Total
11827 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-28190 | 1 Nvidia | 1 Gpu Display Driver | 2024-08-03 | 5.5 Medium |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where improper input validation can cause denial of service. | ||||
| CVE-2022-28195 | 1 Nvidia | 3 Jetson Agx Xavier, Jetson Linux, Jetson Xavier Nx | 2024-08-03 | 5.7 Medium |
| NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot ext4_read_file function, where insufficient validation of untrusted data may allow a highly privileged local attacker to cause a integer overflow, which may lead to code execution, escalation of privileges, limited denial of service, and some impact to confidentiality and integrity. The scope of impact can extend to other components. | ||||
| CVE-2022-28193 | 1 Nvidia | 3 Jetson Agx Xavier, Jetson Linux, Jetson Xavier Nx | 2024-08-03 | 5.6 Medium |
| NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot module tegrabl_cbo.c, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, loss of integrity, limited denial of service, and some impact to confidentiality. | ||||
| CVE-2022-28199 | 4 Linux, Microsoft, Nvidia and 1 more | 4 Linux Kernel, Windows, Data Plane Development Kit and 1 more | 2024-08-03 | 6.5 Medium |
| NVIDIA’s distribution of the Data Plane Development Kit (MLNX_DPDK) contains a vulnerability in the network stack, where error recovery is not handled properly, which can allow a remote attacker to cause denial of service and some impact to data integrity and confidentiality. | ||||
| CVE-2022-28196 | 1 Nvidia | 5 Jetson Agx Xavier, Jetson Linux, Jetson Tx2 and 2 more | 2024-08-03 | 4.6 Medium |
| NVIDIA Jetson Linux Driver Package contains a vulnerability in the Cboot blob_decompress function, where insufficient validation of untrusted data may allow a local attacker with elevated privileges to cause a memory buffer overflow, which may lead to code execution, limited loss of Integrity, and limited denial of service. The scope of impact can extend to other components. | ||||
| CVE-2022-28186 | 2 Microsoft, Nvidia | 3 Windows, Gpu Display Driver, Virtual Gpu | 2024-08-03 | 6.1 Medium |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where the product receives input or data, but does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly, which may lead to denial of service or data tampering. | ||||
| CVE-2022-28188 | 2 Microsoft, Nvidia | 3 Windows, Gpu Display Driver, Virtual Gpu | 2024-08-03 | 5.5 Medium |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where the product receives input or data, but does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly, which may lead to denial of service. | ||||
| CVE-2022-28129 | 3 Apache, Debian, Fedoraproject | 3 Traffic Server, Debian Linux, Fedora | 2024-08-03 | 7.5 High |
| Improper Input Validation vulnerability in HTTP/1.1 header parsing of Apache Traffic Server allows an attacker to send invalid headers. This issue affects Apache Traffic Server 8.0.0 to 9.1.2. | ||||
| CVE-2022-27892 | 1 Palantir | 1 Gotham | 2024-08-03 | 5.3 Medium |
| Palantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would have allowed an attacker to exhaust the memory of the Gotham dispatch service. | ||||
| CVE-2022-27897 | 1 Palantir | 1 Gotham | 2024-08-03 | 5.3 Medium |
| Palantir Gotham versions prior to 3.22.11.2 included an unauthenticated endpoint that would load portions of maliciously crafted zip files to memory. An attacker could repeatedly upload a malicious zip file, which would allow them to exhaust memory resources on the dispatch server. | ||||
| CVE-2022-27827 | 1 Google | 1 Android | 2024-08-03 | 8.5 High |
| Improper validation vulnerability in MediaMonitorDimension prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities. | ||||
| CVE-2022-27830 | 1 Google | 1 Android | 2024-08-03 | 8.5 High |
| Improper validation vulnerability in SemBlurInfo prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities. | ||||
| CVE-2022-27842 | 1 Samsung | 1 Smart Switch Pc | 2024-08-03 | 6.2 Medium |
| DLL hijacking vulnerability in Smart Switch PC prior to version 4.2.22022_4 allows attacker to execute abitrary code. | ||||
| CVE-2022-27833 | 2 Google, Samsung | 4 Android, Exynos 2100, Exynos 980 and 1 more | 2024-08-03 | 4.4 Medium |
| Improper input validation in DSP driver prior to SMR Apr-2022 Release 1 allows out-of-bounds write by integer overflow. | ||||
| CVE-2022-27826 | 1 Google | 1 Android | 2024-08-03 | 8.5 High |
| Improper validation vulnerability in SemSuspendDialogInfo prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities. | ||||
| CVE-2022-27829 | 1 Google | 1 Android | 2024-08-03 | 8.5 High |
| Improper validation vulnerability in VerifyCredentialResponse prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities. | ||||
| CVE-2022-27843 | 1 Samsung | 1 Kies | 2024-08-03 | 6.2 Medium |
| DLL hijacking vulnerability in Kies prior to version 2.6.4.22014_2 allows attacker to execute abitrary code. | ||||
| CVE-2022-27828 | 1 Google | 1 Android | 2024-08-03 | 8.5 High |
| Improper validation vulnerability in MediaMonitorEvent prior to SMR Apr-2022 Release 1 allows attackers to launch certain activities. | ||||
| CVE-2022-27835 | 1 Google | 1 Android | 2024-08-03 | 7.6 High |
| Improper boundary check in UWB firmware prior to SMR Apr-2022 Release 1 allows arbitrary memory write. | ||||
| CVE-2022-27807 | 1 Cybozu | 1 Garoon | 2024-08-03 | 4.3 Medium |
| Improper input validation vulnerability in Link of Cybozu Garoon 4.0.0 to 5.5.1 allows a remote authenticated attacker to disable to add Categories. | ||||