Total
34333 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-20169 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| Product: AndroidVersions: Android kernelAndroid ID: A-211162353References: N/A | ||||
| CVE-2022-20168 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| Product: AndroidVersions: Android kernelAndroid ID: A-210594998References: N/A | ||||
| CVE-2022-20167 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| Product: AndroidVersions: Android kernelAndroid ID: A-204956204References: N/A | ||||
| CVE-2022-20164 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| Product: AndroidVersions: Android kernelAndroid ID: A-204891956References: N/A | ||||
| CVE-2022-20160 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| Product: AndroidVersions: Android kernelAndroid ID: A-210083655References: N/A | ||||
| CVE-2022-20151 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| Product: AndroidVersions: Android kernelAndroid ID: A-210712565References: N/A | ||||
| CVE-2022-20149 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| Product: AndroidVersions: Android kernelAndroid ID: A-211685939References: N/A | ||||
| CVE-2022-20142 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In createFromParcel of GeofenceHardwareRequestParcelable.java, there is a possible arbitrary code execution due to parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-216631962 | ||||
| CVE-2022-20135 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In writeToParcel of GateKeeperResponse.java, there is a possible parcel format mismatch. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-220303465 | ||||
| CVE-2022-20124 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In deletePackageX of DeletePackageHelper.java, there is a possible way for a Guest user to reset pre-loaded applications for other users due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-170646036 | ||||
| CVE-2022-20120 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| Product: AndroidVersions: Android kernelAndroid ID: A-203213034References: N/A | ||||
| CVE-2022-20116 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In onEntryUpdated of OngoingCallController.kt, it is possible to launch non-exported activities due to intent redirection. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-212467440 | ||||
| CVE-2022-20113 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In mPreference of DefaultUsbConfigurationPreferenceController.java, there is a possible way to enable file transfer mode due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-205996517 | ||||
| CVE-2022-20005 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In validateApkInstallLocked of PackageInstallerSession.java, there is a way to force a mismatch between running code and a parsed APK . This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-219044664 | ||||
| CVE-2022-1999 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 3.1 Low |
| An issue has been discovered in GitLab CE/EE affecting all versions from 8.13 prior to 14.10.5, 15.0 prior to 15.0.4, and 15.1 prior to 15.1.1. Under certain conditions, using the REST API an unprivileged user was able to change labels description. | ||||
| CVE-2022-1975 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.5 Medium |
| There is a sleep-in-atomic bug in /net/nfc/netlink.c that allows an attacker to crash the Linux kernel by simulating a nfc device from user-space. | ||||
| CVE-2022-1963 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 5.3 Medium |
| An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 14.10.5, all versions starting from 15.0 before 15.0.4, all versions starting from 15.1 before 15.1.1. GitLab reveals if a user has enabled two-factor authentication on their account in the HTML source, to unauthenticated users. | ||||
| CVE-2022-1958 | 1 Filecloud | 1 Filecloud | 2024-11-21 | 6.3 Medium |
| A vulnerability classified as critical has been found in FileCloud. Affected is an unknown function of the component NTFS Handler. The manipulation leads to improper access controls. It is possible to launch the attack remotely. Upgrading to version 21.3.5.18513 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-201960. | ||||
| CVE-2022-1872 | 1 Google | 1 Chrome | 2024-11-21 | 4.3 Medium |
| Insufficient policy enforcement in Extensions API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass downloads policy via a crafted HTML page. | ||||
| CVE-2022-1871 | 1 Google | 1 Chrome | 2024-11-21 | 4.3 Medium |
| Insufficient policy enforcement in File System API in Google Chrome prior to 102.0.5005.61 allowed an attacker who convinced a user to install a malicious extension to bypass file system policy via a crafted HTML page. | ||||