Search

Search Results (364935 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-39134 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-24 4.7 Medium
In audio driver, there is a use after free due to a race condition. This could lead to local denial of service in kernel.
CVE-2022-39133 2 Google, Unisoc 14 Android, S8022, Sc7731e and 11 more 2025-04-24 5.5 Medium
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
CVE-2022-39132 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-24 5.5 Medium
In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
CVE-2022-39131 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-24 5.5 Medium
In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel.
CVE-2022-39130 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-24 5.5 Medium
In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
CVE-2022-39129 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-24 5.5 Medium
In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
CVE-2022-39106 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-24 5.5 Medium
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
CVE-2022-39102 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-24 7.8 High
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
CVE-2022-39101 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-24 7.8 High
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
CVE-2022-39100 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-24 7.8 High
In power management service, there is a missing permission check. This could lead to set up power management service with no additional execution privileges needed.
CVE-2022-35259 1 Ivanti 1 Endpoint Manager 2025-04-24 7.8 High
XML Injection with Endpoint Manager 2022. 3 and below causing a download of a malicious file to run and possibly execute to gain unauthorized privileges.
CVE-2022-27773 1 Ivanti 1 Endpoint Manager 2025-04-24 9.8 Critical
A privilege escalation vulnerability is identified in Ivanti EPM (LANDesk Management Suite) that allows a user to execute commands with elevated privileges.
CVE-2021-39434 1 Zkteco 1 Zktime 2025-04-24 7.5 High
A default username and password for an administrator account was discovered in ZKTeco ZKTime 10.0 through 11.1.0, builds 20180901, 20190510.1, 20200309.3, 20200930, 20201231, and 20210220.
CVE-2021-34181 1 Tomexam 1 Tomexam 2025-04-24 6.1 Medium
Cross Site Scripting (XSS) vulnerability in TomExam 3.0 via p_name parameter to list.thtml.
CVE-2025-29458 1 Mybb 1 Mybb 2025-04-24 7.6 High
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Change Avatar function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation.
CVE-2025-29457 1 Mybb 1 Mybb 2025-04-24 7.6 High
An issue in MyBB 1.8.38 allows a remote attacker to obtain sensitive information via the Import a Theme function. NOTE: the Supplier disputes this because of the allowed actions of Board administrators and because of SSRF mitigation.
CVE-2022-46089 2 Oretnom23, Sourcecodester 2 Online Flight Booking Management System, Online Flight Booking Management System 2025-04-24 6.1 Medium
Cross Site Scripting (XSS) vulnerability in the add-airline form of Online Flight Booking Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the airline parameter.
CVE-2022-43880 1 Ibm 1 Qradar Wincollect 2025-04-24 4.4 Medium
IBM QRadar WinCollect Agent 10.0 through 10.1.2 could allow a privileged user to cause a denial of service. IBM X-Force ID: 240151.
CVE-2022-36029 1 Bigbluebutton 1 Greenlight 2025-04-24 9.1 Critical
Greenlight is an end-user interface for BigBlueButton servers. Versions prior to 2.13.0 have an open redirect vulnerability in the Login page due to unchecked the value of the `return_to` cookie. Versions 2.13.0 contains a patch for the issue.
CVE-2022-36028 1 Bigbluebutton 1 Greenlight 2025-04-24 9.1 Critical
Greenlight is an end-user interface for BigBlueButton servers. Versions prior to 2.13.0 have an open redirect vulnerability in the Login page due to unchecked the value of the `return_to` cookie. Versions 2.13.0 contains a patch for the issue.