Total
29597 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-33701 | 1 Google | 1 Android | 2024-11-21 | 3.3 Low |
| Improper access control vulnerability in KnoxCustomManagerService prior to SMR Jul-2022 Release 1 allows attacker to call PowerManaer.goToSleep method which is protected by system permission by sending braodcast intent. | ||||
| CVE-2022-33689 | 1 Google | 1 Android | 2024-11-21 | 6.2 Medium |
| Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows attackers to change preferred network type by unprotected binder call. | ||||
| CVE-2022-33685 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Unprotected dynamic receiver in Wearable Manager Service prior to SMR Jul-2022 Release 1 allows attacker to launch arbitray activity and access senstive information. | ||||
| CVE-2022-33311 | 1 Cybozu | 1 Office | 2024-11-21 | 4.3 Medium |
| Browse restriction bypass vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Address Book via unspecified vectors. | ||||
| CVE-2022-33243 | 1 Qualcomm | 314 Apq8096au, Apq8096au Firmware, Aqt1000 and 311 more | 2024-11-21 | 8.4 High |
| Memory corruption due to improper access control in Qualcomm IPC. | ||||
| CVE-2022-33173 | 1 Couchbase | 1 Couchbase Server | 2024-11-21 | 7.5 High |
| An algorithm-downgrade issue was discovered in Couchbase Server before 7.0.4. Analytics Remote Links may temporarily downgrade to non-TLS connection to determine the TLS port number, using SCRAM-SHA instead. | ||||
| CVE-2022-33172 | 1 Bund | 1 De.fac2 | 2024-11-21 | 5.5 Medium |
| de.fac2 1.34 allows bypassing the User Presence protection mechanism when there is malware on the victim's PC. | ||||
| CVE-2022-33124 | 1 Aiohttp | 1 Aiohttp | 2024-11-21 | 5.5 Medium |
| AIOHTTP 3.8.1 can report a "ValueError: Invalid IPv6 URL" outcome, which can lead to a Denial of Service (DoS). NOTE: multiple third parties dispute this issue because there is no example of a context in which denial of service would occur, and many common contexts have exception handing in the calling application | ||||
| CVE-2022-32993 | 1 Totolink | 2 A7000r, A7000r Firmware | 2024-11-21 | 9.8 Critical |
| TOTOLINK A7000R V4.1cu.4134 was discovered to contain an access control issue via /cgi-bin/ExportSettings.sh. | ||||
| CVE-2022-32959 | 1 Hinet | 1 Hicos Natural Person Credential Component Client | 2024-11-21 | 6.8 Medium |
| HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for OS information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system data or terminate service. | ||||
| CVE-2022-32583 | 1 Cybozu | 1 Office | 2024-11-21 | 4.3 Medium |
| Operation restriction bypass vulnerability in Scheduler of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to alter the data of Scheduler via unspecified vectors. | ||||
| CVE-2022-32544 | 1 Cybozu | 1 Office | 2024-11-21 | 4.3 Medium |
| Operation restriction bypass vulnerability in Project of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to alter the data of Project via unspecified vectors. | ||||
| CVE-2022-32430 | 1 Talelin | 1 Lin-cms-spring-boot | 2024-11-21 | 7.5 High |
| An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers to access the backend information and functions within the application. | ||||
| CVE-2022-32261 | 1 Siemens | 1 Sinema Remote Connect Server | 2024-11-21 | 5.3 Medium |
| A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a misconfiguration in the APT update. This could allow an attacker to add insecure packages to the application. | ||||
| CVE-2022-32260 | 1 Siemens | 1 Sinema Remote Connect Server | 2024-11-21 | 6.5 Medium |
| A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application creates temporary user credentials for UMC (User Management Component) users. An attacker could use these temporary credentials for authentication bypass in certain scenarios. | ||||
| CVE-2022-32259 | 1 Siemens | 1 Sinema Remote Connect Server | 2024-11-21 | 6.5 Medium |
| A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The system images for installation or update of the affected application contain unit test scripts with sensitive information. An attacker could gain information about testing architecture and also tamper with test configuration. | ||||
| CVE-2022-32258 | 1 Siemens | 1 Sinema Remote Connect Server | 2024-11-21 | 5.3 Medium |
| A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains an older feature that allows to import device configurations via a specific endpoint. An attacker could use this vulnerability for information disclosure. | ||||
| CVE-2022-32256 | 1 Siemens | 1 Sinema Remote Connect Server | 2024-11-21 | 4.3 Medium |
| A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to low privileged users accessing privileged information. | ||||
| CVE-2022-32255 | 1 Siemens | 1 Sinema Remote Connect Server | 2024-11-21 | 5.3 Medium |
| A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to unauthorized access to limited information. | ||||
| CVE-2022-31884 | 1 Marvalglobal | 1 Marval Msm | 2024-11-21 | 6.5 Medium |
| Marval MSM v14.19.0.12476 has an Improper Access Control vulnerability which allows a low privilege user to delete other users API Keys including high privilege and the Administrator users API Keys. | ||||