Search Results (363307 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-27580 1 Sick 1 Safety Designer 2024-11-21 7.8 High
A deserialization vulnerability in a .NET framework class used and not properly checked by Safety Designer all versions up to and including 1.11.0 allows an attacker to craft malicious project files. Opening/importing such a malicious project file would execute arbitrary code with the privileges of the current user when opened or imported by the Safety Designer. This compromises confidentiality integrity and availability. For the attack to succeed a user must manually open a malicious project file.
CVE-2022-27579 1 Sick 1 Flexi Soft Designer 2024-11-21 7.8 High
A deserialization vulnerability in a .NET framework class used and not properly checked by Flexi Soft Designer in all versions up to and including 1.9.4 SP1 allows an attacker to craft malicious project files. Opening/importing such a malicious project file would execute arbitrary code with the privileges of the current user when opened or imported by the Flexi Soft Designer. This compromises confidentiality integrity and availability. For the attack to succeed a user must manually open a malicious project file.
CVE-2022-27578 1 Sick 1 Overall Equipment Effectiveness 2024-11-21 7.8 High
An attacker can perform a privilege escalation through the SICK OEE if the application is installed in a directory where non authenticated or low privilege users can modify its content.
CVE-2022-27577 1 Sick 2 Msc800, Msc800 Firmware 2024-11-21 9.1 Critical
The vulnerability in the MSC800 in all versions before 4.15 allows for an attacker to predict the TCP initial sequence number. When the TCP sequence is predictable, an attacker can send packets that are forged to appear to come from a trusted computer. These forged packets could compromise services on the MSC800. SICK has released a new firmware version of the SICK MSC800 and recommends updating to the newest version.
CVE-2022-27576 1 Google 1 Android 2024-11-21 3.3 Low
Information exposure vulnerability in Samsung DeX Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission
CVE-2022-27575 1 Google 1 Android 2024-11-21 3.3 Low
Information exposure vulnerability in One UI Home prior to SMR April-2022 Release 1 allows to access currently launched foreground app information without permission.
CVE-2022-27574 1 Google 1 Android 2024-11-21 4.4 Medium
Improper input validation vulnerability in parser_iloc and sheifd_find_itemIndexin fuctions of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by privileged attacker.
CVE-2022-27573 1 Google 1 Android 2024-11-21 4.4 Medium
Improper input validation vulnerability in parser_infe and sheifd_find_itemIndexin fuctions of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by privileged attackers.
CVE-2022-27572 1 Google 1 Android 2024-11-21 8.1 High
Heap-based buffer overflow vulnerability in parser_ipma function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers.
CVE-2022-27571 1 Google 1 Android 2024-11-21 8.1 High
Heap-based buffer overflow vulnerability in sheifd_get_info_image function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.
CVE-2022-27570 1 Google 1 Android 2024-11-21 8.1 High
Heap-based buffer overflow vulnerability in parser_single_iref function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.
CVE-2022-27569 1 Google 1 Android 2024-11-21 8.1 High
Heap-based buffer overflow vulnerability in parser_infe function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.
CVE-2022-27568 1 Google 1 Android 2024-11-21 8.1 High
Heap-based buffer overflow vulnerability in parser_iloc function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker.
CVE-2022-27567 1 Google 1 Android 2024-11-21 5.9 Medium
Null pointer dereference vulnerability in parser_hvcC function of libsimba library prior to SMR Apr-2022 Release 1 allows out of bounds write by remote attackers.
CVE-2022-27563 1 Hcltech 1 Versionvault Express 2024-11-21 7.5 High
An unauthenticated user can overload a part of HCL VersionVault Express and cause a denial of service.
CVE-2022-27561 1 Hcltech 1 Traveler 2024-11-21 7.5 High
There is a reflected Cross-Site Scripting vulnerability in the HCL Traveler web admin (LotusTraveler.nsf).
CVE-2022-27560 1 Hcltech 1 Versionvault Express 2024-11-21 6 Medium
HCL VersionVault Express exposes administrator credentials.
CVE-2022-27558 1 Hcltech 2 Domino, Hcl Inotes 2024-11-21 5.9 Medium
HCL iNotes is susceptible to a Broken Password Strength Checks vulnerability. Custom password policies are not enforced on certain iNotes forms which could allow users to set weak passwords, leading to easier cracking.
CVE-2022-27551 1 Hcltechsw 1 Hcl Launch 2024-11-21 5.3 Medium
HCL Launch could allow an authenticated user to obtain sensitive information in some instances due to improper security checking.
CVE-2022-27549 1 Hcltechsw 1 Hcl Launch 2024-11-21 4 Medium
HCL Launch may store certain data for recurring activities in a plain text format.