Total
210374 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-4274 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2022-11-14 | 9.3 HIGH | 8.8 HIGH |
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4275, CVE-2016-4276, CVE-2016-4280, CVE-2016-4281, CVE-2016-4282, CVE-2016-4283, CVE-2016-4284, CVE-2016-4285, CVE-2016-6922, and CVE-2016-6924. | |||||
CVE-2016-4271 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2022-11-14 | 4.3 MEDIUM | 6.5 MEDIUM |
Adobe Flash Player before 18.0.0.375 and 19.x through 23.x before 23.0.0.162 on Windows and OS X and before 11.2.202.635 on Linux allows attackers to bypass intended access restrictions and obtain sensitive information via unspecified vectors, a different vulnerability than CVE-2016-4277 and CVE-2016-4278, aka a "local-with-filesystem Flash sandbox bypass" issue. | |||||
CVE-1999-0524 | 11 Apple, Cisco, Hp and 8 more | 14 Mac Os X, Macos, Ios and 11 more | 2022-11-14 | 2.1 LOW | N/A |
ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. | |||||
CVE-2021-32001 | 1 Suse | 2 Rancher K3s, Rancher Rke2 | 2022-11-14 | 4.0 MEDIUM | 6.5 MEDIUM |
K3s in SUSE Rancher allows any user with direct access to the datastore, or a copy of a datastore backup, to extract the cluster's confidential keying material (cluster certificate authority private keys, secrets encryption configuration passphrase, etc.) and decrypt it, without having to know the token value. This issue affects: SUSE Rancher K3s version v1.19.12+k3s1, v1.20.8+k3s1, v1.21.2+k3s1 and prior versions; RKE2 version v1.19.12+rke2r1, v1.20.8+rke2r1, v1.21.2+rke2r1 and prior versions. | |||||
CVE-2022-44552 | 1 Huawei | 2 Emui, Harmonyos | 2022-11-14 | N/A | 7.5 HIGH |
The lock screen module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability. | |||||
CVE-2022-44551 | 1 Huawei | 2 Emui, Harmonyos | 2022-11-14 | N/A | 9.8 CRITICAL |
The iaware module has a vulnerability in thread security. Successful exploitation of this vulnerability will affect confidentiality, integrity, and availability. | |||||
CVE-2022-44554 | 1 Huawei | 2 Emui, Harmonyos | 2022-11-14 | N/A | 7.5 HIGH |
The power module has a vulnerability in permission verification. Successful exploitation of this vulnerability may cause abnormal status of a module on the device. | |||||
CVE-2022-44553 | 1 Huawei | 2 Emui, Harmonyos | 2022-11-14 | N/A | 5.3 MEDIUM |
The HiView module has a vulnerability of not filtering third-party apps out when the HiView module traverses to invoke the system provider. Successful exploitation of this vulnerability may cause third-party apps to start periodically. | |||||
CVE-2022-44555 | 1 Huawei | 2 Emui, Harmonyos | 2022-11-14 | N/A | 7.5 HIGH |
The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable. | |||||
CVE-2022-44557 | 1 Huawei | 2 Emui, Harmonyos | 2022-11-14 | N/A | 7.5 HIGH |
The SmartTrimProcessEvent module has a vulnerability of obtaining the read and write permissions on arbitrary system files. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
CVE-2022-44559 | 1 Huawei | 2 Emui, Harmonyos | 2022-11-14 | N/A | 9.8 CRITICAL |
The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. | |||||
CVE-2022-44558 | 1 Huawei | 2 Emui, Harmonyos | 2022-11-14 | N/A | 9.8 CRITICAL |
The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation. | |||||
CVE-2020-12672 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Backports Sle and 1 more | 2022-11-14 | 5.0 MEDIUM | 7.5 HIGH |
GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c. | |||||
CVE-2022-44797 | 2 Btcd Project, Lightning Network Daemon Project | 2 Btcd, Lightning Network Daemon | 2022-11-14 | N/A | 9.8 CRITICAL |
btcd before 0.23.2, as used in Lightning Labs lnd before 0.15.2-beta and other Bitcoin-related products, mishandles witness size checking. | |||||
CVE-2022-41063 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2022-11-14 | N/A | 7.8 HIGH |
Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41106. | |||||
CVE-2022-41085 | 1 Microsoft | 1 Azure Cyclecloud | 2022-11-14 | N/A | 8.8 HIGH |
Azure CycleCloud Elevation of Privilege Vulnerability. | |||||
CVE-2022-38043 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-11-14 | N/A | 5.5 MEDIUM |
Windows Security Support Provider Interface Information Disclosure Vulnerability. | |||||
CVE-2022-34734 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-11-14 | N/A | 8.8 HIGH |
Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34726, CVE-2022-34727, CVE-2022-34730, CVE-2022-34732. | |||||
CVE-2022-34732 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-11-14 | N/A | 8.8 HIGH |
Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34726, CVE-2022-34727, CVE-2022-34730, CVE-2022-34734. | |||||
CVE-2022-34730 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2022-11-14 | N/A | 8.8 HIGH |
Microsoft ODBC Driver Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-34726, CVE-2022-34727, CVE-2022-34732, CVE-2022-34734. |