Export limit exceeded: 29888 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29888 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-33879 | 1 Apache | 1 Tika | 2024-11-21 | 3.3 Low |
| The initial fixes in CVE-2022-30126 and CVE-2022-30973 for regexes in the StandardsExtractingContentHandler were insufficient, and we found a separate, new regex DoS in a different regex in the StandardsExtractingContentHandler. These are now fixed in 1.28.4 and 2.4.1. | ||||
| CVE-2022-33734 | 1 Samsung | 1 Charm | 2024-11-21 | 6.2 Medium |
| Sensitive information exposure in onCharacteristicChanged in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. | ||||
| CVE-2022-33733 | 1 Samsung | 1 Charm | 2024-11-21 | 6.2 Medium |
| Sensitive information exposure in onCharacteristicRead in Charm by Samsung prior to version 1.2.3 allows attacker to get bluetooth connection information without permission. | ||||
| CVE-2022-33732 | 1 Google | 1 Android | 2024-11-21 | 6.2 Medium |
| Improper access control vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows local attackers to scan and connect to PC by unprotected binder call. | ||||
| CVE-2022-33731 | 1 Google | 1 Android | 2024-11-21 | 5.1 Medium |
| Improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1 allows attackers to enable and disable arbitrary components. | ||||
| CVE-2022-33721 | 1 Google | 1 Android | 2024-11-21 | 4.4 Medium |
| A vulnerability using PendingIntent in DeX for PC prior to SMR Aug-2022 Release 1 allows attackers to access files with system privilege. | ||||
| CVE-2022-33718 | 1 Google | 1 Android | 2024-11-21 | 6.2 Medium |
| An improper access control vulnerability in Wi-Fi Service prior to SMR AUG-2022 Release 1 allows untrusted applications to manipulate the list of apps that can use mobile data. | ||||
| CVE-2022-33715 | 1 Google | 1 Android | 2024-11-21 | 5.3 Medium |
| Improper access control and path traversal vulnerability in LauncherProvider prior to SMR Aug-2022 Release 1 allow local attacker to access files of One UI. | ||||
| CVE-2022-33714 | 1 Google | 1 Android | 2024-11-21 | 6.2 Medium |
| Improper access control vulnerability in SemWifiApBroadcastReceiver prior to SMR Aug-2022 Release 1 allows attacker to reset a setting value related to mobile hotspot. | ||||
| CVE-2022-33713 | 1 Samsung | 1 Cloud | 2024-11-21 | 7.5 High |
| Implicit Intent hijacking vulnerability in Samsung Cloud prior to version 5.2.0 allows attacker to get sensitive information. | ||||
| CVE-2022-33706 | 1 Samsung | 1 Samsung Gallery | 2024-11-21 | 2.4 Low |
| Improper access control vulnerability in Samsung Gallery prior to version 13.1.05.8 allows physical attackers to access the pictures using S Pen air gesture. | ||||
| CVE-2022-33705 | 1 Samsung | 1 Calendar | 2024-11-21 | 3.3 Low |
| Information exposure in Calendar prior to version 12.3.05.10000 allows attacker to access calendar schedule without READ_CALENDAR permission. | ||||
| CVE-2022-33702 | 1 Google | 1 Android | 2024-11-21 | 6.2 Medium |
| Improper authorization vulnerability in Knoxguard prior to SMR Jul-2022 Release 1 allows local attacker to disable keyguard and bypass Knoxguard lock by factory reset. | ||||
| CVE-2022-33701 | 1 Google | 1 Android | 2024-11-21 | 3.3 Low |
| Improper access control vulnerability in KnoxCustomManagerService prior to SMR Jul-2022 Release 1 allows attacker to call PowerManaer.goToSleep method which is protected by system permission by sending braodcast intent. | ||||
| CVE-2022-33689 | 1 Google | 1 Android | 2024-11-21 | 6.2 Medium |
| Improper access control vulnerability in TelephonyUI prior to SMR Jul-2022 Release 1 allows attackers to change preferred network type by unprotected binder call. | ||||
| CVE-2022-33685 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Unprotected dynamic receiver in Wearable Manager Service prior to SMR Jul-2022 Release 1 allows attacker to launch arbitray activity and access senstive information. | ||||
| CVE-2022-33311 | 1 Cybozu | 1 Office | 2024-11-21 | 4.3 Medium |
| Browse restriction bypass vulnerability in Address Book of Cybozu Office 10.0.0 to 10.8.5 allows a remote authenticated attacker to obtain the data of Address Book via unspecified vectors. | ||||
| CVE-2022-33243 | 1 Qualcomm | 314 Apq8096au, Apq8096au Firmware, Aqt1000 and 311 more | 2024-11-21 | 8.4 High |
| Memory corruption due to improper access control in Qualcomm IPC. | ||||
| CVE-2022-33173 | 1 Couchbase | 1 Couchbase Server | 2024-11-21 | 7.5 High |
| An algorithm-downgrade issue was discovered in Couchbase Server before 7.0.4. Analytics Remote Links may temporarily downgrade to non-TLS connection to determine the TLS port number, using SCRAM-SHA instead. | ||||
| CVE-2022-33172 | 1 Bund | 1 De.fac2 | 2024-11-21 | 5.5 Medium |
| de.fac2 1.34 allows bypassing the User Presence protection mechanism when there is malware on the victim's PC. | ||||