Total
11829 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-34436 | 1 Dell | 2 Idrac8, Idrac8 Firmware | 2024-11-21 | N/A | 2.7 LOW |
|
Dell iDRAC8 version 2.83.83.83 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update.
|
|||||
| CVE-2022-34435 | 1 Dell | 2 Idrac9, Idrac9 Firmware | 2024-11-21 | N/A | 2.7 LOW |
|
Dell iDRAC9 version 6.00.02.00 and prior contain an improper input validation vulnerability in Racadm when the firmware lock-down configuration is set. A remote high privileged attacker could exploit this vulnerability to bypass the firmware lock-down configuration and perform a firmware update.
|
|||||
| CVE-2022-34393 | 1 Dell | 52 G5 Se 5505, G5 Se 5505 Firmware, Inspiron 27 7775 and 49 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
|
|||||
| CVE-2022-34350 | 1 Ibm | 1 Api Connect | 2024-11-21 | N/A | 5.3 MEDIUM |
|
IBM API Connect 10.0.0.0 through 10.0.5.0, 10.0.1.0 through 10.0.1.7, and 2018.4.1.0 through 2018.4.1.20 is vulnerable to External Service Interaction attack, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to induce the application to perform server-side DNS lookups or HTTP requests to arbitrary domain names. By submitting suitable payloads, an attacker can cause the application server to attack other systems that it can interact with. I ...
Show More |
|||||
| CVE-2022-34164 | 1 Ibm | 1 Cics Tx | 2024-11-21 | N/A | 5.5 MEDIUM |
|
IBM CICS TX 11.1 could allow a local user to impersonate another legitimate user due to improper input validation. IBM X-Force ID: 229338.
|
|||||
| CVE-2022-34147 | 1 Intel | 82 Cm8ccb4r, Cm8ccb4r Firmware, Cm8i3cb4n and 79 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Improper input validation in BIOS firmware for some Intel(R) NUC 9 Extreme Laptop Kits, Intel(R) NUC Performance Kits, Intel(R) NUC Performance Mini PC, Intel(R) NUC 8 Compute Element, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board, and Intel(R) NUC Compute Element may allow a privileged user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2022-34146 | 1 Qualcomm | 194 Csr8811, Csr8811 Firmware, Ipq5010 and 191 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Transient DOS due to improper input validation in WLAN Host while parsing frame during defragmentation.
|
|||||
| CVE-2022-33964 | 1 Intel | 1 System Usage Report | 2024-11-21 | N/A | 7.4 HIGH |
|
Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
|
|||||
| CVE-2022-33945 | 1 Intel | 66 Compute Module Hns2600bpb, Compute Module Hns2600bpb24, Compute Module Hns2600bpb24 Firmware and 63 more | 2024-11-21 | N/A | 8.2 HIGH |
|
Improper input validation in some Intel(R) Server board and Intel(R) Server System BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2022-33894 | 1 Intel | 546 Core I3-1000g1, Core I3-1000g1 Firmware, Core I3-1000g4 and 543 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2022-33876 | 1 Fortinet | 1 Fortiadc | 2024-11-21 | N/A | 5.4 MEDIUM |
|
Multiple instances of improper input validation vulnerability in Fortinet FortiADC version 7.1.0, version 7.0.0 through 7.0.2 and version 6.2.4 and below allows an authenticated attacker to retrieve files with specific extension from the underlying Linux system via crafted HTTP requests.
|
|||||
| CVE-2022-33754 | 1 Broadcom | 1 Ca Automic Automation | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code.
|
|||||
| CVE-2022-33752 | 1 Broadcom | 1 Ca Automic Automation | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
CA Automic Automation 12.2 and 12.3 contain an insufficient input validation vulnerability in the Automic agent that could allow a remote attacker to potentially execute arbitrary code.
|
|||||
| CVE-2022-33729 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.9 MEDIUM |
|
Improper restriction of broadcasting Intent in ConfirmConnectActivity of?NFC prior to SMR Aug-2022 Release 1 leaks MAC address of the connected Bluetooth device.
|
|||||
| CVE-2022-33719 | 1 Google | 1 Android | 2024-11-21 | N/A | 8.6 HIGH |
|
Improper input validation in baseband prior to SMR Aug-2022 Release 1 allows attackers to cause integer overflow to heap overflow.
|
|||||
| CVE-2022-33715 | 1 Google | 1 Android | 2024-11-21 | N/A | 5.3 MEDIUM |
|
Improper access control and path traversal vulnerability in LauncherProvider prior to SMR Aug-2022 Release 1 allow local attacker to access files of One UI.
|
|||||
| CVE-2022-33710 | 1 Samsung | 1 Galaxy Store | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Improper input validation vulnerability in BillingPackageInsraller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.
|
|||||
| CVE-2022-33709 | 1 Samsung | 1 Galaxy Store | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Improper input validation vulnerability in ApexPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.
|
|||||
| CVE-2022-33708 | 1 Samsung | 1 Galaxy Store | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Improper input validation vulnerability in AppsPackageInstaller in Galaxy Store prior to version 4.5.41.8 allows local attackers to launch activities as Galaxy Store privilege.
|
|||||
| CVE-2022-33704 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 8.5 HIGH |
|
Improper validation vulnerability in ucmRetParcelable of KnoxSDK prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities.
|
|||||
| CVE-2022-33703 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 8.5 HIGH |
|
Improper validation vulnerability in CACertificateInfo prior to SMR Jul-2022 Release 1 allows attackers to launch certain activities.
|
|||||
| CVE-2022-33690 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 4.0 MEDIUM |
|
Improper input validation in Contacts Storage prior to SMR Jul-2022 Release 1 allows attacker to access arbitrary file.
|
|||||
| CVE-2022-33216 | 1 Qualcomm | 36 Qam8295p, Qam8295p Firmware, Qca6574a and 33 more | 2024-11-21 | N/A | 6.0 MEDIUM |
|
Transient Denial-of-service in Automotive due to improper input validation while parsing ELF file.
|
|||||
| CVE-2022-33211 | 1 Qualcomm | 24 Mdm8207, Mdm8207 Firmware, Mdm9205 and 21 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
memory corruption in modem due to improper check while calculating size of serialized CoAP message
|
|||||
| CVE-2022-33190 | 1 Intel | 1 System Usage Report | 2024-11-21 | N/A | 7.1 HIGH |
|
Improper input validation in the Intel(R) SUR software before version 2.4.8902 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2022-32766 | 1 Intel | 2 Compute Stick Stk2mv64cc, Compute Stick Stk2mv64cc Firmware | 2024-11-21 | N/A | 7.2 HIGH |
|
Improper input validation for some Intel(R) BIOS firmware may allow a privileged user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2022-32591 | 2 Google, Mediatek | 38 Android, Mt6580, Mt6739 and 35 more | 2024-11-21 | N/A | 7.5 HIGH |
|
In ril, there is a possible system crash due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07257259; Issue ID: ALPS07257259.
|
|||||
| CVE-2022-32577 | 1 Intel | 6 Nuc5cpyh, Nuc5cpyh Firmware, Nuc5pgyh and 3 more | 2024-11-21 | N/A | 3.4 LOW |
|
Improper input validation in BIOS Firmware for some Intel(R) NUC Kits before version PY0081 may allow a privileged user to potentially enable information disclosure or denial of service via local access
|
|||||
| CVE-2022-32534 | 1 Bosch | 2 Pra-es8p2s, Pra-es8p2s Firmware | 2024-11-21 | 10.0 HIGH | 8.8 HIGH |
|
The Bosch Ethernet switch PRA-ES8P2S with software version 1.01.05 and earlier was found to be vulnerable to command injection through its diagnostics web interface. This allows execution of shell commands.
|
|||||
| CVE-2022-32492 | 1 Dell | 4 Bios, Precision 5820 Tower, Precision 7820 Tower and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
|
|||||
| CVE-2022-32490 | 1 Dell | 6 Edge Gateway 3000, Edge Gateway 3000 Firmware, Edge Gateway 5000 and 3 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
|
|||||
| CVE-2022-32489 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2024-11-21 | N/A | 8.2 HIGH |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
|
|||||
| CVE-2022-32488 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2024-11-21 | N/A | 8.2 HIGH |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
|
|||||
| CVE-2022-32487 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
|
|||||
| CVE-2022-32486 | 1 Dell | 4 Bios, Precision 5820 Tower, Precision 7820 Tower and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
|
|||||
| CVE-2022-32485 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
|
|||||
| CVE-2022-32484 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2024-11-21 | N/A | 5.6 MEDIUM |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
|
|||||
| CVE-2022-32483 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2024-11-21 | N/A | 5.6 MEDIUM |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
|
|||||
| CVE-2022-32482 | 1 Dell | 378 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 375 more | 2024-11-21 | N/A | 5.6 MEDIUM |
|
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
|
|||||
| CVE-2022-32253 | 1 Siemens | 1 Sinema Remote Connect Server | 2024-11-21 | 5.0 MEDIUM | 4.9 MEDIUM |
|
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). Due to improper input validation, the OpenSSL certificate's password could be printed to a file reachable by an attacker.
|
|||||