Total
12074 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-46693 | 1 Apple | 6 Icloud, Ipados, Iphone Os and 3 more | 2025-04-21 | N/A | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in tvOS 16.2, iCloud for Windows 14.1, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing a maliciously crafted file may lead to arbitrary code execution. | |||||
| CVE-2022-46691 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-04-21 | N/A | 8.8 HIGH |
| A memory consumption issue was addressed with improved memory handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2022-46393 | 2 Arm, Fedoraproject | 2 Mbed Tls, Fedora | 2025-04-21 | N/A | 9.8 CRITICAL |
| An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX. | |||||
| CVE-2022-42850 | 1 Apple | 2 Ipados, Iphone Os | 2025-04-21 | N/A | 7.8 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-42847 | 1 Apple | 1 Macos | 2025-04-21 | N/A | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Ventura 13.1. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-42845 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-04-21 | N/A | 7.2 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.2, macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. An app with root privileges may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-46700 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-04-21 | N/A | 8.8 HIGH |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2022-46699 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-04-21 | N/A | 8.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2022-46697 | 1 Apple | 1 Macos | 2025-04-21 | N/A | 7.8 HIGH |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.1. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-46696 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-04-21 | N/A | 8.8 HIGH |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2022-46690 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-04-21 | N/A | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1, tvOS 16.2, watchOS 9.2. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-20564 | 1 Google | 1 Android | 2025-04-21 | N/A | 6.7 MEDIUM |
| In _ufdt_output_strtab_to_fdt of ufdt_convert.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243798789References: N/A | |||||
| CVE-2022-20546 | 1 Google | 1 Android | 2025-04-21 | N/A | 6.7 MEDIUM |
| In getCurrentConfigImpl of Effect.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-240266798 | |||||
| CVE-2022-20526 | 1 Google | 1 Android | 2025-04-21 | N/A | 3.3 LOW |
| In CanvasContext::draw of CanvasContext.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-229742774 | |||||
| CVE-2022-20509 | 1 Google | 1 Android | 2025-04-21 | N/A | 6.7 MEDIUM |
| In mapGrantorDescr of MessageQueueBase.h, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-244713317 | |||||
| CVE-2022-20569 | 1 Google | 1 Android | 2025-04-21 | N/A | 6.7 MEDIUM |
| In thermal_cooling_device_stats_update of thermal_sysfs.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-229258234References: N/A | |||||
| CVE-2017-2928 | 5 Adobe, Apple, Google and 2 more | 7 Flash Player, Mac Os X, Chrome Os and 4 more | 2025-04-20 | 9.3 HIGH | 8.8 HIGH |
| Adobe Flash Player versions 24.0.0.186 and earlier have an exploitable memory corruption vulnerability related to setting visual mode effects. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-6438 | 1 Libplist Project | 1 Libplist | 2025-04-20 | 4.4 MEDIUM | 7.3 HIGH |
| Heap-based buffer overflow in the parse_unicode_node function in bplist.c in libimobiledevice libplist 1.12 allows local users to cause a denial of service (out-of-bounds write) and possibly code execution via a crafted plist file. | |||||
| CVE-2016-7392 | 1 Autotrace Project | 1 Autotrace | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| Heap-based buffer overflow in the pstoedit_suffix_table_init function in output-pstoedit.c in AutoTrace 0.31.1 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted bmp image file. | |||||
| CVE-2016-5209 | 1 Google | 1 Chrome | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
| Bad casting in bitmap manipulation in Blink in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||