Page(s) : 1 2 3 4 5 6 7 8 9 10 11 [12] 13 14 15 16 17 18 19 20 21 22 ... | Result(s) : 231460 |
Alerts
DATE | NAME | CATEGORIES | DETAIL | |
---|---|---|---|---|
N/A | 2023-01-26 | CVE-2022-20456 | cve | In AutomaticZenRule of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of priv... |
N/A | 2023-01-26 | CVE-2022-20458 | cve | The logs of sensitive information (PII) or hardware identifier should only be printed in Android "userdebug" or "eng" build. StatusBarNotification.getKey() could contain sensiti... |
N/A | 2023-01-26 | CVE-2022-20461 | cve | In pinReplyNative of com_android_bluetooth_btservice_AdapterService.cpp, there is a possible out of bounds read due to type confusion. This could lead to local escalation of pri... |
N/A | 2023-01-26 | CVE-2022-20489 | cve | In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privil... |
N/A | 2023-01-26 | CVE-2022-20490 | cve | In multiple functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of pr... |
N/A | 2023-01-26 | CVE-2022-20492 | cve | In many functions of AutomaticZenRule.java, there is a possible failure to persist permissions settings due to resource exhaustion. This could lead to local escalation of privil... |
N/A | 2023-01-26 | CVE-2022-20493 | cve | In Condition of Condition.java, there is a possible way to grant notification access due to improper input validation. This could lead to local escalation of privilege with no a... |
N/A | 2023-01-26 | CVE-2022-20494 | cve | In AutomaticZenRule of AutomaticZenRule.java, there is a possible persistent DoS due to resource exhaustion. This could lead to local denial of service with no additional execut... |
N/A | 2023-01-26 | CVE-2022-21192 | cve | All versions of the package serve-lite are vulnerable to Directory Traversal due to missing input sanitization or other checks and protections employed to the req.url passed as-... |
N/A | 2023-01-26 | CVE-2022-21810 | cve | All versions of the package smartctl are vulnerable to Command Injection via the info method due to improper input sanitization. |
N/A | 2023-01-26 | CVE-2022-22462 | cve | IBM Security Verify Governance, Identity Manager virtual appliance component 10.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt hi... |
N/A | 2023-01-26 | CVE-2022-25350 | cve | All versions of the package puppet-facter are vulnerable to Command Injection via the getFact function due to improper input sanitization. |
N/A | 2023-01-26 | CVE-2022-25847 | cve | All versions of the package serve-lite are vulnerable to Cross-site Scripting (XSS) because when it detects a request to a directory, it renders a file listing of all of its con... |
N/A | 2023-01-26 | CVE-2022-25860 | cve | Versions of the package simple-git before 3.16.0 are vulnerable to Remote Code Execution (RCE) via the clone(), pull(), push() and listRemote() methods, due to improper input sa... |
N/A | 2023-01-26 | CVE-2022-25882 | cve | Versions of the package onnx before 1.13.0 are vulnerable to Directory Traversal as the external_data field of the tensor proto can have a path to the file which is outside the ... |
N/A | 2023-01-26 | CVE-2022-25894 | cve | All versions of the package com.bstek.uflo:uflo-core are vulnerable to Remote Code Execution (RCE) in the ExpressionContextImpl class via jexl.createExpression(expression).evalu... |
N/A | 2023-01-26 | CVE-2022-25908 | cve | All versions of the package create-choo-electron are vulnerable to Command Injection via the devInstall function due to improper user-input sanitization. |
N/A | 2023-01-26 | CVE-2022-25927 | cve | Versions of the package ua-parser-js from 0.7.30 and before 0.7.33, from 0.8.1 and before 1.0.33 are vulnerable to Regular Expression Denial of Service (ReDoS) via the trim() fu... |
N/A | 2023-01-26 | CVE-2022-25962 | cve | All versions of the package vagrant.js are vulnerable to Command Injection via the boxAdd function due to improper input sanitization. |
N/A | 2023-01-26 | CVE-2022-26329 | cve | File existence disclosure vulnerability in NetIQ Identity Manager plugin prior to version 4.8.5 allows attacker to determine whether a file exists on the filesystem. This issue ... |
Page(s) : 1 2 3 4 5 6 7 8 9 10 11 [12] 13 14 15 16 17 18 19 20 21 22 ... | Result(s) : 231460 |