Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-36868 | 1 Google | 1 Android | 2022-10-11 | N/A | 3.3 LOW |
| Improper restriction of broadcasting Intent in MouseNKeyHidDevice prior to SMR Oct-2022 Release 1 leaks MAC address of the connected Bluetooth device. | |||||
| CVE-2022-39855 | 1 Google | 1 Android | 2022-10-11 | N/A | 4.3 MEDIUM |
| Improper access control vulnerability in FACM application prior to SMR Oct-2022 Release 1 allows a local attacker to connect arbitrary AP and Bluetooth devices. | |||||
| CVE-2022-39851 | 1 Google | 1 Android | 2022-10-11 | N/A | 3.3 LOW |
| Improper access control vulnerability in CocktailBarService prior to SMR Oct-2022 Release 1 allows local attacker to bind service that require BIND_REMOTEVIEWS permission. | |||||
| CVE-2022-39849 | 1 Google | 1 Android | 2022-10-08 | N/A | 3.3 LOW |
| Improper access control in knox_vpn_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data. | |||||
| CVE-2022-39850 | 1 Google | 1 Android | 2022-10-08 | N/A | 3.3 LOW |
| Improper access control in mum_container_policy service prior to SMR Oct-2022 Release 1 allows allows unauthorized read of configuration data. | |||||
| CVE-2022-39854 | 2 Google, Samsung | 2 Android, Exynos | 2022-10-08 | N/A | 7.8 HIGH |
| Improper protection in IOMMU prior to SMR Oct-2022 Release 1 allows unauthorized access to secure memory. | |||||
| CVE-2022-39856 | 1 Google | 1 Android | 2022-10-08 | N/A | 3.3 LOW |
| Improper access control vulnerability in imsservice application prior to SMR Oct-2022 Release 1 allows local attackers to access call information. | |||||
| CVE-2019-20218 | 4 Canonical, Debian, Oracle and 1 more | 4 Ubuntu Linux, Debian Linux, Mysql Workbench and 1 more | 2022-10-07 | 5.0 MEDIUM | 7.5 HIGH |
| selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error. | |||||
| CVE-2021-46167 | 1 Wizplat | 2 Pd065, Pd065 Firmware | 2022-10-07 | 4.6 MEDIUM | 7.8 HIGH |
| An access control issue in the authentication module of wizplat PD065 v1.19 allows attackers to access sensitive data and cause a Denial of Service (DoS). | |||||
| CVE-2021-39911 | 1 Gitlab | 1 Gitlab | 2022-10-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| An improper access control flaw in all versions of GitLab CE/EE starting from 13.9 before 14.2.6, all versions starting from 14.3 before 14.3.4, and all versions starting from 14.4 before 14.4.1 exposes private email address of Issue and Merge Requests assignee to Webhook data consumers | |||||
| CVE-2021-39888 | 1 Gitlab | 1 Gitlab | 2022-10-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| In all versions of GitLab EE starting from 13.10 before 14.1.7, all versions starting from 14.2 before 14.2.5, and all versions starting from 14.3 before 14.3.1 a specific API endpoint may reveal details about a private group and other sensitive info inside issue and merge request templates. | |||||
| CVE-2021-39883 | 1 Gitlab | 1 Gitlab | 2022-10-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| Improper authorization checks in all versions of GitLab EE starting from 13.11 before 14.1.7, all versions starting from 14.2 before 14.2.5, and all versions starting from 14.3 before 14.3.1 allows subgroup members to see epics from all parent subgroups. | |||||
| CVE-2020-35167 | 2 Dell, Oracle | 6 Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite, Database and 3 more | 2022-10-06 | 7.5 HIGH | 9.8 CRITICAL |
| Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. | |||||
| CVE-2020-35168 | 2 Dell, Oracle | 6 Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite, Database and 3 more | 2022-10-06 | 7.5 HIGH | 9.8 CRITICAL |
| Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. | |||||
| CVE-2020-35164 | 2 Dell, Oracle | 6 Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite, Database and 3 more | 2022-10-06 | 7.5 HIGH | 8.1 HIGH |
| Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. | |||||
| CVE-2021-4159 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2022-10-06 | N/A | 4.4 MEDIUM |
| A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel. | |||||
| CVE-2014-8312 | 1 Sap | 1 Netweaver Abap | 2022-10-06 | 3.5 LOW | N/A |
| Business Warehouse (BW) in SAP Netweaver AS ABAP 7.31 allows remote authenticated users to obtain sensitive information via a request to the RSDU_CCMS_GET_PROFILE_PARAM RFC function. | |||||
| CVE-2021-33677 | 1 Sap | 2 Netweaver Abap, Netweaver Application Server Abap | 2022-10-06 | 5.0 MEDIUM | 7.5 HIGH |
| SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 702, 730, 731, 804, 740, 750, 784, expose functions to external which can lead to information disclosure. | |||||
| CVE-2021-38178 | 1 Sap | 2 Netweaver Abap, Netweaver Application Server Abap | 2022-10-06 | 6.5 MEDIUM | 8.8 HIGH |
| The software logistics system of SAP NetWeaver AS ABAP and ABAP Platform versions - 700, 701, 702, 710, 730, 731, 740, 750, 751, 752, 753, 754, 755, 756, enables a malicious user to transfer ABAP code artifacts or content, by-passing the established quality gates. By this vulnerability malicious code can reach quality and production, and can compromise the confidentiality, integrity, and availability of the system and its data. | |||||
| CVE-2015-1309 | 1 Sap | 1 Netweaver Abap | 2022-10-06 | 5.0 MEDIUM | N/A |
| XML external entity vulnerability in the Extended Computer Aided Test Tool (eCATT) in SAP NetWeaver AS ABAP 7.31 and earlier allows remote attackers to access arbitrary files via a crafted XML request, related to ECATT_DISPLAY_XMLSTRING_REMOTE, aka SAP Note 2016638. | |||||