CVE漏洞

OStack程序员社区-中国程序员成长平台 › 门户 › 漏洞›CVE漏洞

RSS

CVE-2022-20026

In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction i ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：70 | 回复：0
CVE-2022-20027

In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction i ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：62 | 回复：0
CVE-2022-20028

In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction i ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：101 | 回复：0
CVE-2022-20029

In cmdq driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is no ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：145 | 回复：0
CVE-2022-20030

In vow driver, there is a possible out of bounds write due to a stack-based buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：84 | 回复：0
CVE-2022-20031

In fb driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not ne ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：58 | 回复：0
CVE-2022-20032

In vow driver, there is a possible memory corruption due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed fo ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：48 | 回复：0
CVE-2022-20033

In camera driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：51 | 回复：0
CVE-2022-20034

In Preloader XFLASH, there is a possible escalation of privilege due to an improper certificate validation. This could lead to local escalation of privilege for an attacker who has physical access to ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：35 | 回复：0
CVE-2022-20035

In vcu driver, there is a possible information disclosure due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not nee ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：33 | 回复：0
CVE-2022-20036

In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interac ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：30 | 回复：0
CVE-2022-20037

In ion driver, there is a possible information disclosure due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interac ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：23 | 回复：0
CVE-2022-20038

In ccu driver, there is a possible memory corruption due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：25 | 回复：0
CVE-2022-20039

In ccu driver, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not neede ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：28 | 回复：0
CVE-2022-20040

In power_hal_manager_service, there is a possible permission bypass due to a stack-based buffer overflow. This could lead to local escalation of privilege with no additional execution privileges neede ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：23 | 回复：0
CVE-2022-20041

In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User inter ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：28 | 回复：0
CVE-2022-20042

In Bluetooth, there is a possible information disclosure due to incorrect error handling. This could lead to local information disclosure with no additional execution privileges needed. User interacti ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：24 | 回复：0
CVE-2022-20043

In Bluetooth, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User inter ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：20 | 回复：0
CVE-2022-20044

In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：25 | 回复：0
CVE-2022-20045

In Bluetooth, there is a possible service crash due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：24 | 回复：0
CVE-2022-20046

In Bluetooth, there is a possible memory corruption due to a logic error. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：23 | 回复：0
CVE-2022-21133

Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：26 | 回复：0
CVE-2022-21153

Improper access control in the Intel(R) Capital Global Summit Android application may allow an authenticated user to potentially enable information disclosure via local access.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：25 | 回复：0
CVE-2022-21156

Access of uninitialized pointer in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable denial of service via local access.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：23 | 回复：0
CVE-2022-21157

Improper access control in the Intel(R) Smart Campus Android application before version 6.1 may allow authenticated user to potentially enable information disclosure via local access.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：29 | 回复：0
CVE-2022-21174

Improper access control in a third-party component of Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：35 | 回复：0
CVE-2022-21203

Improper permissions in the SafeNet Sentinel driver for Intel(R) Quartus(R) Prime Standard Edition before version 21.1 may allow an authenticated user to potentially enable escalation of privilege via ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：24 | 回复：0
CVE-2022-21204

Improper permissions for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：22 | 回复：0
CVE-2022-21205

Improper restriction of XML external entity reference in DSP Builder Pro for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an unauthenticated user to potentially enable informati ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：42 | 回复：0
CVE-2022-21218

Uncaught exception in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：39 | 回复：0
CVE-2022-21220

Improper restriction of XML external entity for Intel(R) Quartus(R) Prime Pro Edition before version 21.3 may allow an authenticated user to potentially enable escalation of privilege via local access ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：46 | 回复：0
CVE-2022-21226

Out-of-bounds read in the Intel(R) Trace Analyzer and Collector before version 2021.5 may allow an authenticated user to potentially enable information disclosure via local access.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：33 | 回复：0
CVE-2022-21825

An Improper Access Control vulnerability exists in Citrix Workspace App for Linux 2012 - 2111 with App Protection installed that can allow an attacker to perform local privilege escalation.……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：25 | 回复：0
CVE-2022-22528

SAP Adaptive Server Enterprise (ASE) - version 16.0, installation makes an entry in the system PATH environment variable in Windows platform which, under certain conditions, allows a Standard User to ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：21 | 回复：0
CVE-2022-22532

In SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an unauthenticated attacker could submit a crafted HTTP ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：28 | 回复：0
CVE-2022-22533

Due to improper error handling in SAP NetWeaver Application Server Java - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC, 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, an attacker could submit ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：24 | 回复：0
CVE-2022-22534

Due to insufficient encoding of user input, SAP NetWeaver allows an unauthenticated attacker to inject code that may expose sensitive data like user ID and password. These endpoints are normally expos ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：14 | 回复：0
CVE-2022-22535

SAP ERP HCM Portugal - versions 600, 604, 608, does not perform necessary authorization checks for a report that reads the payroll data of employees in a certain area. Since the affected report only r ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：14 | 回复：0
CVE-2022-22536

SAP NetWeaver Application Server ABAP, SAP NetWeaver Application Server Java, ABAP Platform, SAP Content Server 7.53 and SAP Web Dispatcher are vulnerable for request smuggling and request concatenati ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：14 | 回复：0
CVE-2022-22537

When a user opens a manipulated Tagged Image File Format (.tiff, 2d.x3d)) received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporar ...……

作者：菜鸟教程小白 | 时间：2022-6-23 08:28 | 阅读：12 | 回复：0