Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2021-35120 Improper handling between export and release functions on the same handle from client can lead to use after free in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon M... | 6.7 | MEDIUM | β | 0 |
| CVE-2022-23055 In ERPNext, versions v11.0.0-beta through v13.0.2 are vulnerable to Missing Authorization, in the chat rooms functionality. A low privileged attacker can send a direct message or a group message to an... | N/A | NONE | β | 0 |
| CVE-2021-35121 An array index is improperly used to lock and unlock a mutex which can lead to a Use After Free condition In the Synx driver in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, ... | 6.7 | MEDIUM | β | 0 |
| CVE-2021-35123 Buffer copy in GATT multi notification due to improper length check for the data coming over-the-air in Snapdragon Connectivity, Snapdragon Industrial IOT | 8.8 | HIGH | β | 0 |
| CVE-2021-35126 Memory corruption in DSP service due to improper validation of input parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | 8.4 | HIGH | β | 0 |
| CVE-2021-35129 Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, ... | 7.8 | HIGH | β | 0 |
| CVE-2021-35130 Memory corruption in graphics support layer due to use after free condition in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | 8.4 | HIGH | β | 0 |
| CVE-2022-32335 Fast Food Ordering System v1.0 is vulnerable to SQL Injection via /ffos/admin/menus/manage_menu.php?id=. | 7.2 | HIGH | β | 0 |
| CVE-2021-37182 A vulnerability has been identified in SCALANCE XM408-4C (All versions < V6.5), SCALANCE XM408-4C (L3 int.) (All versions < V6.5), SCALANCE XM408-8C (All versions < V6.5), SCALANCE XM408-8C (L3 int.) ... | 7.5 | HIGH | β | 0 |
| CVE-2021-40616 thinkcmf v5.1.7 has an unauthorized vulnerability. The attacker can modify the password of the administrator account with id 1 through the background user management group permissions. The use conditi... | 6.5 | MEDIUM | β | 0 |
| CVE-2021-40649 In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the HttpOnly flag set. | 6.5 | MEDIUM | β | 0 |
| CVE-2021-40650 In Connx Version 6.2.0.1269 (20210623), a cookie can be issued by the application and not have the secure flag set. | 6.5 | MEDIUM | β | 0 |
| CVE-2022-22057 Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivit... | 8.4 | HIGH | β | 0 |
| CVE-2022-22064 Possible buffer over read due to lack of size validation while unpacking frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon... | 7.5 | HIGH | β | 0 |
| CVE-2022-22065 Out of bound read in WLAN HOST due to improper length check can lead to DOS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Co... | 7.5 | HIGH | β | 0 |
| CVE-2022-34210 A missing permission check in Jenkins ThreadFix Plugin 1.5.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. | 6.5 | MEDIUM | β | 0 |
| CVE-2022-22068 kernel event may contain unexpected content which is not generated by NPU software in asynchronous execution mode in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer I... | 8.4 | HIGH | β | 0 |
| CVE-2022-22072 Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT... | 7.8 | HIGH | β | 0 |
| CVE-2022-22082 Memory corruption due to possible buffer overflow while parsing DSF header with corrupted channel count in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdr... | 8.4 | HIGH | β | 0 |
| CVE-2022-22083 Denial of service due to memory corruption while extracting ape header from clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, S... | 7.5 | HIGH | β | 0 |
| CVE-2022-22084 Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT... | 8.4 | HIGH | β | 0 |
| CVE-2022-22085 Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdr... | 8.4 | HIGH | β | 0 |
| CVE-2022-22086 Memory corruption in video due to double free while parsing 3gp clip with invalid meta data atoms in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon I... | 7.3 | HIGH | β | 0 |
| CVE-2022-22087 memory corruption in video due to buffer overflow while parsing mkv clip with no codechecker in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Indust... | 7.3 | HIGH | β | 0 |
| CVE-2024-41934 Improper access control in some Intel(R) GPA software before version 2024.3 may allow an authenticated user to potentially enable denial of service via local access. | 5.9 | MEDIUM | β | 0 |
| CVE-2022-22090 Memory corruption in audio due to use after free while managing buffers from internal cache in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile | 8.4 | HIGH | β | 0 |
| CVE-2022-22103 Memory corruption in multimedia driver due to double free while processing data from user in Snapdragon Auto | 7.8 | HIGH | β | 0 |
| CVE-2022-25651 Memory corruption in bluetooth host due to integer overflow while processing BT HFP-UNIT profile in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon V... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-26476 A vulnerability has been identified in Spectrum Power 4 (All versions using Shared HIS), Spectrum Power 7 (All versions using Shared HIS), Spectrum Power MGMS (All versions using Shared HIS). An unaut... | 8.8 | HIGH | β | 0 |
| CVE-2022-27219 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). Affected application is missing general HTTP security headers in the web server configured on port 443. T... | 4.3 | MEDIUM | β | 0 |
| CVE-2024-42405 Uncontrolled search path for some Intel(R) Quartus(R) Prime Software before version 23.1.1 Patch 1.01std may allow an authenticated user to potentially enable escalation of privilege via local access. | 6.7 | MEDIUM | β | 0 |
| CVE-2022-27220 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0 SP2). Affected application is missing general HTTP security headers in the web server configured on port 6220. ... | 4.3 | MEDIUM | β | 0 |
| CVE-2022-27221 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An attacker in machine-in-the-middle could obtain plaintext secret values by observing length differences dur... | 5.9 | MEDIUM | β | 0 |
| CVE-2022-29034 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). An error message pop up window in the web interface of the affected application does not prevent injection of... | 6.1 | MEDIUM | β | 0 |
| CVE-2022-30937 A vulnerability has been identified in EN100 Ethernet module DNP3 IP variant (All versions), EN100 Ethernet module IEC 104 variant (All versions), EN100 Ethernet module IEC 61850 variant (All versions... | 7.5 | HIGH | β | 0 |
| CVE-2022-31465 A vulnerability has been identified in Xpedition Designer VX.2.10 (All versions < VX.2.10 Update 13), Xpedition Designer VX.2.11 (All versions < VX.2.11 Update 11), Xpedition Designer VX.2.12 (All ver... | 7.8 | HIGH | β | 0 |
| CVE-2022-31619 A vulnerability has been identified in Teamcenter V12.4 (All versions < V12.4.0.13), Teamcenter V13.0 (All versions < V13.0.0.9), Teamcenter V13.1 (All versions < V13.1.0.9), Teamcenter V13.2 (All ver... | 8.8 | HIGH | β | 0 |
| CVE-2022-32145 A vulnerability has been identified in Teamcenter Active Workspace V5.2 (All versions < V5.2.9), Teamcenter Active Workspace V6.0 (All versions < V6.0.3). A reflected cross-site scripting (XSS) vulner... | 6.1 | MEDIUM | β | 0 |
| CVE-2022-32251 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). There is a missing authentication verification for a resource used to change the roles and permissions of a u... | 8.8 | HIGH | β | 0 |
| CVE-2022-32252 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The application does not perform the integrity check of the update packages. Without validation, an admin use... | 6.5 | MEDIUM | β | 0 |
| CVE-2022-32253 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). Due to improper input validation, the OpenSSL certificate's password could be printed to a file reachable by ... | 4.9 | MEDIUM | β | 0 |
| CVE-2022-32254 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). A customized HTTP POST request could force the application to write the status of a given user to a log file,... | 4.3 | MEDIUM | β | 0 |
| CVE-2022-32255 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application consists of a web service that lacks proper access control for some of the endpoints... | 5.3 | MEDIUM | β | 0 |
| CVE-2022-32256 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application consists of a web service that lacks proper access control for some of the endpoints... | 4.3 | MEDIUM | β | 0 |
| CVE-2022-32258 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains an older feature that allows to import device configurations via a specific... | 5.3 | MEDIUM | β | 0 |
| CVE-2022-32259 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The system images for installation or update of the affected application contain unit test scripts with sensi... | 6.5 | MEDIUM | β | 0 |
| CVE-2022-32260 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). The affected application creates temporary user credentials for UMC (User Management Component) users. An... | 6.5 | MEDIUM | β | 0 |
| CVE-2022-32261 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a misconfiguration in the APT update. This could allow an attacker to add i... | 5.3 | MEDIUM | β | 0 |
| CVE-2024-42410 Improper input validation in some Intel(R) Graphics Drivers may allow an authenticated user to potentially enable denial of service via local access. | 6.5 | MEDIUM | β | 0 |
| CVE-2022-32262 A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). The affected application contains a file upload server that is vulnerable to command injection. An attacker c... | 8.8 | HIGH | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.