Total
12273 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-35893 | 1 Insyde | 1 Insydeh2o | 2025-05-05 | 8.2 High |
| An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM memory corruption vulnerability in the FvbServicesRuntimeDxe driver allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM. | ||||
| CVE-2022-35252 | 6 Apple, Debian, Haxx and 3 more | 21 Macos, Debian Linux, Curl and 18 more | 2025-05-05 | 3.7 Low |
| When curl is used to retrieve and parse cookies from a HTTP(S) server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings. | ||||
| CVE-2022-24382 | 1 Intel | 118 Lapbc510, Lapbc510 Firmware, Lapbc710 and 115 more | 2025-05-05 | 6.7 Medium |
| Improper input validation in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-23403 | 1 Intel | 1 Data Center Manager | 2025-05-05 | 5.5 Medium |
| Improper input validation in the Intel(R) Data Center Manager software before version 4.1 may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2022-23219 | 4 Debian, Gnu, Oracle and 1 more | 9 Debian Linux, Glibc, Communications Cloud Native Core Binding Support Function and 6 more | 2025-05-05 | 9.8 Critical |
| The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. | ||||
| CVE-2022-23218 | 4 Debian, Gnu, Oracle and 1 more | 5 Debian Linux, Glibc, Communications Cloud Native Core Unified Data Repository and 2 more | 2025-05-05 | 9.8 Critical |
| The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. | ||||
| CVE-2022-21687 | 1 Github | 1 Gh-ost | 2025-05-05 | 6.8 Medium |
| gh-ost is a triggerless online schema migration solution for MySQL. Versions prior to 1.1.3 are subject to an arbitrary file read vulnerability. The attacker must have access to the target host or trick an administrator into executing a malicious gh-ost command on a host running gh-ost, plus network access from host running gh-ost to the attack's malicious MySQL server. The `-database` parameter does not properly sanitize user input which can lead to arbitrary file reads. | ||||
| CVE-2022-21212 | 1 Intel | 18 Proset Wi-fi 6e Ax210, Proset Wi-fi 6e Ax210 Firmware, Wi-fi 6 Ax200 and 15 more | 2025-05-05 | 6.5 Medium |
| Improper input validation for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access. | ||||
| CVE-2022-21197 | 1 Intel | 18 Proset Wi-fi 6e Ax210, Proset Wi-fi 6e Ax210 Firmware, Wi-fi 6 Ax200 and 15 more | 2025-05-05 | 7.5 High |
| Improper input validation for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable denial of service via network access. | ||||
| CVE-2022-21181 | 1 Intel | 14 Dual Band Wireless-ac 8260, Dual Band Wireless-ac 8260 Firmware, Dual Band Wireless-ac 8265 and 11 more | 2025-05-05 | 7.8 High |
| Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-21180 | 1 Intel | 814 Celeron 5305u, Celeron 5305u Firmware, Celeron G3900 and 811 more | 2025-05-05 | 5.5 Medium |
| Improper input validation for some Intel(R) Processors may allow an authenticated user to potentially cause a denial of service via local access. | ||||
| CVE-2022-21136 | 1 Intel | 292 Core I9-7900x, Core I9-7900x Firmware, Core I9-7920x and 289 more | 2025-05-05 | 5.5 Medium |
| Improper input validation for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable denial of service via local access. | ||||
| CVE-2021-44545 | 1 Intel | 18 Killer Ac 1550, Killer Ac 1550 Firmware, Killer Wi-fi 6 Ax1650 and 15 more | 2025-05-05 | 6.5 Medium |
| Improper input validation for some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi products may allow an unauthenticated user to potentially enable denial of service via adjacent access. | ||||
| CVE-2021-44454 | 1 Intel | 1 Quartus Prime | 2025-05-05 | 7.8 High |
| Improper input validation in a third-party component for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2021-33155 | 1 Intel | 32 Ac3168, Ac3168 Firmware, Ac 1550 and 29 more | 2025-05-05 | 5.7 Medium |
| Improper input validation in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.100 may allow an authenticated user to potentially enable denial of service via adjacent access. | ||||
| CVE-2021-33115 | 1 Intel | 13 Ac 3165, Ac 3168, Ac 7265 and 10 more | 2025-05-05 | 8.8 High |
| Improper input validation for some Intel(R) PROSet/Wireless WiFi in UEFI may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | ||||
| CVE-2021-33114 | 2 Intel, Microsoft | 17 Ac 1550 Firmware, Ac 3165 Firmware, Ac 3168 Firmware and 14 more | 2025-05-05 | 5.7 Medium |
| Improper input validation for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 and 11 may allow an authenticated user to potentially enable denial of service via adjacent access. | ||||
| CVE-2021-33113 | 2 Intel, Microsoft | 17 Ac 1550 Firmware, Ac 3165 Firmware, Ac 3168 Firmware and 14 more | 2025-05-05 | 8.1 High |
| Improper input validation for some Intel(R) PROSet/Wireless WiFi in multiple operating systems and Killer(TM) WiFi in Windows 10 and 11 may allow an unauthenticated user to potentially enable denial of service or information disclosure via adjacent access. | ||||
| CVE-2021-33110 | 2 Intel, Microsoft | 17 Ac 1550 Firmware, Ac 3165 Firmware, Ac 3168 Firmware and 14 more | 2025-05-05 | 6.5 Medium |
| Improper input validation for some Intel(R) Wireless Bluetooth(R) products and Killer(TM) Bluetooth(R) products in Windows 10 and 11 before version 22.80 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | ||||
| CVE-2021-33108 | 1 Intel | 1 In-band Manageability | 2025-05-05 | 6.7 Medium |
| Improper input validation in the Intel(R) In-Band Manageability software before version 2.13.0 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||