Total
517 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-21820 | 2 Linux, Nvidia | 2 Linux Kernel, Data Center Gpu Manager | 2024-08-03 | 6.3 Medium |
| NVIDIA DCGM contains a vulnerability in nvhostengine, where a network user can cause detection of error conditions without action, which may lead to limited code execution, some denial of service, escalation of privileges, and limited impacts to both data confidentiality and integrity. | ||||
| CVE-2022-21813 | 2 Linux, Nvidia | 9 Linux Kernel, Cloud Gaming Guest, Geforce and 6 more | 2024-08-03 | 6.1 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service. | ||||
| CVE-2022-21814 | 2 Linux, Nvidia | 7 Linux Kernel, Geforce, Gpu Display Driver and 4 more | 2024-08-03 | 6.1 Medium |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel driver package, where improper handling of insufficient permissions or privileges may allow an unprivileged local user limited write access to protected memory, which can lead to denial of service. | ||||
| CVE-2022-21667 | 1 Soketi Project | 1 Soketi | 2024-08-03 | 7.5 High |
| soketi is an open-source WebSockets server. There is an unhandled case when reading POST requests which results in the server crashing if it could not read the body of a request. In the event that a POST request is sent to any endpoint of the server with an empty body, even unauthenticated with the Pusher Protocol, it will crash the server. All users that run the server are affected by this vulnerability and it's highly recommended to upgrade to the latest patch. There are no workarounds for this issue. | ||||
| CVE-2022-21676 | 1 Socket | 1 Engine.io | 2024-08-03 | 7.5 High |
| Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. This impacts all the users of the `engine.io` package starting from version `4.0.0`, including those who uses depending packages like `socket.io`. Versions prior to `4.0.0` are not impacted. A fix has been released for each major branch, namely `4.1.2` for the `4.x.x` branch, `5.2.1` for the `5.x.x` branch, and `6.1.1` for the `6.x.x` branch. There is no known workaround except upgrading to a safe version. | ||||
| CVE-2022-21218 | 1 Intel | 1 Trace Analyzer And Collector | 2024-08-03 | 5.5 Medium |
| Uncaught exception in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2022-21155 | 4 Apple, Fernhillsoftware, Linux and 1 more | 4 Macos, Scada Server, Linux Kernel and 1 more | 2024-08-03 | 7.5 High |
| A specially crafted packet sent to the Fernhill SCADA Server Version 3.77 and earlier may cause an exception, causing the server process (FHSvrService.exe) to exit. | ||||
| CVE-2022-20854 | 1 Cisco | 2 Firepower Management Center, Firepower Threat Defense | 2024-08-03 | 7.5 High |
| A vulnerability in the processing of SSH connections of Cisco Firepower Management Center (FMC) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper error handling when an SSH session fails to be established. An attacker could exploit this vulnerability by sending a high rate of crafted SSH connections to the instance. A successful exploit could allow the attacker to cause resource exhaustion, resulting in a reboot on the affected device. | ||||
| CVE-2022-20500 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In loadFromXml of ShortcutPackage.java, there is a possible crash on boot due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-246540168 | ||||
| CVE-2022-20414 | 1 Google | 1 Android | 2024-08-03 | 5.5 Medium |
| In setImpl of AlarmManagerService.java, there is a possible way to put a device into a boot loop due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-234441463 | ||||
| CVE-2022-20253 | 1 Google | 1 Android | 2024-08-03 | 6.5 Medium |
| In Bluetooth, there is a possible cleanup failure due to an uncaught exception. This could lead to remote denial of service in Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224545125 | ||||
| CVE-2022-20088 | 2 Google, Mediatek | 46 Android, Mt6580, Mt6731 and 43 more | 2024-08-03 | 7.8 High |
| In aee driver, there is a possible reference count mistake due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06209201; Issue ID: ALPS06209201. | ||||
| CVE-2022-20111 | 2 Google, Mediatek | 53 Android, Mt6580, Mt6735 and 50 more | 2024-08-03 | 8.4 High |
| In ion, there is a possible use after free due to incorrect error handling. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366069; Issue ID: ALPS06366069. | ||||
| CVE-2022-20076 | 2 Google, Mediatek | 63 Android, Mt6580, Mt6731 and 60 more | 2024-08-03 | 4.4 Medium |
| In ged, there is a possible memory corruption due to an incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05838808; Issue ID: ALPS05839556. | ||||
| CVE-2022-20057 | 2 Google, Mediatek | 23 Android, Mt6739, Mt6758 and 20 more | 2024-08-03 | 6.5 Medium |
| In btif, there is a possible memory corruption due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06271186; Issue ID: ALPS06271186. | ||||
| CVE-2022-20066 | 2 Google, Mediatek | 21 Android, Mt6580, Mt6739 and 18 more | 2024-08-03 | 4.4 Medium |
| In atf (hwfde), there is a possible leak of sensitive information due to incorrect error handling. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06171729; Issue ID: ALPS06171729. | ||||
| CVE-2022-20042 | 2 Google, Mediatek | 7 Android, Mt8167, Mt8175 and 4 more | 2024-08-03 | 5.5 Medium |
| In Bluetooth, there is a possible information disclosure due to incorrect error handling. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108487; Issue ID: ALPS06108487. | ||||
| CVE-2022-3279 | 1 Gitlab | 1 Gitlab | 2024-08-03 | 2.7 Low |
| An unhandled exception in job log parsing in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an attacker to prevent access to job logs | ||||
| CVE-2022-3175 | 1 Ikus-soft | 1 Rdiffweb | 2024-08-03 | 5.3 Medium |
| Missing Custom Error Page in GitHub repository ikus060/rdiffweb prior to 2.4.2. | ||||
| CVE-2022-0264 | 1 Linux | 1 Linux Kernel | 2024-08-02 | 5.5 Medium |
| A vulnerability was found in the Linux kernel's eBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel. This flaws affects kernel versions < v5.16-rc6 | ||||