Search Results (362833 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-20616 2 Google, Mediatek 45 Android, Mt6580, Mt6735 and 42 more 2025-03-26 6.7 Medium
In ion, there is a possible out of bounds read due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560720; Issue ID: ALPS07560720.
CVE-2023-20615 2 Google, Mediatek 37 Android, Mt6739, Mt6761 and 34 more 2025-03-26 6.7 Medium
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629572; Issue ID: ALPS07629572.
CVE-2022-48164 1 Wavlink 2 Wl-wn533a8, Wl-wn533a8 Firmware 2025-03-26 7.5 High
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to download configuration data and log files and obtain admin credentials.
CVE-2022-48114 1 Ruoyi 1 Ruoyi 2025-03-26 9.8 Critical
RuoYi up to v4.7.5 was discovered to contain a SQL injection vulnerability via the component /tool/gen/createTable.
CVE-2022-48113 1 Totolink 2 N200re-v5, N200re-v5 Firmware 2025-03-26 9.8 Critical
A vulnerability in TOTOLINK N200RE_v5 firmware V9.3.5u.6139 allows unauthenticated attackers to access the telnet service via a crafted POST request. Attackers are also able to leverage this vulnerability to login as root via hardcoded credentials.
CVE-2022-48085 1 Softr 1 Softr 2025-03-26 5.4 Medium
Softr v2.0 was discovered to contain a HTML injection vulnerability via the Work Space Name parameter.
CVE-2022-48082 1 Easyone 1 Easyone Crm 2025-03-26 9.8 Critical
Easyone CRM v5.50.02 was discovered to contain a SQL Injection vulnerability via the text parameter at /Services/Misc.asmx/SearchTag.
CVE-2022-48078 1 Pycdc Project 1 Pycdc 2025-03-26 9.8 Critical
pycdc commit 44a730f3a889503014fec94ae6e62d8401cb75e5 was discovered to contain a stack overflow via the component ASTree.cpp:BuildFromCode.
CVE-2022-45589 1 Talend 1 Esb Runtime 2025-03-26 7.2 High
All versions before 8.0.1-R2022-10-RT and 7.3.1-R2022-09-RT of the Talend ESB Runtime are potentially vulnerable to SQL Injection attacks in the provisioning service only. Users of the provisioning service should upgrade to either 8.0.1-R2022-10-RT or 7.3.1-R2022-09-RT or a later release and use it in place of the previous version.
CVE-2022-32656 1 Mediatek 60 Mt5221, Mt5221 Firmware, Mt7603 and 57 more 2025-03-26 6.7 Medium
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705035; Issue ID: GN20220705035.
CVE-2022-32655 1 Mediatek 60 Mt5221, Mt5221 Firmware, Mt7603 and 57 more 2025-03-26 6.7 Medium
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705028; Issue ID: GN20220705028.
CVE-2022-32654 1 Mediatek 60 Mt5221, Mt5221 Firmware, Mt7603 and 57 more 2025-03-26 6.7 Medium
In Wi-Fi driver, there is a possible undefined behavior due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220705011; Issue ID: GN20220705011.
CVE-2022-32643 2 Google, Mediatek 4 Android, Mt6879, Mt6895 and 1 more 2025-03-26 6.4 Medium
In ccd, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341261; Issue ID: ALPS07341261.
CVE-2022-32642 2 Google, Mediatek 4 Android, Mt6879, Mt6895 and 1 more 2025-03-26 6.4 Medium
In ccd, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326547; Issue ID: ALPS07326547.
CVE-2022-32595 2 Google, Mediatek 33 Android, Mt6762, Mt6765 and 30 more 2025-03-26 4.4 Medium
In widevine, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446236; Issue ID: ALPS07446236.
CVE-2020-23438 1 Wondershare 1 Filmora 2025-03-26 7.8 High
Wondershare filmora 9.2.11 is affected by Trojan Dll hijacking leading to privilege escalation.
CVE-2023-0610 1 Wallabag 1 Wallabag 2025-03-26 4.3 Medium
Improper Authorization in GitHub repository wallabag/wallabag prior to 2.5.3.
CVE-2022-45100 1 Dell 1 Emc Powerscale Onefs 2025-03-26 8.1 High
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contains an Improper Certificate Validation vulnerability. An remote unauthenticated attacker could potentially exploit this vulnerability, leading to a full compromise of the system.
CVE-2022-45102 1 Dell 5 Dp4400, Dp4400 Firmware, Dp5900 and 2 more 2025-03-26 5.4 Medium
Dell EMC Data Protection Central, versions 19.1 through 19.7, contains a Host Header Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary \u2018Host\u2019 header values to poison a web cache or trigger redirections.
CVE-2023-22574 1 Dell 1 Emc Powerscale Onefs 2025-03-26 8.1 High
Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in platform API of IPMI module. A low-privileged user with permission to read logs on the cluster could potentially exploit this vulnerability, leading to Information disclosure and denial of service.