Total
11936 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-42418 | 1 Tracker-software | 1 Pdf-xchange Editor | 2023-07-10 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18677. | |||||
| CVE-2021-40027 | 1 Huawei | 1 Harmonyos | 2023-07-06 | 5.0 MEDIUM | 7.5 HIGH |
| The bone voice ID TA has a vulnerability in calculating the buffer length,Successful exploitation of this vulnerability may affect data confidentiality. | |||||
| CVE-2023-21167 | 1 Google | 1 Android | 2023-07-06 | N/A | 5.5 MEDIUM |
| In setProfileName of DevicePolicyManagerService.java, there is a possible way to crash the SystemUI menu due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-259942964 | |||||
| CVE-2023-2290 | 1 Lenovo | 170 Thinkpad E14, Thinkpad E14 Firmware, Thinkpad E14 Gen 2 and 167 more | 2023-07-05 | N/A | 6.7 MEDIUM |
| A potential vulnerability in the LenovoFlashDeviceInterface SMI handler may allow an attacker with local access and elevated privileges to execute arbitrary code. | |||||
| CVE-2023-30775 | 1 Libtiff | 1 Libtiff | 2023-07-03 | N/A | 5.5 MEDIUM |
| A vulnerability was found in the libtiff library. This security flaw causes a heap buffer overflow in extractContigSamples32bits, tiffcrop.c. | |||||
| CVE-2022-24421 | 1 Dell | 92 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 89 more | 2023-06-30 | 7.2 HIGH | 7.8 HIGH |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | |||||
| CVE-2022-24420 | 1 Dell | 92 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 89 more | 2023-06-30 | 7.2 HIGH | 7.8 HIGH |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | |||||
| CVE-2022-24419 | 1 Dell | 92 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 89 more | 2023-06-30 | 7.2 HIGH | 7.8 HIGH |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | |||||
| CVE-2022-24416 | 1 Dell | 92 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 89 more | 2023-06-30 | 7.2 HIGH | 7.8 HIGH |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | |||||
| CVE-2022-24415 | 1 Dell | 92 Alienware 13 R3, Alienware 13 R3 Firmware, Alienware 15 R3 and 89 more | 2023-06-30 | 7.2 HIGH | 7.8 HIGH |
| Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution during SMM. | |||||
| CVE-2022-34287 | 1 Siemens | 1 Pads Viewer | 2023-06-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-052, FG-VD-22-056) | |||||
| CVE-2022-34291 | 1 Siemens | 1 Pads Viewer | 2023-06-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-057, FG-VD-22-058, FG-VD-22-060) | |||||
| CVE-2022-34290 | 1 Siemens | 1 Pads Viewer | 2023-06-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-055) | |||||
| CVE-2022-3216 | 1 Nintendo | 2 Game Boy Color, Game Boy Color Firmware | 2023-06-29 | N/A | 8.8 HIGH |
| A vulnerability has been found in Nintendo Game Boy Color and classified as problematic. This vulnerability affects unknown code of the component Mobile Adapter GB. The manipulation leads to memory corruption. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-208606 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-30938 | 1 Siemens | 6 En100 Ethernet Module, En100 Ethernet Module Dnp3 Ip Firmware, En100 Ethernet Module Iec 104 Firmware and 3 more | 2023-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.40), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). Affected applications contains a memory corruption vulnerability while parsing specially crafted HTTP packets to /txtrace endpoint manupulating a specific argument. This could allow an attacker to crash the affected application leading to a denial of service condition | |||||
| CVE-2022-30937 | 1 Siemens | 6 En100 Ethernet Module, En100 Ethernet Module Dnp3 Firmware, En100 Ethernet Module Iec 104 Firmware and 3 more | 2023-06-29 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions < V4.37), EN100 Ethernet module Modbus TCP variant (All versions), EN100 Ethernet module PROFINET IO variant (All versions). Affected applications contains a memory corruption vulnerability while parsing specially crafted HTTP packets to /txtrace endpoint. This could allow an attacker to crash the affected application leading to a denial of service condition. | |||||
| CVE-2022-29503 | 3 Anker, Uclibc, Uclibc-ng Project | 4 Eufy Homebase 2, Eufy Homebase 2 Firmware, Uclibc and 1 more | 2023-06-28 | N/A | 9.8 CRITICAL |
| A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40. Thread allocation can lead to memory corruption. An attacker can create threads to trigger this vulnerability. | |||||
| CVE-2022-29465 | 1 Accusoft | 1 Imagegear | 2023-06-28 | N/A | 9.8 CRITICAL |
| An out-of-bounds write vulnerability exists in the PSD Header processing memory allocation functionality of Accusoft ImageGear 20.0. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2023-20972 | 1 Google | 1 Android | 2023-06-28 | N/A | 5.5 MEDIUM |
| In btm_vendor_specific_evt of btm_devctl.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-255304665 | |||||
| CVE-2023-0972 | 1 Silabs | 1 Z\/ip Gateway Sdk | 2023-06-28 | N/A | 8.8 HIGH |
| Description: A vulnerability in SiLabs Z/IP Gateway 7.18.01 and earlier allows an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution. | |||||