Total
12288 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-32623 | 2 Google, Mediatek | 9 Android, Mt6789, Mt6855 and 6 more | 2025-04-10 | N/A | 6.7 MEDIUM |
In mdp, there is a possible out of bounds write due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07342114; Issue ID: ALPS07342114. | |||||
CVE-2022-47116 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-10 | N/A | 7.5 HIGH |
Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the SYSPS parameter at /goform/SysToolChangePwd. | |||||
CVE-2022-43448 | 1 Fujielectric | 2 Tellus, V-sft | 2025-04-10 | N/A | 7.8 HIGH |
Out-of-bounds write vulnerability in V-SFT v6.1.7.0 and earlier and TELLUS v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted image file. | |||||
CVE-2022-32637 | 2 Google, Mediatek | 12 Android, Mt6781, Mt6785 and 9 more | 2025-04-10 | N/A | 6.7 MEDIUM |
In hevc decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07491374; Issue ID: ALPS07491374. | |||||
CVE-2022-32636 | 2 Google, Mediatek | 51 Android, Mt6580, Mt6731 and 48 more | 2025-04-10 | N/A | 6.7 MEDIUM |
In keyinstall, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07510064; Issue ID: ALPS07510064. | |||||
CVE-2020-1020 | 1 Microsoft | 16 Windows 10 1507, Windows 10 1607, Windows 10 1709 and 13 more | 2025-04-10 | 6.8 MEDIUM | 8.8 HIGH |
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka 'Adobe Font Manager Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0938. | |||||
CVE-2022-47908 | 1 Fujielectric | 1 V-server | 2025-04-10 | N/A | 7.8 HIGH |
Stack-based buffer overflow vulnerability in V-Server v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted project file. | |||||
CVE-2022-44428 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | N/A | 5.5 MEDIUM |
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. | |||||
CVE-2022-44427 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | N/A | 5.5 MEDIUM |
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. | |||||
CVE-2022-32647 | 2 Google, Mediatek | 4 Android, Mt6879, Mt6895 and 1 more | 2025-04-10 | N/A | 6.7 MEDIUM |
In ccu, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07554646; Issue ID: ALPS07554646. | |||||
CVE-2022-32646 | 2 Google, Mediatek | 24 Android, Mt6761, Mt6765 and 21 more | 2025-04-10 | N/A | 6.7 MEDIUM |
In gpu drm, there is a possible stack overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363501; Issue ID: ALPS07363501. | |||||
CVE-2022-32640 | 2 Google, Mediatek | 57 Android, Mt6580, Mt6731 and 54 more | 2025-04-10 | N/A | 6.7 MEDIUM |
In meta wifi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441652; Issue ID: ALPS07441652. | |||||
CVE-2024-53197 | 1 Linux | 1 Linux Kernel | 2025-04-10 | N/A | 7.8 HIGH |
In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usb_get_configuration for allocating dev->config. This can lead to out-of-bounds accesses later, e.g. in usb_destroy_configuration. | |||||
CVE-2022-4378 | 1 Linux | 1 Linux Kernel | 2025-04-10 | N/A | 7.8 HIGH |
A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This flaw allows a local user to crash or potentially escalate their privileges on the system. | |||||
CVE-2022-47661 | 1 Gpac | 1 Gpac | 2025-04-10 | N/A | 7.8 HIGH |
GPAC MP4Box 2.1-DEV-rev649-ga8f438d20 is vulnerable to Buffer Overflow via media_tools/av_parsers.c:4988 in gf_media_nalu_add_emulation_bytes | |||||
CVE-2022-47659 | 1 Gpac | 1 Gpac | 2025-04-10 | N/A | 7.8 HIGH |
GPAC MP4box 2.1-DEV-rev644-g5c4df2a67 is vulnerable to Buffer Overflow in gf_bs_read_data | |||||
CVE-2022-47655 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2025-04-10 | N/A | 7.8 HIGH |
Libde265 1.0.9 is vulnerable to Buffer Overflow in function void put_qpel_fallback<unsigned short> | |||||
CVE-2022-47317 | 1 Fujielectric | 1 V-server | 2025-04-10 | N/A | 7.8 HIGH |
Out-of-bounds write vulnerability in V-Server v4.0.12.0 and earlier allows a local attacker to obtain the information and/or execute arbitrary code by having a user to open a specially crafted project file. | |||||
CVE-2022-47086 | 1 Gpac | 1 Gpac | 2025-04-10 | N/A | 5.5 MEDIUM |
GPAC MP4Box v2.1-DEV-rev574-g9d5bb184b contains a segmentation violation via the function gf_sm_load_init_swf at scene_manager/swf_parse.c | |||||
CVE-2022-44431 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-10 | N/A | 5.5 MEDIUM |
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |