Total
1761 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-22008 | 1 Microsoft | 7 Windows 10, Windows 11, Windows 8.1 and 4 more | 2024-11-21 | 6.9 MEDIUM | 7.8 HIGH |
| Windows Hyper-V Remote Code Execution Vulnerability | |||||
| CVE-2022-21975 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Server and 3 more | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| Windows Hyper-V Denial of Service Vulnerability | |||||
| CVE-2022-21896 | 1 Microsoft | 4 Windows 10, Windows 11, Windows Server and 1 more | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| Windows DWM Core Library Elevation of Privilege Vulnerability | |||||
| CVE-2022-21881 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Server and 3 more | 2024-11-21 | 7.2 HIGH | 7.0 HIGH |
| Windows Kernel Elevation of Privilege Vulnerability | |||||
| CVE-2022-21789 | 2 Google, Mediatek | 21 Android, Mt6779, Mt6781 and 18 more | 2024-11-21 | N/A | 6.4 MEDIUM |
| In audio ipi, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06478101; Issue ID: ALPS06478101. | |||||
| CVE-2022-21776 | 2 Google, Mediatek | 44 Android, Mt6580, Mt6739 and 41 more | 2024-11-21 | 4.4 MEDIUM | 6.4 MEDIUM |
| In MDP, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545450; Issue ID: ALPS06545450. | |||||
| CVE-2022-21774 | 2 Google, Mediatek | 17 Android, Mt6761, Mt6765 and 14 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In TEEI driver, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06641447; Issue ID: ALPS06641447. | |||||
| CVE-2022-21773 | 2 Google, Mediatek | 35 Android, Mt6580, Mt6735 and 32 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In TEEI driver, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06641388; Issue ID: ALPS06641388. | |||||
| CVE-2022-21772 | 2 Google, Mediatek | 21 Android, Mt6761, Mt6765 and 18 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In TEEI driver, there is a possible type confusion due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06493842; Issue ID: ALPS06493842. | |||||
| CVE-2022-21771 | 2 Google, Mediatek | 28 Android, Mt6580, Mt6735 and 25 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| In GED driver, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06641585; Issue ID: ALPS06641585. | |||||
| CVE-2022-20724 | 1 Cisco | 4 Cgr1000 Compute Module, Ic3000 Industrial Compute Gateway, Ios and 1 more | 2024-11-21 | 7.6 HIGH | 5.5 MEDIUM |
| Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco platforms could allow an attacker to inject arbitrary commands into the underlying host operating system, execute arbitrary code on the underlying host operating system, install applications without being authenticated, or conduct a cross-site scripting (XSS) attack against a user of the affected software. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2022-20373 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.4 MEDIUM |
| In st21nfc_loc_set_polaritymode of fc/st21nfc.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-208269510References: N/A | |||||
| CVE-2022-20344 | 1 Google | 1 Android | 2024-11-21 | N/A | 7.0 HIGH |
| In stealReceiveChannel of EventThread.cpp, there is a possible way to interfere with process communication due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-232541124 | |||||
| CVE-2022-20256 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.4 MEDIUM |
| In the Audio HAL, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-222572821 | |||||
| CVE-2022-20155 | 1 Google | 1 Android | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| In ipu_core_jqs_msg_transport_kernel_write_sync of ipu-core-jqs-msg-transport.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-176754369References: N/A | |||||
| CVE-2022-20154 | 1 Google | 1 Android | 2024-11-21 | 4.4 MEDIUM | 6.4 MEDIUM |
| In lock_sock_nested of sock.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-174846563References: Upstream kernel | |||||
| CVE-2022-20148 | 1 Google | 1 Android | 2024-11-21 | 6.9 MEDIUM | 6.4 MEDIUM |
| In TBD of TBD, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-219513976References: Upstream kernel | |||||
| CVE-2022-20141 | 1 Google | 1 Android | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| In ip_check_mc_rcu of igmp.c, there is a possible use after free due to improper locking. This could lead to local escalation of privilege when opening and closing inet sockets with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-112551163References: Upstream kernel | |||||
| CVE-2022-20118 | 1 Google | 1 Android | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
| In ion_ioctl and related functions of ion.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-205707793References: N/A | |||||
| CVE-2022-20097 | 2 Google, Mediatek | 45 Android, Mt6580, Mt6739 and 42 more | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| In aee daemon, there is a possible information disclosure due to a race condition. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06383944; Issue ID: ALPS06383944. | |||||