Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-21650 | 1 Convos | 1 Convos | 2022-01-11 | 3.5 LOW | 5.4 MEDIUM |
| Convos is an open source multi-user chat that runs in a web browser. You can't use SVG extension in Convos' chat window, but you can upload a file with an .html extension. By uploading an SVG file with an html extension the upload filter can be bypassed. This causes Stored XSS. Also, after uploading a file the XSS attack is triggered upon a user viewing the file. Through this vulnerability, an attacker is capable to execute malicious scripts. Users are advised to update as soon as possible. | |||||
| CVE-2022-20019 | 2 Google, Mediatek | 40 Android, Mt6595, Mt6735 and 37 more | 2022-01-11 | 2.1 LOW | 5.5 MEDIUM |
| In libMtkOmxGsmDec, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917620; Issue ID: ALPS05917620. | |||||
| CVE-2021-30273 | 1 Qualcomm | 148 Apq8009w, Apq8009w Firmware, Apq8096au and 145 more | 2022-01-11 | 5.0 MEDIUM | 7.5 HIGH |
| Possible assertion due to improper handling of IPV6 packet with invalid length in destination options header in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables | |||||
| CVE-2021-46074 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2022-01-11 | 3.5 LOW | 4.8 MEDIUM |
| A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the Settings Section in login panel. | |||||
| CVE-2021-46073 | 1 Vehicle Service Management System Project | 1 Vehicle Service Management System | 2022-01-11 | 3.5 LOW | 4.8 MEDIUM |
| A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel. | |||||
| CVE-2021-45939 | 1 Wolfssl | 1 Wolfmqtt | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Subscribe). | |||||
| CVE-2021-45938 | 1 Wolfssl | 1 Wolfmqtt | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Unsubscribe). | |||||
| CVE-2021-45937 | 1 Wolfssl | 1 Wolfmqtt | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Connect). | |||||
| CVE-2021-45936 | 1 Wolfssl | 1 Wolfmqtt | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttDecode_Disconnect (called from MqttClient_DecodePacket and MqttClient_WaitType). | |||||
| CVE-2021-45934 | 1 Wolfssl | 1 Wolfmqtt | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_HandlePacket and MqttClient_WaitType). | |||||
| CVE-2021-45980 | 2 Apple, Foxit | 3 Macos, Pdf Editor, Pdf Reader | 2022-01-11 | 6.8 MEDIUM | 7.8 HIGH |
| Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary code via getURL in the JavaScript API. | |||||
| CVE-2021-45933 | 1 Wolfssl | 1 Wolfmqtt | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (8 bytes) in MqttDecode_Publish (called from MqttClient_DecodePacket and MqttClient_HandlePacket). | |||||
| CVE-2021-45932 | 1 Wolfssl | 1 Wolfmqtt | 2022-01-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow (4 bytes) in MqttDecode_Publish (called from MqttClient_DecodePacket and MqttClient_HandlePacket). | |||||
| CVE-2022-20018 | 2 Google, Mediatek | 33 Android, Mt6580, Mt6739 and 30 more | 2022-01-11 | 2.1 LOW | 4.4 MEDIUM |
| In seninf driver, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05863018; Issue ID: ALPS05863018. | |||||
| CVE-2020-7883 | 2 Microsoft, Wowsoft | 2 Windows, Printchaser | 2022-01-11 | 7.5 HIGH | 9.8 CRITICAL |
| Printchaser v2.2021.804.1 and earlier versions contain a vulnerability, which could allow remote attacker to download and execute remote file by setting the argument, variable in the activeX module. This can be leveraged for code execution. | |||||
| CVE-2022-0083 | 1 Livehelperchat | 1 Live Helper Chat | 2022-01-11 | 5.0 MEDIUM | 5.3 MEDIUM |
| livehelperchat is vulnerable to Generation of Error Message Containing Sensitive Information | |||||
| CVE-2021-37132 | 1 Huawei | 1 Harmonyos | 2022-01-11 | 5.0 MEDIUM | 5.3 MEDIUM |
| PackageManagerService has a Permissions, Privileges, and Access Controls vulnerability .Successful exploitation of this vulnerability may cause that Third-party apps can obtain the complete list of Harmony apps without permission. | |||||
| CVE-2021-37128 | 1 Huawei | 1 Harmonyos | 2022-01-11 | 7.5 HIGH | 9.8 CRITICAL |
| HwPCAssistant has a Path Traversal vulnerability .Successful exploitation of this vulnerability may write any file. | |||||
| CVE-2021-37126 | 1 Huawei | 1 Harmonyos | 2022-01-11 | 5.0 MEDIUM | 7.5 HIGH |
| Arbitrary file has a Exposure of Sensitive Information to an Unauthorized Actor vulnerability .Successful exploitation of this vulnerability may cause the directory is traversed. | |||||
| CVE-2022-20014 | 2 Google, Mediatek | 18 Android, Mt6781, Mt6785 and 15 more | 2022-01-11 | 4.6 MEDIUM | 6.7 MEDIUM |
| In vow driver, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05857308; Issue ID: ALPS05857308. | |||||