Total
7207 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-20065 | 2 Google, Mediatek | 30 Android, Mt6580, Mt6737 and 27 more | 2024-08-03 | 6.7 Medium |
| In ccci, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108658; Issue ID: ALPS06108658. | ||||
| CVE-2022-20132 | 1 Google | 1 Android | 2024-08-03 | 4.6 Medium |
| In lg_probe and related functions of hid-lg.c and other USB HID files, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure if a malicious USB HID device were plugged in, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-188677105References: Upstream kernel | ||||
| CVE-2022-20123 | 1 Google | 1 Android | 2024-08-03 | 7.5 High |
| In phNciNfc_RecvMfResp of phNxpExtns_MifareStd.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-221852424 | ||||
| CVE-2022-20092 | 2 Google, Mediatek | 24 Android, Mt6761, Mt6768 and 21 more | 2024-08-03 | 5.5 Medium |
| In alac decoder, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06366061; Issue ID: ALPS06366061. | ||||
| CVE-2022-20074 | 2 Google, Mediatek | 38 Android, Mt6761, Mt6762 and 35 more | 2024-08-03 | 6.6 Medium |
| In preloader (partition), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06183301; Issue ID: ALPS06183301. | ||||
| CVE-2022-20064 | 2 Google, Mediatek | 37 Android, Mt6580, Mt6737 and 34 more | 2024-08-03 | 6.7 Medium |
| In ccci, there is a possible leak of kernel pointer due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06108617; Issue ID: ALPS06108617. | ||||
| CVE-2022-20010 | 1 Google | 1 Android | 2024-08-03 | 6.5 Medium |
| In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure through Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-213519176 | ||||
| CVE-2022-20033 | 2 Google, Mediatek | 22 Android, Mt6739, Mt6761 and 19 more | 2024-08-03 | 4.4 Medium |
| In camera driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05862973; Issue ID: ALPS05862973. | ||||
| CVE-2022-20029 | 2 Google, Mediatek | 39 Android, Mt6761, Mt6762 and 36 more | 2024-08-03 | 4.4 Medium |
| In cmdq driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05747150; Issue ID: ALPS05747150. | ||||
| CVE-2022-4645 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2024-08-03 | 6.8 Medium |
| LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. | ||||
| CVE-2022-4432 | 1 Lenovo | 2 Thinkpad X13s, Thinkpad X13s Firmware | 2024-08-03 | 6.7 Medium |
| A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS PersistenceConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure. | ||||
| CVE-2022-4434 | 1 Lenovo | 2 Thinkpad X13s, Thinkpad X13s Firmware | 2024-08-03 | 6.7 Medium |
| A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS driver that could allow a local attacker with elevated privileges to cause information disclosure. | ||||
| CVE-2022-4435 | 1 Lenovo | 2 Thinkpad X13s, Thinkpad X13s Firmware | 2024-08-03 | 6.7 Medium |
| A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoRemoteConfigUpdateDxe driver that could allow a local attacker with elevated privileges to cause information disclosure. | ||||
| CVE-2022-4433 | 1 Lenovo | 2 Thinkpad X13s, Thinkpad X13s Firmware | 2024-08-03 | 6.7 Medium |
| A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoSetupConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure. | ||||
| CVE-2022-4337 | 3 Debian, Openvswitch, Redhat | 3 Debian Linux, Openvswitch, Enterprise Linux | 2024-08-03 | 9.8 Critical |
| An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch. | ||||
| CVE-2022-4338 | 3 Debian, Openvswitch, Redhat | 3 Debian Linux, Openvswitch, Enterprise Linux | 2024-08-03 | 9.8 Critical |
| An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. | ||||
| CVE-2022-4203 | 2 Openssl, Redhat | 3 Openssl, Enterprise Linux, Rhel Eus | 2024-08-03 | 4.9 Medium |
| A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer. The read buffer overrun might result in a crash which could lead to a denial of service attack. In theory it could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext) although we are not aware of any working exploit leading to memory contents disclosure as of the time of release of this advisory. In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. | ||||
| CVE-2022-4144 | 3 Fedoraproject, Qemu, Redhat | 5 Extra Packages For Enterprise Linux, Fedora, Qemu and 2 more | 2024-08-03 | 6.5 Medium |
| An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition. | ||||
| CVE-2022-3737 | 1 Phoenixcontact | 1 Automationworx Software Suite | 2024-08-03 | 7.8 High |
| In PHOENIX CONTACT Automationworx Software Suite up to version 1.89 memory can be read beyond the intended scope due to insufficient validation of input data. Availability, integrity, or confidentiality of an application programming workstation might be compromised by attacks using these vulnerabilities. | ||||
| CVE-2022-3599 | 4 Debian, Libtiff, Netapp and 1 more | 4 Debian Linux, Libtiff, Active Iq Unified Manager and 1 more | 2024-08-03 | 5.5 Medium |
| LibTIFF 4.4.0 has an out-of-bounds read in writeSingleSection in tools/tiffcrop.c:7345, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125. | ||||