Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-30350 | 1 Qualcomm | 192 Aqt1000, Aqt1000 Firmware, Ar8035 and 189 more | 2022-06-22 | 7.2 HIGH | 7.8 HIGH |
| Lack of MBN header size verification against input buffer can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | |||||
| CVE-2022-32367 | 1 Product Show Room Site Project | 1 Product Show Room Site | 2022-06-22 | 6.5 MEDIUM | 7.2 HIGH |
| Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=inquiries/view_inquiry&id=. | |||||
| CVE-2022-32366 | 1 Product Show Room Site Project | 1 Product Show Room Site | 2022-06-22 | 6.5 MEDIUM | 7.2 HIGH |
| Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/fields/view_field.php?id=. | |||||
| CVE-2021-35071 | 1 Qualcomm | 342 Aqt1000, Aqt1000 Firmware, Ar8035 and 339 more | 2022-06-22 | 2.1 LOW | 5.5 MEDIUM |
| Possible buffer over read due to lack of size validation while copying data from DBR buffer to RX buffer and can lead to Denial of Service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-35070 | 1 Qualcomm | 18 Qcm6125, Qcm6125 Firmware, Qcs6125 and 15 more | 2022-06-22 | 4.9 MEDIUM | 5.5 MEDIUM |
| RPM secure Stream can access any secure resource due to improper SMMU configuration and can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-40650 | 1 Softwareag | 1 Connx | 2022-06-22 | 4.3 MEDIUM | 6.5 MEDIUM |
| In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the secure flag set. | |||||
| CVE-2022-2079 | 1 Xgenecloud | 1 Nocodb | 2022-06-22 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site Scripting (XSS) - Stored in GitHub repository nocodb/nocodb prior to 0.91.7+. | |||||
| CVE-2021-40649 | 1 Softwareag | 1 Connx | 2022-06-22 | 6.4 MEDIUM | 6.5 MEDIUM |
| In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the HttpOnly flag set. | |||||
| CVE-2021-35072 | 1 Qualcomm | 164 Apq8009, Apq8009 Firmware, Apq8009w and 161 more | 2022-06-22 | 7.2 HIGH | 7.8 HIGH |
| Possible buffer overflow due to improper validation of array index while processing external DIAG command in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-35073 | 1 Qualcomm | 112 Ar8035, Ar8035 Firmware, Qca6390 and 109 more | 2022-06-22 | 7.8 HIGH | 7.5 HIGH |
| Possible assertion due to improper validation of rank restriction field in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-35076 | 1 Qualcomm | 114 Ar8035, Ar8035 Firmware, Qca6390 and 111 more | 2022-06-22 | 7.8 HIGH | 7.5 HIGH |
| Possible null pointer dereference due to improper validation of RRC connection reconfiguration message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2022-32337 | 1 Hospital\'s Patient Records Management System Project | 1 Hospital\'s Patient Records Management System | 2022-06-22 | 7.5 HIGH | 9.8 CRITICAL |
| Hospital's Patient Records Management System v1.0 is vulnerable to SQL Injection via /hprms/admin/patients/manage_patient.php?id=. | |||||
| CVE-2021-35078 | 1 Qualcomm | 214 Aqt1000, Aqt1000 Firmware, Ar8035 and 211 more | 2022-06-22 | 7.8 HIGH | 7.5 HIGH |
| Possible memory leak due to improper validation of certificate chain length while parsing server certificate chain in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
| CVE-2022-31403 | 1 Combodo | 1 Itop | 2022-06-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| ITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/pages/ajax.render.php. | |||||
| CVE-2021-35079 | 1 Qualcomm | 122 Apq8053, Apq8053 Firmware, Aqt1000 and 119 more | 2022-06-22 | 2.1 LOW | 5.5 MEDIUM |
| Improper validation of permissions for third party application accessing Telephony service API can lead to information disclosure in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2022-26476 | 1 Siemens | 3 Spectrum Power 4, Spectrum Power 7, Spectrum Power Microgrid Management System | 2022-06-22 | 5.4 MEDIUM | 8.8 HIGH |
| A vulnerability has been identified in Spectrum Power 4 (All versions using Shared HIS), Spectrum Power 7 (All versions using Shared HIS), Spectrum Power MGMS (All versions using Shared HIS). An unauthenticated attacker could log into the component Shared HIS used in Spectrum Power systems by using an account with default credentials. A successful exploitation could allow the attacker to access the component Shared HIS with administrative privileges. | |||||
| CVE-2021-35080 | 1 Qualcomm | 50 Qcm2290, Qcm2290 Firmware, Qcm4290 and 47 more | 2022-06-22 | 4.9 MEDIUM | 5.5 MEDIUM |
| Disabled SMMU from secure side while RPM is assigned a secure stream can lead to information disclosure in Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
| CVE-2022-32364 | 1 Product Show Room Site Project | 1 Product Show Room Site | 2022-06-22 | 6.5 MEDIUM | 7.2 HIGH |
| Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/?page=products/manage_product&id=. | |||||
| CVE-2022-32328 | 1 Fast Food Ordering System Project | 1 Fast Food Ordering System | 2022-06-22 | 6.4 MEDIUM | 9.1 CRITICAL |
| Fast Food Ordering System v1.0 is vulnerable to Delete any file. via /ffos/classes/Master.php?f=delete_img. | |||||
| CVE-2022-32365 | 1 Product Show Room Site Project | 1 Product Show Room Site | 2022-06-22 | 6.5 MEDIUM | 7.2 HIGH |
| Product Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/admin/fields/manage_field.php?id=. | |||||