Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-45504 | 1 Tenda | 2 W6-s, W6-s Firmware | 2022-12-09 | N/A | 7.5 HIGH |
| An issue in the component tpi_systool_handle(0) (/goform/SysToolRestoreSet) of Tenda W6-S v1.0.0.4(510) allows unauthenticated attackers to arbitrarily reboot the device. | |||||
| CVE-2022-45498 | 1 Tenda | 2 W6-s, W6-s Firmware | 2022-12-09 | N/A | 7.5 HIGH |
| An issue in the component tpi_systool_handle(0) (/goform/SysToolReboot) of Tenda W6-S v1.0.0.4(510) allows unauthenticated attackers to arbitrarily reboot the device. | |||||
| CVE-2020-36609 | 1 Duxcms Project | 1 Duxcms | 2022-12-09 | N/A | 5.4 MEDIUM |
| A vulnerability was found in annyshow DuxCMS 2.1. It has been classified as problematic. This affects an unknown part of the file admin.php&r=article/AdminContent/edit of the component Article Handler. The manipulation of the argument content leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-215115. | |||||
| CVE-2022-23493 | 1 Neutrinolabs | 1 Xrdp | 2022-12-09 | N/A | 9.1 CRITICAL |
| xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_mm_trans_process_drdynvc_channel_close() function. There are no known workarounds for this issue. Users are advised to upgrade. | |||||
| CVE-2022-23484 | 1 Neutrinolabs | 1 Xrdp | 2022-12-09 | N/A | 9.8 CRITICAL |
| xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Integer Overflow in xrdp_mm_process_rail_update_window_text() function. There are no known workarounds for this issue. Users are advised to upgrade. | |||||
| CVE-2022-23479 | 1 Neutrinolabs | 1 Xrdp | 2022-12-09 | N/A | 9.8 CRITICAL |
| xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_mm_chan_data_in() function. There are no known workarounds for this issue. Users are advised to upgrade. | |||||
| CVE-2022-23478 | 1 Neutrinolabs | 1 Xrdp | 2022-12-09 | N/A | 9.8 CRITICAL |
| xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Write in xrdp_mm_trans_process_drdynvc_channel_open() function. There are no known workarounds for this issue. Users are advised to upgrade. | |||||
| CVE-2022-23480 | 1 Neutrinolabs | 1 Xrdp | 2022-12-09 | N/A | 9.8 CRITICAL |
| xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in devredir_proc_client_devlist_announce_req() function. There are no known workarounds for this issue. Users are advised to upgrade. | |||||
| CVE-2022-23477 | 1 Neutrinolabs | 1 Xrdp | 2022-12-09 | N/A | 9.8 CRITICAL |
| xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in audin_send_open() function. There are no known workarounds for this issue. Users are advised to upgrade. | |||||
| CVE-2022-23468 | 1 Neutrinolabs | 1 Xrdp | 2022-12-09 | N/A | 9.8 CRITICAL |
| xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_login_wnd_create() function. There are no known workarounds for this issue. Users are advised to upgrade. | |||||
| CVE-2022-23481 | 1 Neutrinolabs | 1 Xrdp | 2022-12-09 | N/A | 9.1 CRITICAL |
| xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_caps_process_confirm_active() function. There are no known workarounds for this issue. Users are advised to upgrade. | |||||
| CVE-2022-45514 | 1 Tenda | 2 W30e, W30e Firmware | 2022-12-09 | N/A | 7.5 HIGH |
| Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/webExcptypemanFilter. | |||||
| CVE-2022-45513 | 1 Tenda | 2 W30e, W30e Firmware | 2022-12-09 | N/A | 7.5 HIGH |
| Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/P2pListFilter. | |||||
| CVE-2022-45512 | 1 Tenda | 2 W30e, W30e Firmware | 2022-12-09 | N/A | 7.5 HIGH |
| Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/SafeEmailFilter. | |||||
| CVE-2022-23483 | 1 Neutrinolabs | 1 Xrdp | 2022-12-09 | N/A | 9.1 CRITICAL |
| xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in libxrdp_send_to_channel() function. There are no known workarounds for this issue. Users are advised to upgrade. | |||||
| CVE-2022-23482 | 1 Neutrinolabs | 1 Xrdp | 2022-12-09 | N/A | 9.1 CRITICAL |
| xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_sec_process_mcs_data_CS_CORE() function. There are no known workarounds for this issue. Users are advised to upgrade. | |||||
| CVE-2022-39894 | 1 Google | 1 Android | 2022-12-09 | N/A | 3.3 LOW |
| Improper access control vulnerability in ContactListStartActivityHelper in Phone prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent. | |||||
| CVE-2022-39895 | 1 Google | 1 Android | 2022-12-09 | N/A | 3.3 LOW |
| Improper access control vulnerability in ContactListUtils in Phone prior to SMR Dec-2022 Release 1 allows to access contact group information via implicit intent. | |||||
| CVE-2022-39896 | 1 Google | 1 Android | 2022-12-09 | N/A | 3.3 LOW |
| Improper access control vulnerabilities in Contacts prior to SMR Dec-2022 Release 1 allows to access sensitive information via implicit intent. | |||||
| CVE-2022-39897 | 1 Google | 1 Android | 2022-12-09 | N/A | 5.5 MEDIUM |
| Exposure of Sensitive Information vulnerability in kernel prior to SMR Dec-2022 Release 1 allows attackers to access the kernel address information via log. | |||||