tovyblox | 1 Tovy | 2022-07-30 | N/A | 7.5 HIGH |
| Tovy is a a staff management system for Roblox groups. A vulnerability in versions prior to 0.7.51 allows users to log in as other users, including privileged users such as the other of the instance. The problem has been patched in version 0.7.51. | |||||
| CVE-2021-25403 | 2 Google, Samsung | 2 Android, Account | 2022-07-30 | 2.1 LOW | 3.3 LOW |
| Intent redirection vulnerability in Samsung Account prior to version 10.8.0.4 in Android P(9.0) and below, and 12.2.0.9 in Android Q(10.0) and above allows attacker to access contacts and file provider using SettingWebView component. | |||||
| CVE-2021-25401 | 1 Samsung | 1 Health | 2022-07-30 | 4.6 MEDIUM | 7.8 HIGH |
| Intent redirection vulnerability in Samsung Health prior to version 6.16 allows attacker to execute privileged action. | |||||
| CVE-2021-25400 | 1 Samsung | 1 Internet | 2022-07-30 | 4.6 MEDIUM | 7.8 HIGH |
| Intent redirection vulnerability in Samsung Internet prior to version 14.0.1.20 allows attacker to execute privileged action. | |||||
| CVE-2021-25411 | 2 Google, Samsung | 5 Android, Exynos 9610, Exynos 9810 and 2 more | 2022-07-30 | 2.1 LOW | 4.4 MEDIUM |
| Improper address validation vulnerability in RKP api prior to SMR JUN-2021 Release 1 allows root privileged local attackers to write read-only kernel memory. | |||||
| CVE-2021-25409 | 1 Google | 1 Android | 2022-07-30 | 2.1 LOW | 2.4 LOW |
| Improper access in Notification setting prior to SMR JUN-2021 Release 1 allows physically proximate attackers to set arbitrary notification via physically configuring device. | |||||