Lucene search
K

7654 matches found

CNVD
CNVD
added 2022/09/09 12:0 a.m.38 views

Google Android Information Disclosure Vulnerability (CNVD-2022-81245)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an information disclosure vulnerability that originates from the disclosure of installed packets due to a lack of permission checking in ActivityManager. An attacker can exploit this vulnerabilit...

3.3CVSS3.8AI score0.00089EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2022/09/09 12:0 a.m.40 views

SUSE SLED15: WebKit2GTK-4.0-lang / WebKit2GTK-4.1-lang / WebKit2GTK-5.0-lang / etc (SUSE-SU-2022:3137-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3137-1 advisory. - Updated to version 2.36.7 bsc1202807: - CVE-2022-32893: Fixed an issue that would be triggered when...

8.8CVSS7.6AI score0.09785EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2022/09/09 12:0 a.m.42 views

SUSE SLES12: libjavascriptcoregtk-4_0-18 / libwebkit2gtk-4_0-37 / etc (SUSE-SU-2022:3136-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3136-1 advisory. - Updated to version 2.36.7 bsc1202807: - CVE-2022-32893: Fixed an issue that would be triggered when processing malicious web content and...

8.8CVSS7.6AI score0.09785EPSS
Exploits0References5
Fedora
Fedora
added 2022/09/08 11:3 a.m.35 views

[SECURITY] Fedora 36 Update: exim-4.96-2.fc36

Exim is a message transfer agent MTA developed at the University of Cambridge for use on Unix systems connected to the Internet. It is freely available under the terms of the GNU General Public Licence. In style it is similar to Smail 3, but its facilities are more general. There is a great deal ...

7.5CVSS1.5AI score0.02551EPSS
Exploits2
Prion
Prion
added 2022/09/06 6:15 p.m.25 views

Code injection

The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient permissions checking on the 'tptranslation' AJAX action and default settings which makes it possib...

5CVSS6AI score0.03508EPSS
Exploits6References6Affected Software1
Cvelist
Cvelist
added 2022/09/06 5:18 p.m.27 views

CVE-2022-2461 Transposh WordPress Translation <= 1.0.9.6 - Unauthorized Settings Change

The Transposh WordPress Translation plugin for WordPress is vulnerable to unauthorized setting changes by unauthenticated users in versions up to, and including, 1.0.9.6. This is due to insufficient permissions checking on the 'tptranslation' AJAX action and default settings which makes it possib...

5.3CVSS6.1AI score0.03508EPSS
Exploits6References6
CNNVD
CNNVD
added 2022/09/06 12:0 a.m.3 views

MediaTek Apusys 缓冲区错误漏洞

MediaTek Apusys is a chipset from MediaTek, a Chinese company. A security vulnerability exists in MediaTek Apusys that stems from a lack of boundary checking and out-of-scope writes. This could result in a local privilege escalation that requires system execution privileges...

6.7CVSS6.8AI score0.00101EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/09/06 12:0 a.m.3 views

MediaTek vow 缓冲区错误漏洞

MediaTek vow is an application chip from MediaTek, China. It provides optimized platform size and power consumption. A security vulnerability exists in MediaTek vow, which is caused by an out-of-range write due to incorrect boundary checking. This could result in a local privilege escalation that...

6.7CVSS6.8AI score0.00099EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2022/09/06 12:0 a.m.27 views

Debian dla-3087 : gir1.2-javascriptcoregtk-4.0 - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3087 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3087-1 [email protected] https://www.debian.org/lts/security/...

8.8CVSS8.8AI score0.09785EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2022/09/02 12:15 p.m.5 views

CVE-2022-22104

Memory corruption in multimedia due to improper check on the messages received. in Snapdragon Auto...

8.4CVSS7.2AI score0.00119EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/09/02 11:30 a.m.26 views

CVE-2021-35108

Improper checking of AP-S lock bit while verifying the secure resource group permissions can lead to non secure read and write access in Snapdragon Connectivity, Snapdragon Mobile...

6.8CVSS6.9AI score0.00186EPSS
Exploits0References1
CVE
CVE
added 2022/09/02 11:30 a.m.69 views

CVE-2021-35108

CVE-2021-35108 concerns Qualcomm/Qualcomm closed‑source components in Snapdragon Connectivity and Snapdragon Mobile. The root cause is improper checking of the AP-S lock bit when verifying secure resource group permissions, which can permit non‑secure read and write access. The CVSSv3.1 base vect...

6.8CVSS6.6AI score0.00186EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2022/09/02 12:0 a.m.5 views

PT-2025-18483

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability in the Linux kernel has been resolved, related to the netlink protocol. The issue involves bounds-checking for the creation of the struct nlmsgerr, which is used to handl...

5.5CVSS5.9AI score0.0014EPSS
Exploits0References20
The Hacker News
The Hacker News
added 2022/09/01 3:24 a.m.69 views

Apple Releases iOS Update for Older iPhones to Fix Actively Exploited Vulnerability

Apple on Wednesday backported security updates to older iPhones, iPads, and iPod touch devices to address a critical security flaw that has been actively exploited in the wild. The shortcoming, tracked as CVE-2022-32893 CVSS score: 8.8, is an out-of-bounds write issue affecting WebKit that could...

8.8CVSS1.1AI score0.09785EPSS
Exploits0
CNVD
CNVD
added 2022/08/30 12:0 a.m.22 views

Tenda AX180 Stack Overflow Vulnerability (CNVD-2022-78481)

Tenda AX1803 is a dual-band gigabit WIFI6 router from Tenda China.Tenda AX1803 is vulnerable to a stack overflow vulnerability caused by improper boundary checking of the formSetVirtualSer function. An attacker could exploit the vulnerability to overflow the buffer and execute arbitrary code on t...

7.8CVSS5.4AI score0.00328EPSS
Exploits1References1
CNVD
CNVD
added 2022/08/30 12:0 a.m.17 views

Tenda AX180 Stack Overflow Vulnerability (CNVD-2022-78483)

Tenda AX1803 is a dual-band Gigabit WIFI6 router from Tenda China.Tenda AX1803 is vulnerable to a stack overflow vulnerability caused by improper boundary checking of the fromSetWifiGusetBasic function. An attacker could exploit this vulnerability to overflow the buffer and execute arbitrary code...

7.8CVSS4.9AI score0.00328EPSS
Exploits1References1
CNVD
CNVD
added 2022/08/30 12:0 a.m.30 views

Tenda AX180 Stack Overflow Vulnerability (CVE-2022-37821)

Tenda AX1803 is a dual-band Gigabit WIFI6 router from Tenda China.Tenda AX1803 is vulnerable to a stack overflow vulnerability, which is caused by improper boundary checking of the formSetProvince function. An attacker could exploit this vulnerability to overflow the buffer and execute arbitrary...

7.8CVSS5AI score0.00327EPSS
Exploits1References1
CNVD
CNVD
added 2022/08/30 12:0 a.m.19 views

Tenda AX180 Stack Overflow Vulnerability (CNVD-2022-78477)

Tenda AX1803 is a dual-band gigabit WIFI6 router from Tenda China.Tenda AX1803 is vulnerable to a stack overflow vulnerability caused by improper boundary checking in the fromSetRouteStatic function. An attacker could exploit this vulnerability to cause a buffer overflow and execute arbitrary cod...

7.8CVSS4.8AI score0.00327EPSS
Exploits1References1
CNVD
CNVD
added 2022/08/30 12:0 a.m.23 views

Tenda AC1206 Buffer Overflow Vulnerability (CNVD-2022-78520)

Tenda AC1206 is a wireless pass-through gigabit router from Tenda, China.Tenda AC1206 version V15.03.06.23 is vulnerable to a buffer overflow vulnerability caused by improper boundary checking of the setSmartPowerManagement function. An attacker could exploit this vulnerability to overflow the...

9.8CVSS6.2AI score0.01013EPSS
Exploits1References1
CNVD
CNVD
added 2022/08/30 12:0 a.m.18 views

Tenda AC1206 Buffer Overflow Vulnerability (CNVD-2022-78516)

Tenda AC1206 is a wireless pass-through gigabit router from Tenda, China.Tenda AC1206 version V15.03.06.23 is vulnerable to a buffer overflow vulnerability caused by improper boundary checking of the formSetSpeedWan function. An attacker could exploit this vulnerability to overflow the buffer and...

9.8CVSS6.5AI score0.01013EPSS
Exploits1References1
Rows per page
Query Builder