Export limit exceeded: 81557 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (81557 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-0354 | 1 Lenovo | 1 System Update | 2024-11-21 | 7.3 High |
| A vulnerability was reported in Lenovo System Update that could allow a local user with interactive system access the ability to execute code with elevated privileges only during the installation of a System Update package released before 2022-02-25 that displays a command prompt window. | ||||
| CVE-2022-0336 | 2 Fedoraproject, Samba | 2 Fedora, Samba | 2024-11-21 | 8.8 High |
| The Samba AD DC includes checks when adding service principals names (SPNs) to an account to ensure that SPNs do not alias with those already in the database. Some of these checks are able to be bypassed if an account modification re-adds an SPN that was previously present on that account, such as one added when a computer is joined to a domain. An attacker who has the ability to write to an account can exploit this to perform a denial-of-service attack by adding an SPN that matches an existing service. Additionally, an attacker who can intercept traffic can impersonate existing services, resulting in a loss of confidentiality and integrity. | ||||
| CVE-2022-0335 | 1 Moodle | 1 Moodle | 2024-11-21 | 8.8 High |
| A flaw was found in Moodle in versions 3.11 to 3.11.4, 3.10 to 3.10.8, 3.9 to 3.9.11 and earlier unsupported versions. The "delete badge alignment" functionality did not include the necessary token check to prevent a CSRF risk. | ||||
| CVE-2022-0330 | 4 Fedoraproject, Linux, Netapp and 1 more | 52 Fedora, Linux Kernel, H300e and 49 more | 2024-11-21 | 7.8 High |
| A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system. | ||||
| CVE-2022-0323 | 1 Mustache Project | 1 Mustache | 2024-11-21 | 8.8 High |
| Improper Neutralization of Special Elements Used in a Template Engine in Packagist mustache/mustache prior to 2.14.1. | ||||
| CVE-2022-0315 | 1 Horovod | 1 Horovod | 2024-11-21 | 7.5 High |
| Insecure Temporary File in GitHub repository horovod/horovod prior to 0.24.0. | ||||
| CVE-2022-0311 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-0310 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Heap buffer overflow in Task Manager in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via specific user interactions. | ||||
| CVE-2022-0308 | 1 Google | 2 Chrome, Chrome Os | 2024-11-21 | 8.8 High |
| Use after free in Data Transfer in Google Chrome on Chrome OS prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-0307 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Optimization Guide in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-0306 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Heap buffer overflow in PDFium in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-0304 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Bookmarks in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-0302 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-0301 | 1 Google | 1 Chrome | 2024-11-21 | 7.8 High |
| Heap buffer overflow in DevTools in Google Chrome prior to 97.0.4692.99 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-0300 | 1 Google | 2 Android, Chrome | 2024-11-21 | 8.8 High |
| Use after free in Text Input Method Editor in Google Chrome on Android prior to 97.0.4692.99 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-0298 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Scheduling in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-0297 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Vulkan in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-0296 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Printing in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-0295 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Omnibox in Google Chrome prior to 97.0.4692.99 allowed a remote attacker who convinced the user to engage is specific user interactions to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-0293 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Use after free in Web packaging in Google Chrome prior to 97.0.4692.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||