Total
638 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-31846 | 1 Wavlink | 2 Wn535g3, Wn535g3 Firmware | 2022-06-23 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in live_mfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function. | |||||
| CVE-2022-31845 | 1 Wavlink | 2 Wn535g3, Wn535g3 Firmware | 2022-06-23 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in live_check.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function. | |||||
| CVE-2020-36532 | 1 Klapp | 1 App | 2022-06-15 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability has been found in Klapp App and classified as problematic. This vulnerability affects unknown code of the component Authorization. The manipulation leads to information disclosure (Credentials). The attack can be initiated remotely. It is recommended to upgrade the affected app. | |||||
| CVE-2022-26869 | 1 Dell | 3 Powerstore T, Powerstore X, Powerstoreos | 2022-06-13 | 7.5 HIGH | 9.8 CRITICAL |
| Dell PowerStore versions 2.0.0.x, 2.0.1.x and 2.1.0.x contains an open port vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to information disclosure and arbitrary code execution. | |||||
| CVE-2022-30734 | 1 Samsung | 1 Account | 2022-06-11 | 5.0 MEDIUM | 5.3 MEDIUM |
| Sensitive information exposure in Sign-out log in Samsung Account prior to version 13.2.00.6 allows attackers to get an user email or phone number without permission. | |||||
| CVE-2022-30732 | 1 Samsung | 1 Account | 2022-06-11 | 5.0 MEDIUM | 7.5 HIGH |
| Exposure of Sensitive Information vulnerability in Samsung Account prior to version 13.2.00.6 allows attacker to access sensitive information via onActivityResult. | |||||
| CVE-2022-30728 | 1 Google | 1 Android | 2022-06-11 | 2.1 LOW | 3.3 LOW |
| Information exposure vulnerability in ScanPool prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information. | |||||
| CVE-2022-30714 | 1 Google | 1 Android | 2022-06-11 | 2.1 LOW | 3.3 LOW |
| Information exposure vulnerability in SemIWCMonitor prior to SMR Jun-2022 Release 1 allows local attackers to get MAC address information. | |||||
| CVE-2022-28794 | 1 Google | 1 Android | 2022-06-11 | 2.1 LOW | 3.3 LOW |
| Sensitive information exposure in low-battery dumpstate log prior to SMR Jun-2022 Release 1 allows local attackers to get SIM card information. | |||||
| CVE-2018-4048 | 1 Gog | 1 Galaxy | 2022-06-07 | 7.2 HIGH | 7.8 HIGH |
| An exploitable local privilege elevation vulnerability exists in the file system permissions of the `Temp` directory in GOG Galaxy 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of the Desktop Galaxy Updater to exploit this vulnerability and execute arbitrary code with SYSTEM privileges. | |||||
| CVE-2022-1467 | 1 Aveva | 2 Intouch Access Anywhere, Plant Scada Access Anywhere | 2022-06-07 | 8.5 HIGH | 9.9 CRITICAL |
| Windows OS can be configured to overlay a “language bar” on top of any application. When this OS functionality is enabled, the OS language bar UI will be viewable in the browser alongside the AVEVA InTouch Access Anywhere and Plant SCADA Access Anywhere applications. It is possible to manipulate the Windows OS language bar to launch an OS command prompt, resulting in a context-escape from application into OS. | |||||
| CVE-2022-29646 | 1 Totolink | 2 A3100r, A3100r Firmware | 2022-05-26 | 5.0 MEDIUM | 5.3 MEDIUM |
| An access control issue in TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 allows attackers to obtain sensitive information via a crafted web request. | |||||
| CVE-2022-28924 | 1 Universis | 1 Universis-students | 2022-05-26 | 4.0 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability in UniverSIS-Students before v1.5.0 allows attackers to obtain sensitive information via a crafted GET request to the endpoint /api/students/me/courses/. | |||||
| CVE-2022-22515 | 1 Codesys | 18 Control For Beaglebone Sl, Control For Beckhoff Cx9020, Control For Empc-a\/imx6 Sl and 15 more | 2022-05-12 | 4.9 MEDIUM | 8.1 HIGH |
| A remote, authenticated attacker could utilize the control program of the CODESYS Control runtime system to use the vulnerability in order to read and modify the configuration file(s) of the affected products. | |||||
| CVE-2021-26312 | 1 Amd | 114 Epyc 7232p, Epyc 7232p Firmware, Epyc 7251 and 111 more | 2022-05-11 | 2.1 LOW | 5.5 MEDIUM |
| Failure to flush the Translation Lookaside Buffer (TLB) of the I/O memory management unit (IOMMU) may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity. | |||||
| CVE-2021-22572 | 1 Google | 1 Data Transfer Project | 2022-05-10 | 2.1 LOW | 5.5 MEDIUM |
| On unix-like systems, the system temporary directory is shared between all users on that system. The root cause is File.createTempFile creates files in the the system temporary directory with world readable permissions. Any sensitive information written to theses files is visible to all other local users on unix-like systems. We recommend upgrading past commit https://github.com/google/data-transfer-project/pull/969 | |||||
| CVE-2022-27331 | 1 Zammad | 1 Zammad | 2022-05-05 | 4.0 MEDIUM | 4.3 MEDIUM |
| An access control issue in Zammad v5.0.3 broadcasts administrative configuration changes to all users who have an active application instance, including settings that should only be visible to authenticated users. | |||||
| CVE-2022-29820 | 1 Jetbrains | 1 Pycharm | 2022-05-05 | 3.3 LOW | 3.5 LOW |
| In JetBrains PyCharm before 2022.1 exposure of the debugger port to the internal network was possible | |||||
| CVE-2021-22385 | 1 Huawei | 2 Emui, Magic Ui | 2022-05-03 | 7.2 HIGH | 7.8 HIGH |
| A component of the Huawei smartphone has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution. | |||||
| CVE-2021-27236 | 1 Mutare | 1 Voice | 2022-05-03 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. getfile.asp allows Unauthenticated Local File Inclusion, which can be leveraged to achieve Remote Code Execution. | |||||