Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-42516 | 1 Google | 1 Android | 2022-12-21 | N/A | 4.4 MEDIUM |
| In ProtocolSimBuilderLegacy::BuildSimGetGbaAuth of protocolsimbuilderlegacy.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763577References: N/A | |||||
| CVE-2022-46549 | 1 Tenda | 2 F1203, F1203 Firmware | 2022-12-21 | N/A | 7.5 HIGH |
| Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/saveParentControlInfo. | |||||
| CVE-2022-46548 | 1 Tenda | 2 F1203, F1203 Firmware | 2022-12-21 | N/A | 7.5 HIGH |
| Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/DhcpListClient. | |||||
| CVE-2022-42515 | 1 Google | 1 Android | 2022-12-21 | N/A | 4.4 MEDIUM |
| In MiscService::DoOemSetRtpPktlossThreshold of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763503References: N/A | |||||
| CVE-2022-46547 | 1 Tenda | 2 F1203, F1203 Firmware | 2022-12-21 | N/A | 7.5 HIGH |
| Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/VirtualSer. | |||||
| CVE-2022-46546 | 1 Tenda | 2 F1203, F1203 Firmware | 2022-12-21 | N/A | 7.5 HIGH |
| Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the entrys parameter at /goform/RouteStatic. | |||||
| CVE-2022-46545 | 1 Tenda | 2 F1203, F1203 Firmware | 2022-12-21 | N/A | 7.5 HIGH |
| Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting. | |||||
| CVE-2022-46544 | 1 Tenda | 2 F1203, F1203 Firmware | 2022-12-21 | N/A | 7.5 HIGH |
| Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the cmdinput parameter at /goform/exeCommand. | |||||
| CVE-2022-42510 | 1 Google | 1 Android | 2022-12-21 | N/A | 6.7 MEDIUM |
| In StringsRequestData::encode of requestdata.cpp, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241762656References: N/A | |||||
| CVE-2022-42509 | 1 Google | 1 Android | 2022-12-21 | N/A | 6.7 MEDIUM |
| In CallDialReqData::encode of callreqdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241544307References: N/A | |||||
| CVE-2022-25628 | 1 Broadcom | 1 Symantec Identity Governance And Administration | 2022-12-21 | N/A | 8.8 HIGH |
| An authenticated user can perform XML eXternal Entity injection in Management Console in Symantec Identity Manager 14.4 | |||||
| CVE-2022-42508 | 1 Google | 1 Android | 2022-12-21 | N/A | 6.7 MEDIUM |
| In ProtocolCallBuilder::BuildSendUssd of protocolcallbuilder.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241388966References: N/A | |||||
| CVE-2022-25627 | 1 Broadcom | 1 Symantec Identity Governance And Administration | 2022-12-21 | N/A | 6.7 MEDIUM |
| An authenticated administrator who has physical access to the environment can carry out Remote Command Execution on Management Console in Symantec Identity Manager 14.4 | |||||
| CVE-2022-25626 | 1 Broadcom | 1 Symantec Identity Governance And Administration | 2022-12-21 | N/A | 5.3 MEDIUM |
| An unauthenticated user can access Identity Manager’s management console specific page URLs. However, the system doesn’t allow the user to carry out server side tasks without a valid web session. | |||||
| CVE-2022-20610 | 1 Google | 1 Android | 2022-12-21 | N/A | 8.8 HIGH |
| In cellular modem firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-240462530References: N/A | |||||
| CVE-2022-20609 | 1 Google | 1 Android | 2022-12-21 | N/A | 5.5 MEDIUM |
| In Pixel cellular firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239240808References: N/A | |||||
| CVE-2022-20608 | 1 Google | 1 Android | 2022-12-21 | N/A | 5.5 MEDIUM |
| In Pixel cellular firmware, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-239239246References: N/A | |||||
| CVE-2022-20607 | 1 Google | 1 Android | 2022-12-21 | N/A | 8.8 HIGH |
| In the Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with LTE authentication needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-238914868References: N/A | |||||
| CVE-2022-43484 | 1 Nttdata | 2 Terasoluna Global Framework, Terasoluna Server Framework For Java \(rich\) | 2022-12-21 | N/A | 7.8 HIGH |
| TERASOLUNA Global Framework 1.0.0 (Public review version) and TERASOLUNA Server Framework for Java (Rich) 2.0.0.2 to 2.0.5.1 are vulnerable to a ClassLoader manipulation vulnerability due to using the old version of Spring Framework which contains the vulnerability.The vulnerability is caused by an improper input validation issue in the binding mechanism of Spring MVC. By the application processing a specially crafted file, arbitrary code may be executed with the privileges of the application. | |||||
| CVE-2013-0791 | 4 Canonical, Mozilla, Oracle and 1 more | 13 Ubuntu Linux, Firefox, Firefox Esr and 10 more | 2022-12-21 | 5.0 MEDIUM | N/A |
| The CERT_DecodeCertPackage function in Mozilla Network Security Services (NSS), as used in Mozilla Firefox before 20.0, Firefox ESR 17.x before 17.0.5, Thunderbird before 17.0.5, Thunderbird ESR 17.x before 17.0.5, SeaMonkey before 2.17, and other products, allows remote attackers to cause a denial of service (out-of-bounds read and memory corruption) via a crafted certificate. | |||||