Latest CVE Feed
-
5.5
MEDIUMCVE-2022-36879
An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.... Read more
Affected Products : linux_kernel debian_linux active_iq_unified_manager h410c_firmware a700s_firmware e-series_santricity_os_controller h300s_firmware h500s_firmware h700s_firmware h410s_firmware +33 more products- Published: Jul. 27, 2022
- Modified: May. 05, 2025
-
5.5
MEDIUMCVE-2015-9218
In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD... Read more
Affected Products : android sdm660_firmware sd_450_firmware sd_625_firmware sd_820_firmware sd_835_firmware msm8909w_firmware sdm630_firmware sdm636_firmware sd_410_firmware +39 more products- Published: Apr. 18, 2018
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-36848
Improper Authorization vulnerability in setDualDARPolicyCmd prior to SMR Sep-2022 Release 1 allows local attackers to cause local permanent denial of service.... Read more
- Published: Sep. 09, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-36442
An issue was discovered in Zebra Enterprise Home Screen 4.1.19. By using the embedded Google Chrome application, it is possible to install an unauthorized application via a downloaded APK.... Read more
Affected Products : enterprise_home_screen- Published: Jan. 10, 2023
- Modified: May. 30, 2025
-
5.5
MEDIUMCVE-2022-36349
Insecure default variable initialization in BIOS firmware for some Intel(R) NUC Boards and Intel(R) NUC Kits before version MYi30060 may allow an authenticated user to potentially enable denial of service via local access.... Read more
- Published: Nov. 11, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-36145
SWFMill commit 53d7690 was discovered to contain a segmentation violation via SWF::Reader::getWord().... Read more
Affected Products : swfmill- Published: Aug. 16, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-36314
When opening a Windows shortcut from the local filesystem, an attacker could supply a remote path that would lead to unexpected network requests from the operating system.<br>This bug only affects Firefox for Windows. Other operating systems are unaffecte... Read more
- Published: Dec. 22, 2022
- Modified: Apr. 15, 2025
-
5.5
MEDIUMCVE-2022-36088
GoCD is a continuous delivery server. Windows installations via either the server or agent installers for GoCD prior to 22.2.0 do not adequately restrict permissions when installing outside of the default location. This could allow a malicious user with l... Read more
- Published: Sep. 07, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-36141
SWFMill commit 53d7690 was discovered to contain a segmentation violation via SWF::MethodBody::write(SWF::Writer*, SWF::Context*).... Read more
Affected Products : swfmill- Published: Aug. 16, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-36021
Redis is an in-memory database that persists on disk. Authenticated users can use string matching commands (like `SCAN` or `KEYS`) with a specially crafted pattern to trigger a denial-of-service attack on Redis, causing it to hang and consume 100% CPU tim... Read more
Affected Products : redis- Published: Mar. 01, 2023
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2020-12290
Improper access control in some Intel(R) Thunderbolt(TM) controllers may allow an authenticated user to potentially enable denial of service via local access.... Read more
Affected Products : jhl6240_thunderbolt_3_firmware jhl6340_thunderbolt_3_firmware jhl6540_thunderbolt_3_firmware jhl7040_thunderbolt_3_retimer_firmware jhl7340_thunderbolt_3_firmware jhl7440_thunderbolt_3_firmware jhl7540_thunderbolt_3_firmware jhl8010r_usb_retimer_firmware dsl5320_thunderbolt_2_firmware dsl5520_thunderbolt_2_firmware +16 more products- Published: Jun. 09, 2021
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-35977
Redis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SETRANGE` and `SORT(_RO)` commands can trigger an integer overflow, resulting with Redis attempting to allocate impossible amounts of memory and abort wit... Read more
Affected Products : redis- Published: Jan. 20, 2023
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-35831
Windows Remote Access Connection Manager Information Disclosure Vulnerability... Read more
Affected Products : windows_10 windows_8.1 windows_rt_8.1 windows_server_2012 windows_server_2016 windows_server_2019 windows_10_1607 windows_10_1809 windows_10_20h2 windows_10_21h2 +7 more products- Published: Sep. 13, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-35720
IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms during installation that could allow a local attacker to decrypt sensitive information. IBM X-Force ID: 231373.... Read more
Affected Products : linux_kernel aix sterling_external_authentication_server sterling_secure_proxy windows linux_on_ibm_z- Published: Feb. 08, 2023
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-35668
Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an Improper Input Validation vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage th... Read more
- Published: Aug. 11, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-35631
On MacOS and Linux, it may be possible to perform a symlink attack by replacing this predictable file name with a symlink to another file and have the Velociraptor client overwrite the other file. This issue was resolved in Velociraptor 0.6.5-2.... Read more
- Published: Jul. 29, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-35691
Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in ... Read more
- Published: Oct. 14, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-35434
jpeg-quantsmooth before commit 8879454 contained a floating point exception (FPE) via /jpeg-quantsmooth/jpegqs+0x4f5d6c.... Read more
Affected Products : jpeg_quant_smooth- Published: Aug. 16, 2022
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-35205
An issue was discovered in Binutils readelf 2.38.50, reachable assertion failure in function display_debug_names allows attackers to cause a denial of service.... Read more
Affected Products : binutils- Published: Aug. 22, 2023
- Modified: Nov. 21, 2024
-
5.5
MEDIUMCVE-2022-35166
libjpeg commit 842c7ba was discovered to contain an infinite loop via the component JPEG::ReadInternal.... Read more
Affected Products : libjpeg- Published: Aug. 18, 2022
- Modified: Nov. 21, 2024