CVE & Exploit Intelligence Database

CVE-2022-39886 5.9 MEDIUM EPSS 0.00

Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022 Release 1 allows local attacker to access Device information.

CWE-755 Nov 09, 2022

CVE-2022-39885 5.9 MEDIUM EPSS 0.00

Improper access control vulnerability in BootCompletedReceiver_CMCC in DeviceManagement prior to SMR Nov-2022 Release 1 allows local attacker to access to Device information.

CWE-755 Nov 09, 2022

CVE-2022-20414 5.5 MEDIUM EPSS 0.00

In setImpl of AlarmManagerService.java, there is a possible way to put a device into a boot loop due to an uncaught exception. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-234441463

CWE-755 Nov 08, 2022

CVE-2022-35268 7.5 HIGH EPSS 0.00

A denial of service vulnerability exists in the web_server hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the `/action/import_sdk_file/` API.

CWE-755 Oct 25, 2022

CVE-2022-3279 2.7 LOW EPSS 0.01

An unhandled exception in job log parsing in GitLab CE/EE affecting all versions prior to 15.2.5, 15.3 prior to 15.3.4, and 15.4 prior to 15.4.1 allows an attacker to prevent access to job logs

CWE-755 Oct 17, 2022

CVE-2022-39271 7.5 HIGH EPSS 0.00

Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer that assists in deploying microservices. There is a potential vulnerability in Traefik managing HTTP/2 connections. A closing HTTP/2 server connection could hang forever because of a subsequent fatal error. This failure mode could be exploited to cause a denial of service. There has been a patch released in versions 2.8.8 and 2.9.0-rc5. There are currently no known workarounds.

CWE-755 Oct 11, 2022

CVE-2022-33748 5.6 MEDIUM EPSS 0.00

lock order inversion in transitive grant copy handling As part of XSA-226 a missing cleanup call was inserted on an error handling path. While doing so, locking requirements were not paid attention to. As a result two cooperating guests granting each other transitive grants can cause locks to be acquired nested within one another, but in respectively opposite order. With suitable timing between the involved grant copy operations this may result in the locking up of a CPU.

CWE-755 Oct 11, 2022

CVE-2022-20920 7.7 HIGH EPSS 0.01

A vulnerability in the SSH implementation of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. This vulnerability is due to improper handling of resources during an exceptional situation. An attacker could exploit this vulnerability by continuously connecting to an affected device and sending specific SSH requests. A successful exploit could allow the attacker to cause the affected device to reload.

CWE-755 Oct 10, 2022

CVE-2022-39872 5.9 MEDIUM EPSS 0.00

Improper restriction of broadcasting Intent in ShareLive prior to version 13.2.03.5 leaks MAC address of the connected Bluetooth device.

CWE-755 Oct 07, 2022

CVE-2022-33887 7.8 HIGH EPSS 0.00

A maliciously crafted PDF file when parsed through Autodesk AutoCAD 2023 causes an unhandled exception. An attacker can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process.

CWE-755 Oct 03, 2022

CVE-2022-33886 7.8 HIGH EPSS 0.00

A maliciously crafted MODEL and SLDPRT file can be used to write beyond the allocated buffer while parsing through Autodesk AutoCAD 2023, 2022, 2021, 2020, and Maya 2023 and 2022. The vulnerability exists because the application fails to handle crafted MODEL and SLDPRT files, which causes an unhandled exception. A malicious actor could leverage this vulnerability to execute arbitrary code.

CWE-755 Oct 03, 2022

CVE-2022-20919 8.6 HIGH EPSS 0.01

A vulnerability in the processing of malformed Common Industrial Protocol (CIP) packets that are sent to Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to unexpectedly reload, resulting in a denial of service (DoS) condition. This vulnerability is due to insufficient input validation during processing of CIP packets. An attacker could exploit this vulnerability by sending a malformed CIP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to unexpectedly reload, resulting in a DoS condition.

CWE-755 Sep 30, 2022

CVE-2022-35295 4.9 MEDIUM EPSS 0.01

In SAP Host Agent (SAPOSCOL) - version 7.22, an attacker may use files created by saposcol to escalate privileges for themselves.

CWE-755 Sep 13, 2022

CVE-2022-3175 5.3 MEDIUM 1 Writeup EPSS 0.00

Missing Custom Error Page in GitHub repository ikus060/rdiffweb prior to 2.4.2.

CWE-756 Sep 13, 2022

CVE-2022-36874 5.9 MEDIUM EPSS 0.00

Improper Handling of Insufficient Permissions or Privileges vulnerability in Waterplugin prior to 2.2.11.22040751 allows attacker to access device IMEI and Serial number.

CWE-755 Sep 09, 2022

CVE-2022-32264 7.5 HIGH EPSS 0.01

sys/netinet/tcp_timer.h in FreeBSD before 7.0 contains a denial-of-service (DoS) vulnerability due to improper handling of TSopt on TCP connections. NOTE: This vulnerability only affects products that are no longer supported by the maintainer

CWE-755 Sep 06, 2022

CVE-2022-31152 6.4 MEDIUM EPSS 0.01

Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. The Matrix specification specifies a list of [event authorization rules](https://spec.matrix.org/v1.2/rooms/v9/#authorization-rules) which must be checked when determining if an event should be accepted into a room. In versions of Synapse up to and including version 1.61.0, some of these rules are not correctly applied. An attacker could craft events which would be accepted by Synapse but not a spec-conformant server, potentially causing divergence in the room state between servers. Administrators of homeservers with federation enabled are advised to upgrade to version 1.62.0 or higher. Federation can be disabled by setting [`federation_domain_whitelist`](https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html#federation_domain_whitelist) to an empty list (`[]`) as a workaround.

CWE-755 Sep 02, 2022

CVE-2022-34368 6.1 MEDIUM EPSS 0.00

Dell EMC NetWorker 19.2.1.x 19.3.x, 19.4.x, 19.5.x, 19.6.x and 19.7.0.0 contain an Improper Handling of Insufficient Permissions or Privileges vulnerability. Authenticated non admin user could exploit this vulnerability and gain access to restricted resources.

CWE-755 Aug 30, 2022

CVE-2022-36031 6.5 MEDIUM EPSS 0.00

Directus is a free and open-source data platform for headless content management. The Directus process can be aborted by having an authorized user update the `filename_disk` value to a folder and accessing that file through the `/assets` endpoint. This vulnerability has been patched and release v9.15.0 contains the fix. Users are advised to upgrade. Users unable to upgrade may prevent this problem by making sure no (untrusted) non-admin users have permissions to update the `filename_disk` field on `directus_files`.

CWE-755 Aug 19, 2022

CVE-2022-20253 6.5 MEDIUM EPSS 0.00

In Bluetooth, there is a possible cleanup failure due to an uncaught exception. This could lead to remote denial of service in Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-224545125

CWE-755 Aug 12, 2022