Total
2350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-1733 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2022-10-31 | 4.6 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.4968. | |||||
| CVE-2022-1629 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2022-10-31 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution | |||||
| CVE-2022-1769 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2022-10-31 | 4.6 MEDIUM | 7.8 HIGH |
| Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. | |||||
| CVE-2022-1735 | 2 Apple, Vim | 2 Macos, Vim | 2022-10-31 | 6.8 MEDIUM | 7.8 HIGH |
| Classic Buffer Overflow in GitHub repository vim/vim prior to 8.2.4969. | |||||
| CVE-2022-1927 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2022-10-31 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer Over-read in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-2124 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2022-10-31 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer Over-read in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-2125 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2022-10-31 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-2126 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2022-10-31 | 6.8 MEDIUM | 7.8 HIGH |
| Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-38436 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2022-10-31 | N/A | 7.8 HIGH |
| Adobe Illustrator versions 26.4 (and earlier) and 25.4.7 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-38435 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2022-10-31 | N/A | 7.8 HIGH |
| Adobe Illustrator versions 26.4 (and earlier) and 25.4.7 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-0971 | 3 Apple, Google, Linux | 4 Macos, Android, Chrome and 1 more | 2022-10-27 | N/A | 8.8 HIGH |
| Use after free in Blink Layout in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0796 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2022-10-27 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in Media in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0797 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2022-10-27 | 6.8 MEDIUM | 8.8 HIGH |
| Out of bounds memory access in Mojo in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. | |||||
| CVE-2022-0799 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2022-10-27 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient policy enforcement in Installer in Google Chrome on Windows prior to 99.0.4844.51 allowed a remote attacker to perform local privilege escalation via a crafted offline installer file. | |||||
| CVE-2022-0798 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2022-10-27 | 6.8 MEDIUM | 8.8 HIGH |
| Use after free in MediaStream in Google Chrome prior to 99.0.4844.51 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted Chrome Extension. | |||||
| CVE-2022-0972 | 3 Apple, Google, Linux | 4 Macos, Android, Chrome and 1 more | 2022-10-27 | N/A | 8.8 HIGH |
| Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-29046 | 2 Apple, Jenkins | 2 Macos, Subversion | 2022-10-27 | 3.5 LOW | 5.4 MEDIUM |
| Jenkins Subversion Plugin 2.15.3 and earlier does not escape the name and description of List Subversion tags (and more) parameters on views displaying parameters, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. | |||||
| CVE-2022-29048 | 2 Apple, Jenkins | 2 Macos, Subversion | 2022-10-27 | 4.3 MEDIUM | 4.3 MEDIUM |
| A cross-site request forgery (CSRF) vulnerability in Jenkins Subversion Plugin 2.15.3 and earlier allows attackers to connect to an attacker-specified URL. | |||||
| CVE-2021-36006 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2022-10-27 | 4.3 MEDIUM | 3.3 LOW |
| Adobe Photoshop versions 21.2.9 (and earlier) and 22.4.2 (and earlier) are affected by an Improper input validation vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose arbitrary memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-28838 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2022-10-26 | 9.3 HIGH | 7.8 HIGH |
| Acrobat Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||