Total
2655 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-20383 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.8 HIGH |
| In AllocateInternalBuffers of g3aa_buffer_allocator.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-222408847References: N/A | |||||
| CVE-2022-20367 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
| In construct_transaction of lwis_ioctl.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-225877459References: N/A | |||||
| CVE-2022-20366 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.7 MEDIUM |
| In ioctl_dpm_clk_update of lwis_ioctl.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-225877745References: N/A | |||||
| CVE-2022-20362 | 1 Google | 1 Android | 2024-11-21 | N/A | 8.8 HIGH |
| In Bluetooth, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-230756082 | |||||
| CVE-2022-20283 | 1 Google | 1 Android | 2024-11-21 | N/A | 8.8 HIGH |
| In Bluetooth, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-233069336 | |||||
| CVE-2022-20178 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In ioctl_dpm_qos_update and ioctl_event_control_set of (TBD), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-224932775References: N/A | |||||
| CVE-2022-20107 | 3 Google, Linux, Mediatek | 38 Android, Linux Kernel, Mt9011 and 35 more | 2024-11-21 | 4.9 MEDIUM | 4.4 MEDIUM |
| In subtitle service, there is a possible application crash due to an integer overflow. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03330673; Issue ID: DTV03330673. | |||||
| CVE-2022-20075 | 2 Google, Mediatek | 63 Android, Mt6580, Mt6731 and 60 more | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
| In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05838808; Issue ID: ALPS05838808. | |||||
| CVE-2022-20069 | 2 Google, Mediatek | 47 Android, Mt6580, Mt6735 and 44 more | 2024-11-21 | 4.4 MEDIUM | 6.6 MEDIUM |
| In preloader (usb), there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160425; Issue ID: ALPS06160425. | |||||
| CVE-2022-20039 | 2 Google, Mediatek | 9 Android, Mt6833, Mt6853 and 6 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In ccu driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06183345; Issue ID: ALPS06183345. | |||||
| CVE-2022-20012 | 2 Google, Mediatek | 42 Android, Mt6580, Mt6739 and 39 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| In mdp driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05836478; Issue ID: ALPS05836478. | |||||
| CVE-2022-1926 | 1 Trudesk Project | 1 Trudesk | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.3. | |||||
| CVE-2022-1925 | 2 Debian, Gstreamer Project | 2 Debian Linux, Gstreamer | 2024-11-21 | N/A | 7.8 HIGH |
| DOS / potential heap overwrite in mkv demuxing using HEADERSTRIP decompression. Integer overflow in matroskaparse element in gst_matroska_decompress_data function which causes a heap overflow. Due to restrictions on chunk sizes in the matroskademux element, the overflow can't be triggered, however the matroskaparse element has no size checks. | |||||
| CVE-2022-1924 | 2 Debian, Gstreamer Project | 2 Debian Linux, Gstreamer | 2024-11-21 | N/A | 7.8 HIGH |
| DOS / potential heap overwrite in mkv demuxing using lzo decompression. Integer overflow in matroskademux element in lzo decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite. | |||||
| CVE-2022-1923 | 2 Debian, Gstreamer Project | 2 Debian Linux, Gstreamer | 2024-11-21 | N/A | 7.8 HIGH |
| DOS / potential heap overwrite in mkv demuxing using bzip decompression. Integer overflow in matroskademux element in bzip decompression function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite. | |||||
| CVE-2022-1922 | 2 Debian, Gstreamer Project | 2 Debian Linux, Gstreamer | 2024-11-21 | N/A | 7.8 HIGH |
| DOS / potential heap overwrite in mkv demuxing using zlib decompression. Integer overflow in matroskademux element in gst_matroska_decompress_data function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. If the libc uses mmap for large chunks, and the OS supports mmap, then it is just a segfault (because the realloc before the integer overflow will use mremap to reduce the size of the chunk, and it will start to write to unmapped memory). However, if using a libc implementation that does not use mmap, or if the OS does not support mmap while using libc, then this could result in a heap overwrite. | |||||
| CVE-2022-1921 | 2 Debian, Gstreamer Project | 2 Debian Linux, Gstreamer | 2024-11-21 | N/A | 7.8 HIGH |
| Integer overflow in avidemux element in gst_avi_demux_invert function which allows a heap overwrite while parsing avi files. Potential for arbitrary code execution through heap overwrite. | |||||
| CVE-2022-1920 | 2 Debian, Gstreamer Project | 2 Debian Linux, Gstreamer | 2024-11-21 | N/A | 7.8 HIGH |
| Integer overflow in matroskademux element in gst_matroska_demux_add_wvpk_header function which allows a heap overwrite while parsing matroska files. Potential for arbitrary code execution through heap overwrite. | |||||
| CVE-2022-1812 | 1 Publify Project | 1 Publify | 2024-11-21 | N/A | 9.8 CRITICAL |
| Integer Overflow or Wraparound in GitHub repository publify/publify prior to 9.2.10. | |||||
| CVE-2022-1754 | 1 Trudesk Project | 1 Trudesk | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Integer Overflow or Wraparound in GitHub repository polonel/trudesk prior to 1.2.2. | |||||