Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-22671 | 1 Apple | 2 Ipados, Iphone Os | 2022-03-24 | 2.1 LOW | 4.6 MEDIUM |
| An authentication issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access to an iOS device may be able to access photos from the lock screen. | |||||
| CVE-2022-22634 | 1 Apple | 3 Ipados, Iphone Os, Tvos | 2022-03-24 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-22636 | 1 Apple | 3 Ipados, Iphone Os, Tvos | 2022-03-24 | 9.3 HIGH | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-22621 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-03-24 | 2.1 LOW | 4.6 MEDIUM |
| This issue was addressed with improved checks. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. A person with physical access to an iOS device may be able to see sensitive information via keyboard suggestions. | |||||
| CVE-2022-22632 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-03-24 | 7.5 HIGH | 9.8 CRITICAL |
| A logic issue was addressed with improved state management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, watchOS 8.5, macOS Monterey 12.3. A malicious application may be able to elevate privileges. | |||||
| CVE-2022-22653 | 1 Apple | 2 Ipados, Iphone Os | 2022-03-24 | 5.0 MEDIUM | 7.5 HIGH |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 15.4 and iPadOS 15.4. A malicious website may be able to access information about the user and their devices. | |||||
| CVE-2022-22635 | 1 Apple | 3 Ipados, Iphone Os, Tvos | 2022-03-24 | 7.5 HIGH | 9.8 CRITICAL |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. An application may be able to gain elevated privileges. | |||||
| CVE-2022-22641 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2022-03-24 | 7.5 HIGH | 9.8 CRITICAL |
| A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3. An application may be able to gain elevated privileges. | |||||
| CVE-2022-22659 | 1 Apple | 2 Ipados, Iphone Os | 2022-03-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4. An attacker in a privileged network position may be able to leak sensitive user information. | |||||
| CVE-2022-22660 | 1 Apple | 1 Macos | 2022-03-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| This issue was addressed with a new entitlement. This issue is fixed in macOS Monterey 12.3. An app may be able to spoof system notifications and UI. | |||||
| CVE-2022-22612 | 1 Apple | 6 Ipados, Iphone Os, Itunes and 3 more | 2022-03-24 | 6.8 MEDIUM | 7.8 HIGH |
| A memory consumption issue was addressed with improved memory handling. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to heap corruption. | |||||
| CVE-2022-22611 | 1 Apple | 6 Ipados, Iphone Os, Itunes and 3 more | 2022-03-24 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2021-39021 | 1 Ibm | 1 Guardium Data Encryption | 2022-03-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Guardium Data Encryption (GDE) 5.0.0.2 behaves differently or sends different responses under different circumstances in a way that is observable to an unauthorized actor, which could facilitate username enumeration. IBM X-Force ID: 213856. | |||||
| CVE-2021-43572 | 1 Starkbank | 1 Ecdsa-python | 2022-03-24 | 7.5 HIGH | 9.8 CRITICAL |
| The verify function in the Stark Bank Python ECDSA library (aka starkbank-escada or ecdsa-python) before 2.0.1 fails to check that the signature is non-zero, which allows attackers to forge signatures on arbitrary messages. | |||||
| CVE-2021-45911 | 2 Debian, Gif2apng Project | 2 Debian Linux, Gif2apng | 2022-03-24 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow in the main function. It allows an attacker to write 2 bytes outside the boundaries of the buffer. | |||||
| CVE-2021-45910 | 2 Debian, Gif2apng Project | 2 Debian Linux, Gif2apng | 2022-03-24 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in gif2apng 1.9. There is a heap-based buffer overflow within the main function. It allows an attacker to write data outside of the allocated buffer. The attacker has control over a part of the address that data is written to, control over the written data, and (to some extent) control over the amount of data that is written. | |||||
| CVE-2021-24668 | 1 Feataholic | 1 Maz Loader | 2022-03-24 | 4.3 MEDIUM | 4.3 MEDIUM |
| The MAZ Loader WordPress plugin before 1.4.1 does not enforce nonce checks, which allows attackers to make administrators delete arbitrary loaders via a CSRF attack | |||||
| CVE-2021-24343 | 1 Iflychat | 1 Iflychat | 2022-03-24 | 3.5 LOW | 4.8 MEDIUM |
| The iFlyChat WordPress plugin before 4.7.0 does not sanitise its APP ID setting before outputting it back in the page, leading to an authenticated Stored Cross-Site Scripting issue | |||||
| CVE-2021-46699 | 1 Siemens | 1 Simcenter Femap | 2022-03-24 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.1). Affected application contains a stack based buffer overflow vulnerability while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15061) | |||||
| CVE-2021-44962 | 1 Slic3r | 1 Libslic3r | 2022-03-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| An out-of-bounds read vulnerability exists in the GCode::extrude() functionality of Slic3r libslic3r 1.3.0 and Master Commit b1a5500. A specially crafted stl file could lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability. | |||||