Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-32881 | 1 Apple | 3 Macos, Tvos, Watchos | 2022-11-03 | N/A | 5.5 MEDIUM |
| A logic issue was addressed with improved restrictions. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, watchOS 9, macOS Monterey 12.6, tvOS 16. An app may be able to modify protected parts of the file system. | |||||
| CVE-2022-42806 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2022-11-02 | N/A | 7.0 HIGH |
| A race condition was addressed with improved locking. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-42810 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2022-11-02 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13. Processing a maliciously crafted USD file may disclose memory contents. | |||||
| CVE-2022-42809 | 1 Apple | 1 Macos | 2022-11-02 | N/A | 7.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. Processing a maliciously crafted gcx file may lead to unexpected app termination or arbitrary code execution. | |||||
| CVE-2022-42808 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-11-02 | N/A | 9.8 CRITICAL |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. A remote user may be able to cause kernel code execution. | |||||
| CVE-2022-42803 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-11-02 | N/A | 7.0 HIGH |
| A race condition was addressed with improved locking. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-42800 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2022-11-02 | N/A | 7.8 HIGH |
| This issue was addressed with improved checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. A user may be able to cause unexpected app termination or arbitrary code execution. | |||||
| CVE-2022-42798 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2022-11-02 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. Parsing a maliciously crafted audio file may lead to disclosure of user information. | |||||
| CVE-2022-42796 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2022-11-02 | N/A | 7.8 HIGH |
| This issue was addressed by removing the vulnerable code. This issue is fixed in iOS 15.7 and iPadOS 15.7, macOS Ventura 13. An app may be able to gain elevated privileges. | |||||
| CVE-2022-42793 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2022-11-02 | N/A | 5.5 MEDIUM |
| An issue in code signature validation was addressed with improved checks. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, macOS Monterey 12.6. An app may be able to bypass code signing checks. | |||||
| CVE-2022-43066 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-11-02 | N/A | 7.2 HIGH |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms/classes/Master.php?f=delete_message. | |||||
| CVE-2022-43227 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-11-02 | N/A | 7.2 HIGH |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms/admin/?page=appointments/view_appointment. | |||||
| CVE-2022-43226 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-11-02 | N/A | 8.8 HIGH |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms/?page=appointments/view_appointment. | |||||
| CVE-2022-41551 | 1 Garage Management System Project | 1 Garage Management System | 2022-11-02 | N/A | 7.2 HIGH |
| Garage Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /garage/editorder.php. | |||||
| CVE-2022-43068 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2022-11-02 | N/A | 7.2 HIGH |
| Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /classes/Master.php?f=delete_reservation. | |||||
| CVE-2021-43267 | 3 Fedoraproject, Linux, Netapp | 16 Fedora, Linux Kernel, H300e and 13 more | 2022-11-02 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type. | |||||
| CVE-2021-38191 | 1 Tokio | 1 Tokio | 2022-11-02 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in the tokio crate before 1.8.1 for Rust. Upon a JoinHandle::abort, a Task may be dropped in the wrong thread. | |||||
| CVE-2022-40294 | 1 Phppointofsale | 1 Php Point Of Sale | 2022-11-02 | N/A | 8.8 HIGH |
| The application was identified to have an CSV injection in data export functionality, allowing for malicious code to be embedded within export data and then triggered in exported data viewers. | |||||
| CVE-2020-36447 | 1 V9 Project | 1 V9 | 2022-11-02 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the v9 crate through 2020-12-18 for Rust. There is an unconditional implementation of Sync for SyncRef<T>. | |||||
| CVE-2022-40296 | 1 Phppointofsale | 1 Php Point Of Sale | 2022-11-02 | N/A | 9.8 CRITICAL |
| The application was vulnerable to a Server-Side Request Forgery attacks, allowing the backend server to interact with unexpected endpoints, potentially including internal and local services, leading to attacks in other downstream systems. | |||||