Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-23702 | 1 Hpe | 4 Superdome Flex 280 Server, Superdome Flex 280 Server Firmware, Superdome Flex Server and 1 more | 2022-04-20 | 4.6 MEDIUM | 6.7 MEDIUM |
| A potential security vulnerability has been identified in HPE Superdome Flex and Superdome Flex 280 Servers. The vulnerability could be locally exploited to allow an user with Administrator access to escalate their privilege. The vulnerability is resolved in the latest firmware update. HPE Superdome Flex Server Version 3.50.58 or later, HPE Superdome Flex 280 Server Version 1.20.204 or later. | |||||
| CVE-2022-24411 | 1 Dell | 1 Emc Powerscale Onefs | 2022-04-20 | 4.6 MEDIUM | 7.8 HIGH |
| Dell PowerScale OneFS 8.2.2 and above contain an elevation of privilege vulnerability. A local attacker with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE could potentially exploit this vulnerability, leading to elevation of privilege. This could potentially allow users to circumvent PowerScale Compliance Mode guarantees. | |||||
| CVE-2022-23163 | 1 Dell | 1 Emc Powerscale Onefs | 2022-04-20 | 2.1 LOW | 5.5 MEDIUM |
| Dell PowerScale OneFS, 8.2,x, 9.1.0.x, 9.2.1.x, and 9.3.0.x contain a denial of service vulnerability. A local malicious user could potentially exploit this vulnerability, leading to denial of service/data unavailability. | |||||
| CVE-2022-23160 | 1 Dell | 1 Emc Powerscale Onefs | 2022-04-20 | 4.0 MEDIUM | 4.3 MEDIUM |
| Dell PowerScale OneFS, versions 8.2.0-9.3.0, contains an Improper Handling of Insufficient Permissions vulnerability. An remote malicious user could potentially exploit this vulnerability, leading to gaining write permissions on read-only files. | |||||
| CVE-2021-41005 | 1 Hpe | 14 Aruba Instant On 1930 24g 4sfp\/sfp\+, Aruba Instant On 1930 24g 4sfp\/sfp\+ Firmware, Aruba Instant On 1930 24g Class4 Poe 4sfp\/sfp\+ 195w and 11 more | 2022-04-20 | 6.8 MEDIUM | 6.5 MEDIUM |
| A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series version(s): Firmware below v1.0.7.0. | |||||
| CVE-2022-23159 | 1 Dell | 1 Emc Powerscale Onefs | 2022-04-20 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell PowerScale OneFS, 8.2.2 - 9.3.0.x, contain a missing release of memory after effective lifetime vulnerability. An authenticated user with ISI_PRIV_LOGIN_SSH and/or ISI_PRIV_LOGIN_CONSOLE and ISI_PRIV_AUTH_PROVIDERS privileges could exploit this vulnerability, leading to a Denial-Of-Service. This can also impact a cluster in Compliance mode. Dell recommends to update at the earliest opportunity. | |||||
| CVE-2022-22565 | 1 Dell | 1 Emc Powerscale Onefs | 2022-04-20 | 5.5 MEDIUM | 3.8 LOW |
| Dell PowerScale OneFS, versions 9.0.0-9.3.0, contain an improper authorization of index containing sensitive information. An authenticated and privileged user could potentially exploit this vulnerability, leading to disclosure or modification of sensitive data. | |||||
| CVE-2021-41004 | 1 Hpe | 14 Aruba Instant On 1930 24g 4sfp\/sfp\+, Aruba Instant On 1930 24g 4sfp\/sfp\+ Firmware, Aruba Instant On 1930 24g Class4 Poe 4sfp\/sfp\+ 195w and 11 more | 2022-04-20 | 7.8 HIGH | 7.5 HIGH |
| A remote vulnerability was discovered in Aruba Instant On 1930 Switch Series version(s): Firmware below v1.0.7.0. | |||||
| CVE-2022-22562 | 1 Dell | 1 Emc Powerscale Onefs | 2022-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Dell PowerScale OneFS, versions 8.2.0-9.3.0, contain a improper handling of missing values exploit. An unauthenticated network attacker could potentially exploit this denial-of-service vulnerability. | |||||
| CVE-2018-5382 | 2 Bouncycastle, Redhat | 3 Legion-of-the-bouncy-castle-java-crytography-api, Satellite, Satellite Capsule | 2022-04-20 | 3.6 LOW | 4.4 MEDIUM |
| The default BKS keystore use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS keystore. Bouncy Castle release 1.47 changes the BKS format to a format which uses a 160 bit HMAC instead. This applies to any BKS keystore generated prior to BC 1.47. For situations where people need to create the files for legacy reasons a specific keystore type "BKS-V1" was introduced in 1.49. It should be noted that the use of "BKS-V1" is discouraged by the library authors and should only be used where it is otherwise safe to do so, as in where the use of a 16 bit checksum for the file integrity check is not going to cause a security issue in itself. | |||||
| CVE-2022-22561 | 1 Dell | 1 Emc Powerscale Onefs | 2022-04-20 | 7.5 HIGH | 9.8 CRITICAL |
| Dell PowerScale OneFS, versions 8.2.x-9.3.0.x, contain an improper restriction of excessive authentication attempts. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to compromised accounts. | |||||
| CVE-2021-39796 | 1 Google | 1 Android | 2022-04-20 | 6.9 MEDIUM | 7.3 HIGH |
| In HarmfulAppWarningActivity of HarmfulAppWarningActivity.java, there is a possible way to trick victim to install harmful app due to a tapjacking/overlay attack. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-205595291 | |||||
| CVE-2021-39814 | 1 Google | 1 Android | 2022-04-20 | 7.2 HIGH | 6.7 MEDIUM |
| In ppmp_validate_wsm of drm_fw.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216792660References: N/A | |||||
| CVE-2021-39809 | 1 Google | 1 Android | 2022-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-205837191 | |||||
| CVE-2021-39812 | 1 Google | 1 Android | 2022-04-20 | 7.2 HIGH | 7.8 HIGH |
| In TBD of TBD, there is a possible out of bounds read due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205522359References: N/A | |||||
| CVE-2022-22560 | 1 Dell | 1 Emc Powerscale Onefs | 2022-04-20 | 4.9 MEDIUM | 5.5 MEDIUM |
| Dell EMC PowerScale OneFS 8.1.x - 9.1.x contain hard coded credentials. This allows a local user with knowledge of the credentials to login as the admin user to the backend ethernet switch of a PowerScale cluster. The attacker can exploit this vulnerability to take the switch offline. | |||||
| CVE-2021-39807 | 1 Google | 1 Android | 2022-04-20 | 7.2 HIGH | 7.8 HIGH |
| In handleNfcStateChanged of SecureNfcEnabler.java, there is a possible way to enable NFC from the Guest account due to a missing permission check. This could lead to local escalation of privilege from the Guest account with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-209446496 | |||||
| CVE-2021-39805 | 1 Google | 1 Android | 2022-04-20 | 3.3 LOW | 6.5 MEDIUM |
| In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure through Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-212694559 | |||||
| CVE-2022-22559 | 1 Dell | 1 Emc Powerscale Onefs | 2022-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| Dell PowerScale OneFS, version 9.3.0, contains a use of a broken or risky cryptographic algorithm. An unprivileged network attacker could exploit this vulnerability, leading to the potential for information disclosure. | |||||
| CVE-2022-22550 | 1 Dell | 1 Emc Powerscale Onefs | 2022-04-20 | 4.6 MEDIUM | 6.7 MEDIUM |
| Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An unprivileged local attacker could potentially exploit this vulnerability, leading to account take over. | |||||