PUB-A-241544307

In CallDialReqData::encode of callreqdata.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

PUB-A-239847859

In TBD of TBD, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

CVE-2022-32616

In isp, there is a possible out of bounds write due to uninitialized data. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07341258; Issue ID: ALPS07341258...

CVE-2022-38677

In cell service, there is a missing permission check. This could lead to local denial of service in cell service with no additional execution privileges needed...

CVE-2022-28640

A potential local adjacent arbitrary code execution vulnerability that could potentially lead to a loss of confidentiality, integrity, and availability was discovered in HPE Integrated Lights-Out 5 iLO 5 in Version: 2.71. Hewlett Packard Enterprise has provided updated firmware for HPE Integrated...

CVE-2022-21792

In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085410; Issue ID: ALPS07085410...

PT-2022-17854 · Unknown · Wifi Driver

Name of the Vulnerable Software and Affected Versions: Wifi driver affected versions not specified Description: The issue is related to a missing bounds check in the wifi driver, which could lead to a possible out of bounds write. This could result in local escalation of privilege, with System...

CVE-2022-20227

In USB driver, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216825460References:...

Out-of-bounds

In audio DSP, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558844; Issue ID: ALPS06558844...

CLSA-2022-1656959440 Fixed CVE-2016-10009 in openssh-5.3p1

CVE-2016-10009: add whitelist of paths which may ssh-agent load from in order to prevent execution of arbitrary local pkcs11...

CVE-2022-27176

Incomplete filtering of special elements vulnerability exists in RevoWorks SCVX using 'File Sanitization Library' 1.043 and prior versions, RevoWorks Browser 2.2.67 and prior versions when using 'File Sanitization Option', and RevoWorks Desktop 2.1.84 and prior versions when using 'File...

PUB-A-188911154

In hypxcreateblobdmabuf of faceauthhypx.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

PUB-A-174846563

In locksocknested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation...

Design/Logic Flaw

In netdiag, there is a possible symbolic link following due to an improper link resolution. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06308877; Issue ID: ALPS06308877...

Code injection

In JetBrains IntelliJ IDEA before 2022.1 local code execution via workspace settings was possible...

Google Android Elevation of Privilege Vulnerability (CNVD-2022-43855)

Google Android is a Linux-based open-source operating system from the U.S. company Google. Google Android has an elevation of privilege vulnerability that could be exploited by attackers to cause a local privilege escalation that requires system execution privileges...

CVE-2022-20071

In ccu, there is a possible escalation of privilege due to a missing certificate validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no needed for exploitation. Patch ID: ALPS06183315; Issue ID: ALPS06183315...

CVE-2022-1030

Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be vulnerable to command injection via a specially crafted URL. An attacker, who has knowledge of a valid team name for the victim and also knows a valid target host where the user has access, can execute...

CVE-2022-1030

Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be vulnerable to command injection via a specially crafted URL. An attacker, who has knowledge of a valid team name for the victim and also knows a valid target host where the user has access, can execute...

Oracle VirtualBox Insufficient Input Validation Vulnerability

An input validation vulnerability exists in the VBoxDrv.sys driver of Sun xVM VirtualBox which allows attackers to locally execute arbitrary code...