Total
11936 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-24661 | 1 Siemens | 1 Simcenter Star-ccm\+ Viewer | 2022-03-11 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Simcenter STAR-CCM+ Viewer (All versions < V2022.1). The starview+.exe contains a memory corruption vulnerability while parsing specially crafted .SCE files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2021-32492 | 2 Debian, Djvulibre Project | 2 Debian Linux, Djvulibre | 2022-03-09 | 6.8 MEDIUM | 7.8 HIGH |
| A flaw was found in djvulibre-3.5.28 and earlier. An out of bounds read in function DJVU::DataPool::has_data() via crafted djvu file may lead to application crash and other consequences. | |||||
| CVE-2021-22479 | 1 Huawei | 1 Harmonyos | 2022-03-07 | 4.9 MEDIUM | 5.5 MEDIUM |
| The interface of a certain HarmonyOS module has an invalid address access vulnerability. Successful exploitation of this vulnerability may lead to kernel crash. | |||||
| CVE-2021-22434 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-07 | 7.5 HIGH | 9.8 CRITICAL |
| There is a memory address out of bounds vulnerability in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. | |||||
| CVE-2021-22433 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-07 | 7.5 HIGH | 9.8 CRITICAL |
| There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. | |||||
| CVE-2021-22432 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-07 | 10.0 HIGH | 9.8 CRITICAL |
| There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access. | |||||
| CVE-2021-22431 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-07 | 7.5 HIGH | 9.8 CRITICAL |
| There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access. | |||||
| CVE-2021-22429 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-07 | 10.0 HIGH | 9.8 CRITICAL |
| There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. | |||||
| CVE-2021-22426 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-03-07 | 7.5 HIGH | 9.8 CRITICAL |
| There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed. | |||||
| CVE-2003-1397 | 1 Opera | 1 Opera Browser | 2022-03-01 | 4.3 MEDIUM | N/A |
| The PluginContext object of Opera 6.05 and 7.0 allows remote attackers to cause a denial of service (crash) via an HTTP request containing a long string that gets passed to the ShowDocument method. | |||||
| CVE-2021-33627 | 2 Insyde, Siemens | 29 Insydeh2o, Simatic Field Pg M5, Simatic Field Pg M5 Firmware and 26 more | 2022-03-01 | 7.2 HIGH | 8.2 HIGH |
| An issue was discovered in Insyde InsydeH2O 5.x, affecting FwBlockServiceSmm. Software SMI services that use the Communicate() function of the EFI_SMM_COMMUNICATION_PROTOCOL do not check whether the address of the buffer is valid, which allows use of SMRAM, MMIO, or OS kernel addresses | |||||
| CVE-2021-41837 | 2 Insyde, Siemens | 29 Insydeh2o, Simatic Field Pg M5, Simatic Field Pg M5 Firmware and 26 more | 2022-03-01 | 7.2 HIGH | 8.2 HIGH |
| An issue was discovered in AhciBusDxe in the kernel 5.0 through 5.5 in Insyde InsydeH2O. Because of an Untrusted Pointer Dereference that causes SMM memory corruption, an attacker may be able to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM. | |||||
| CVE-2021-41838 | 2 Insyde, Siemens | 29 Insydeh2o, Simatic Field Pg M5, Simatic Field Pg M5 Firmware and 26 more | 2022-03-01 | 7.2 HIGH | 8.2 HIGH |
| An issue was discovered in SdHostDriver in the kernel 5.0 through 5.5 in Insyde InsydeH2O. There is an SMM callout that allows an attacker to access the System Management Mode and execute arbitrary code. This occurs because of a Numeric Range Comparison Without a Minimum Check. | |||||
| CVE-2017-9998 | 1 Libdwarf Project | 1 Libdwarf | 2022-03-01 | 4.3 MEDIUM | 6.5 MEDIUM |
| The _dwarf_decode_s_leb128_chk function in dwarf_leb.c in libdwarf through 2017-06-28 allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file. | |||||
| CVE-2006-3353 | 1 Opera | 1 Opera Browser | 2022-02-28 | 5.0 MEDIUM | N/A |
| Opera 9 allows remote attackers to cause a denial of service (crash) via a crafted web page that triggers an out-of-bounds memory access, related to an iframe and JavaScript that accesses certain style sheets properties. | |||||
| CVE-2006-3199 | 1 Opera | 1 Opera Browser | 2022-02-28 | 5.0 MEDIUM | N/A |
| Opera 9 allows remote attackers to cause a denial of service (crash) via an A tag with an href attribute with a URL containing a long hostname, which triggers an out-of-bounds operation. | |||||
| CVE-2010-1291 | 3 Adobe, Apple, Microsoft | 7 Shockwave Player, Macos, Windows and 4 more | 2022-02-28 | 9.3 HIGH | N/A |
| Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, and CVE-2010-1290. | |||||
| CVE-2010-1289 | 3 Adobe, Apple, Microsoft | 7 Shockwave Player, Macos, Windows and 4 more | 2022-02-28 | 9.3 HIGH | N/A |
| Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1290, and CVE-2010-1291. | |||||
| CVE-2010-1288 | 3 Adobe, Apple, Microsoft | 7 Shockwave Player, Macos, Windows and 4 more | 2022-02-28 | 9.3 HIGH | N/A |
| Buffer overflow in Adobe Shockwave Player before 11.5.7.609 might allow attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2010-1287 | 3 Adobe, Apple, Microsoft | 7 Shockwave Player, Macos, Windows and 4 more | 2022-02-28 | 9.3 HIGH | N/A |
| Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291. | |||||