Skip to content
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Toggle Navigation
Kit ISO 27001
Ingeniería y Consultoría
Recursos
ISO 27001
ISO 27001 – GAP Analysis Tool
Ciberseguridad
Vulnerabilidades CVE
Blog
Contacto
Obtener el Toolkit
Vulnerabilidades CVE
Vulnerabilidades CVE
drmunozcl
2025-06-04T18:44:58-04:00
Vulnerabilidades CVE
A continuación la lista de las últimas vulnerabilidades publicadas por el instituto NIST:
Severidad:
Todas
NONE
LOW
MEDIUM
HIGH
CRITICAL
UNKNOWN
CVE:
Aplicar
Borrar filtros
CVE ID
Publicado
Severidad
CVSS
Descripción
CVE-2022-41348
2022-10-12
MEDIUM
6.1
An issue was discovered in Zimbra Collaboration (ZCS) 9.0. XSS can occur via the onerror attribute of an IMG element, leading to information disclosure.
CVE-2022-40871
2022-10-12
CRITICAL
9.8
Dolibarr ERP & CRM
CVE-2022-39120
2022-10-14
MEDIUM
5.5
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
CVE-2022-39113
2022-10-14
MEDIUM
5.5
In Music service, there is a missing permission check. This could lead to local denial of service in Music service with no additional execution privileges needed.
CVE-2022-40187
2022-10-13
HIGH
8.0
Foresight GC3 Launch Monitor 1.3.15.68 ships with a Target Communication Framework (TCF) service enabled. This service listens on a TCP port on all interfaces and allows for process…
CVE-2022-40664
2022-10-12
CRITICAL
9.8
Apache Shiro before 1.10.0, Authentication Bypass Vulnerability in Shiro when forwarding or including via RequestDispatcher.
CVE-2022-40469
2022-10-12
HIGH
8.8
iKuai OS v3.6.7 was discovered to contain an authenticated remote code execution (RCE) vulnerability.
CVE-2022-39109
2022-10-14
HIGH
7.8
In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.
CVE-2022-39108
2022-10-14
HIGH
7.8
In Music service, there is a missing permission check. This could lead to elevation of privilege in Music service with no additional execution privileges needed.
CVE-2022-39107
2022-10-14
HIGH
7.8
In Soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in Soundrecorder service with no additional execution privileges needed.
CVE-2022-39105
2022-10-14
MEDIUM
5.5
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
CVE-2022-39103
2022-10-14
MEDIUM
5.5
In Gallery service, there is a missing permission check. This could lead to local denial of service in Gallery service with no additional execution privileges needed.
CVE-2022-39080
2022-10-14
HIGH
7.8
In messaging service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.
CVE-2022-39064
2022-10-14
HIGH
8.1
An attacker sending a single malformed IEEE 802.15.4 (Zigbee) frame makes the TRÅDFRI bulb blink, and if they replay (i.e. resend) the same frame multiple times, the bulb…
CVE-2022-39011
2022-10-14
HIGH
7.5
The HISP module has a vulnerability of bypassing the check of the data transferred in the kernel space.Successful exploitation of this vulnerability may cause unauthorized access to the…
CVE-2022-38998
2022-10-14
HIGH
7.5
The HISP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality.
CVE-2022-38985
2022-10-14
HIGH
7.5
The facial recognition module has a vulnerability in input validation.Successful exploitation of this vulnerability may affect data confidentiality.
CVE-2022-38984
2022-10-14
HIGH
7.5
The HIPP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality.
CVE-2022-38983
2022-10-14
CRITICAL
9.8
The BT Hfp Client module has a Use-After-Free (UAF) vulnerability.Successful exploitation of this vulnerability may result in arbitrary code execution.
CVE-2022-38698
2022-10-14
HIGH
7.8
In messaging service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.
CVE-2022-38697
2022-10-14
MEDIUM
5.5
In messaging service, there is a missing permission check. This could lead to access unexpected provider in contacts service with no additional execution privileges needed.
CVE-2022-38982
2022-10-14
CRITICAL
9.8
The fingerprint module has service logic errors.Successful exploitation of this vulnerability will cause the phone lock to be cracked.
CVE-2022-38981
2022-10-14
HIGH
7.5
The HwAirlink module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause information leakage.
CVE-2022-38980
2022-10-14
CRITICAL
9.8
The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions.
CVE-2022-38977
2022-10-14
HIGH
7.5
The HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data.
CVE-2022-38690
2022-10-14
MEDIUM
5.5
In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel.
CVE-2022-38689
2022-10-14
MEDIUM
5.5
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
CVE-2022-38688
2022-10-14
MEDIUM
5.5
In telephony service, there is a missing permission check. This could lead to local information disclosure with no additional execution privileges needed.
CVE-2022-38687
2022-10-14
MEDIUM
5.5
In messaging service, there is a missing permission check. This could lead to local denial of service in messaging service with no additional execution privileges needed.
CVE-2022-38679
2022-10-14
MEDIUM
5.5
In music service, there is a missing permission check. This could lead to local denial of service in music service with no additional execution privileges needed.
CVE-2022-38677
2022-10-14
MEDIUM
5.5
In cell service, there is a missing permission check. This could lead to local denial of service in cell service with no additional execution privileges needed.
CVE-2022-38676
2022-10-14
MEDIUM
5.5
In gpu driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
CVE-2022-38673
2022-10-14
MEDIUM
5.5
In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
CVE-2022-38672
2022-10-14
MEDIUM
5.5
In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
CVE-2022-38669
2022-10-14
HIGH
7.8
In soundrecorder service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.
CVE-2022-37614
2022-10-12
CRITICAL
9.8
Prototype pollution vulnerability in function enable in mockery.js in mfncooper mockery commit 822f0566fd6d72af8c943ae5ca2aa92e516aa2cf via the key variable in mockery.js.
CVE-2022-37603
2022-10-14
HIGH
7.5
A Regular expression denial of service (ReDoS) flaw was found in Function interpolateName in interpolateName.js in webpack loader-utils 2.0.0 via the url variable in interpolateName.js.
CVE-2022-35059
2022-10-14
MEDIUM
6.5
OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0414.
CVE-2022-37602
2022-10-14
CRITICAL
9.8
Prototype pollution vulnerability in karma-runner grunt-karma 4.0.1 via the key variable in grunt-karma.js.
CVE-2022-37611
2022-10-12
CRITICAL
9.8
Prototype pollution vulnerability in tschaub gh-pages 3.1.0 via the partial variable in util.js.
CVE-2022-35058
2022-10-14
MEDIUM
6.5
OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b05ce.
CVE-2022-35056
2022-10-14
MEDIUM
6.5
OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b0478.
CVE-2022-35055
2022-10-14
MEDIUM
6.5
OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6c0473.
CVE-2022-35054
2022-10-14
MEDIUM
6.5
OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6171b2.
CVE-2022-35053
2022-10-14
MEDIUM
6.5
OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x61731f.
CVE-2022-32931
2024-01-10
MEDIUM
5.5
This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. An app with root privileges may be able to access private information.
CVE-2022-2985
2022-10-14
HIGH
7.8
In music service, there is a missing permission check. This could lead to elevation of privilege in contacts service with no additional execution privileges needed.
CVE-2022-2984
2022-10-14
MEDIUM
5.5
In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
CVE-2022-35052
2022-10-14
MEDIUM
6.5
OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b84b1.
CVE-2022-25661
2022-10-19
HIGH
8.4
Memory corruption due to untrusted pointer dereference in kernel in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
« Anterior
Página 1225 de 4311
Siguiente »
Page load link
Go to Top
