Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-40059 | 1 Huawei | 2 Emui, Magic Ui | 2022-03-14 | 3.3 LOW | 6.5 MEDIUM |
| There is a permission control vulnerability in the Wi-Fi module. Successful exploitation of this vulnerability may affect confidentiality. | |||||
| CVE-2022-25395 | 1 Cosmetics And Beauty Product Online Store Project | 1 Cosmetics And Beauty Product Online Store | 2022-03-14 | 4.3 MEDIUM | 9.6 CRITICAL |
| Cosmetics and Beauty Product Online Store v1.0 was discovered to contain multiple reflected cross-site scripting (XSS) attacks via the search parameter under the /cbpos/ app. | |||||
| CVE-2022-23265 | 1 Microsoft | 1 Defender For Iot | 2022-03-14 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft Defender for IoT Remote Code Execution Vulnerability. | |||||
| CVE-2021-40058 | 1 Huawei | 2 Emui, Magic Ui | 2022-03-14 | 7.8 HIGH | 7.5 HIGH |
| There is a heap-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2022-22007 | 1 Microsoft | 1 Hevc Video Extensions | 2022-03-14 | 6.8 MEDIUM | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22006, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453, CVE-2022-24456. | |||||
| CVE-2021-40057 | 1 Huawei | 2 Emui, Magic Ui | 2022-03-14 | 7.8 HIGH | 7.5 HIGH |
| There is a heap-based and stack-based buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2022-25394 | 1 Medical Store Management System Project | 1 Medical Store Management System | 2022-03-14 | 10.0 HIGH | 9.8 CRITICAL |
| Medical Store Management System v1.0 was discovered to contain a SQL injection vulnerability via the cid parameter under customer-add.php. | |||||
| CVE-2021-40056 | 1 Huawei | 2 Emui, Magic Ui | 2022-03-14 | 7.8 HIGH | 7.5 HIGH |
| There is a vulnerability of copying input buffer without checking its size in the video framework. Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2022-22006 | 1 Microsoft | 1 Hevc Video Extensions | 2022-03-14 | 6.8 MEDIUM | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22007, CVE-2022-23301, CVE-2022-24452, CVE-2022-24453, CVE-2022-24456. | |||||
| CVE-2021-40055 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-14 | 7.1 HIGH | 5.9 MEDIUM |
| There is a man-in-the-middle attack vulnerability during system update download in recovery mode. Successful exploitation of this vulnerability may affect integrity. | |||||
| CVE-2021-40054 | 1 Huawei | 2 Emui, Magic Ui | 2022-03-14 | 7.8 HIGH | 7.5 HIGH |
| There is an integer underflow vulnerability in the atcmdserver module. Successful exploitation of this vulnerability may affect integrity. | |||||
| CVE-2021-40051 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-14 | 5.0 MEDIUM | 7.5 HIGH |
| There is an unauthorized access vulnerability in system components. Successful exploitation of this vulnerability will affect confidentiality. | |||||
| CVE-2021-40050 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-14 | 10.0 HIGH | 9.8 CRITICAL |
| There is an out-of-bounds read vulnerability in the IFAA module. Successful exploitation of this vulnerability may cause stack overflow. | |||||
| CVE-2021-40049 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-14 | 5.0 MEDIUM | 7.5 HIGH |
| There is a permission control vulnerability in the PMS module. Successful exploitation of this vulnerability can lead to sensitive system information being obtained without authorization. | |||||
| CVE-2021-40048 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-14 | 7.8 HIGH | 7.5 HIGH |
| There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability. | |||||
| CVE-2021-40047 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-14 | 7.8 HIGH | 7.5 HIGH |
| There is a vulnerability of memory not being released after effective lifetime in the Bastet module. Successful exploitation of this vulnerability may affect integrity. | |||||
| CVE-2022-24727 | 2022-03-14 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-23915. Reason: This candidate is a reservation duplicate of CVE-2022-23915. Notes: All CVE users should reference CVE-2022-23915 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2022-25393 | 1 Simple Bakery Shop Management Project | 1 Simple Bakery Shop Management | 2022-03-14 | 5.0 MEDIUM | 7.5 HIGH |
| Simple Bakery Shop Management v1.0 was discovered to contain a SQL injection vulnerability via the username parameter. | |||||
| CVE-2022-25115 | 1 Home Owners Collection Management System Project | 1 Home Owners Collection Management System | 2022-03-14 | 6.8 MEDIUM | 7.8 HIGH |
| A remote code execution (RCE) vulnerability in the Avatar parameter under /admin/?page=user/manage_user of Home Owners Collection Management System v1.0 allows attackers to execute arbitrary code via a crafted PNG file. | |||||
| CVE-2022-25051 | 1 Rtl 433 Project | 1 Rtl 433 | 2022-03-14 | 4.3 MEDIUM | 5.5 MEDIUM |
| An Off-by-one Error occurs in cmr113_decode of rtl_433 21.12 when decoding a crafted file. | |||||