Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-1350 | 1 Liferea Project | 1 Liferea | 2023-03-15 | N/A | 9.8 CRITICAL |
| A vulnerability was found in liferea. It has been rated as critical. Affected by this issue is the function update_job_run of the file src/update.c of the component Feed Enrichment. The manipulation of the argument source with the input |date >/tmp/bad-item-link.txt leads to os command injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 8d8b5b963fa64c7a2122d1bbfbb0bed46e813e59. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-222848. | |||||
| CVE-2023-1349 | 1 Hsycms | 1 Hsycms | 2023-03-15 | N/A | 6.1 MEDIUM |
| A vulnerability, which was classified as problematic, has been found in Hsycms 3.1. Affected by this issue is some unknown functionality of the file controller\cate.php of the component Add Category Module. The manipulation of the argument title leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-222842 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-33278 | 1 Qualcomm | 246 Aqt1000, Aqt1000 Firmware, Ar8035 and 243 more | 2023-03-15 | N/A | 7.8 HIGH |
| Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer capacity. | |||||
| CVE-2022-33309 | 1 Qualcomm | 130 Csr8811, Csr8811 Firmware, Ipq5010 and 127 more | 2023-03-15 | N/A | 7.5 HIGH |
| Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39 Bytes. | |||||
| CVE-2021-2173 | 1 Oracle | 1 Database Server | 2023-03-15 | 4.0 MEDIUM | 4.1 MEDIUM |
| Vulnerability in the Recovery component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having DBA Level Account privilege with network access via Oracle Net to compromise Recovery. While the vulnerability is in Recovery, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Recovery accessible data. CVSS 3.1 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N). | |||||
| CVE-2022-33242 | 1 Qualcomm | 314 Aqt1000, Aqt1000 Firmware, Ar8031 and 311 more | 2023-03-15 | N/A | 7.8 HIGH |
| Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio PD. | |||||
| CVE-2022-33213 | 1 Qualcomm | 418 Apq8009, Apq8009 Firmware, Apq8009w and 415 more | 2023-03-15 | N/A | 8.8 HIGH |
| Memory corruption in modem due to buffer overflow while processing a PPP packet | |||||
| CVE-2022-25709 | 1 Qualcomm | 136 Ar8035, Ar8035 Firmware, Qca6174a and 133 more | 2023-03-15 | N/A | 7.8 HIGH |
| Memory corruption in modem due to use of out of range pointer offset while processing qmi msg | |||||
| CVE-2022-25705 | 1 Qualcomm | 402 Apq8009, Apq8009 Firmware, Apq8009w and 399 more | 2023-03-15 | N/A | 7.8 HIGH |
| Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response | |||||
| CVE-2022-25694 | 1 Qualcomm | 416 Apq8009, Apq8009 Firmware, Apq8009w and 413 more | 2023-03-15 | N/A | 7.8 HIGH |
| Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM | |||||
| CVE-2022-25655 | 1 Qualcomm | 476 Apq8009, Apq8009 Firmware, Apq8017 and 473 more | 2023-03-15 | N/A | 7.8 HIGH |
| Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload. | |||||
| CVE-2022-22075 | 1 Qualcomm | 366 Apq8009, Apq8009 Firmware, Apq8009w and 363 more | 2023-03-15 | N/A | 5.5 MEDIUM |
| Information Disclosure in Graphics during GPU context switch. | |||||
| CVE-2022-47479 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-03-15 | N/A | 5.5 MEDIUM |
| In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | |||||
| CVE-2022-47478 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-03-15 | N/A | 5.5 MEDIUM |
| In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | |||||
| CVE-2022-47477 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-03-15 | N/A | 5.5 MEDIUM |
| In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | |||||
| CVE-2022-47476 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-03-15 | N/A | 5.5 MEDIUM |
| In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | |||||
| CVE-2022-47475 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-03-15 | N/A | 5.5 MEDIUM |
| In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | |||||
| CVE-2022-47474 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-03-15 | N/A | 5.5 MEDIUM |
| In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | |||||
| CVE-2022-47473 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-03-15 | N/A | 5.5 MEDIUM |
| In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | |||||
| CVE-2022-47472 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2023-03-15 | N/A | 5.5 MEDIUM |
| In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. | |||||