Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-0115 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-04-18 | 6.8 MEDIUM | 8.8 HIGH |
| Uninitialized use in File API in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | |||||
| CVE-2022-0116 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-04-18 | 4.3 MEDIUM | 4.3 MEDIUM |
| Inappropriate implementation in Compositing in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
| CVE-2022-0117 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-04-18 | 4.3 MEDIUM | 6.5 MEDIUM |
| Policy bypass in Blink in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |||||
| CVE-2022-0118 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-04-18 | 4.3 MEDIUM | 4.3 MEDIUM |
| Inappropriate implementation in WebShare in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially hide the contents of the Omnibox (URL bar) via a crafted HTML page. | |||||
| CVE-2022-0120 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2022-04-18 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in Passwords in Google Chrome prior to 97.0.4692.71 allowed a remote attacker to potentially leak cross-origin data via a malicious website. | |||||
| CVE-2022-25600 | 2 Fedoraproject, Flippercode | 2 Fedora, Wp Google Map | 2022-04-18 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-Site Request Forgery (CSRF) vulnerability affecting Delete Marker Category, Delete Map, and Copy Map functions in WP Google Map plugin (versions <= 4.2.3). | |||||
| CVE-2022-25601 | 2 Fedoraproject, Plugin-planet | 2 Fedora, Contact Form X | 2022-04-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| Reflected Cross-Site Scripting (XSS) vulnerability affecting parameter &tab discovered in Contact Form X WordPress plugin (versions <= 2.4). | |||||
| CVE-2022-26530 | 1 Swaywm | 1 Swaylock | 2022-04-18 | 6.4 MEDIUM | 9.1 CRITICAL |
| swaylock before 1.6 allows attackers to trigger a crash and achieve unlocked access to a Wayland compositor. | |||||
| CVE-2022-28541 | 1 Samsung | 1 Update | 2022-04-18 | 4.6 MEDIUM | 7.8 HIGH |
| Uncontrolled search path element vulnerability in Samsung Update prior to version 3.0.77.0 allows attackers to execute arbitrary code as Samsung Update permission. | |||||
| CVE-2022-25792 | 1 Autodesk | 11 Advance Steel, Autocad, Autocad Architecture and 8 more | 2022-04-18 | 6.8 MEDIUM | 7.8 HIGH |
| A maliciously crafted DXF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 can be used to write beyond the allocated buffer through Buffer overflow vulnerability. This vulnerability can be exploited to execute arbitrary code. | |||||
| CVE-2022-26091 | 1 Google | 1 Android | 2022-04-18 | 4.6 MEDIUM | 6.8 MEDIUM |
| Improper access control vulnerability in Knox Manage prior to SMR Apr-2022 Release 1 allows that physical attackers can bypass Knox Manage using a function key of hardware keyboard. | |||||
| CVE-2022-26092 | 1 Google | 1 Android | 2022-04-18 | 7.2 HIGH | 7.8 HIGH |
| Improper boundary check in Quram Agif library prior to SMR Apr-2022 Release 1 allows arbitrary code execution. | |||||
| CVE-2022-25833 | 1 Google | 1 Android | 2022-04-18 | 2.1 LOW | 3.3 LOW |
| Improper authentication in ImsService prior to SMR Apr-2022 Release 1 allows attackers to get IMSI without READ_PRIVILEGED_PHONE_STATE permission. | |||||
| CVE-2022-25796 | 1 Autodesk | 1 Navisworks | 2022-04-18 | 6.8 MEDIUM | 7.8 HIGH |
| A Double Free vulnerability allows remote malicious actors to execute arbitrary code on DWF file in Autodesk Navisworks 2022 within affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. | |||||
| CVE-2022-26090 | 1 Google | 1 Android | 2022-04-18 | 2.1 LOW | 3.3 LOW |
| Improper access control vulnerability in SamsungContacts prior to SMR Apr-2022 Release 1 allows that attackers can access contact information without permission. | |||||
| CVE-2022-26093 | 1 Google | 1 Android | 2022-04-18 | 7.5 HIGH | 9.8 CRITICAL |
| Null pointer dereference vulnerability in parser_irot function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker. | |||||
| CVE-2022-26094 | 1 Google | 1 Android | 2022-04-18 | 7.5 HIGH | 9.8 CRITICAL |
| Null pointer dereference vulnerability in parser_auxC function in libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attacker. | |||||
| CVE-2022-22255 | 1 Huawei | 2 Emui, Harmonyos | 2022-04-18 | 5.0 MEDIUM | 7.5 HIGH |
| The application framework has a common DoS vulnerability.Successful exploitation of this vulnerability may affect the availability. | |||||
| CVE-2022-22253 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-04-18 | 5.0 MEDIUM | 7.5 HIGH |
| The DFX module has a vulnerability of improper validation of integrity check values.Successful exploitation of this vulnerability may affect system stability. | |||||
| CVE-2022-1316 | 2 Microsoft, Zerotier | 2 Windows, Zerotierone | 2022-04-18 | 7.2 HIGH | 7.8 HIGH |
| ZeroTierOne for windows local privilege escalation because of incorrect directory privilege in GitHub repository zerotier/zerotierone prior to 1.8.8. Local Privilege Escalation | |||||