Skip to main content
CVE-2022-41197 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-41196 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-41195 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated EAAmiga Interchange File Format (.iff, 2d.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer -. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-41194 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Postscript (.eps, ai.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-41193 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Encapsulated Post Script (.eps, ai.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-41192 HIGH This Week

Due to lack of proper memory management, when a victim opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-41191 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Jupiter Tesselation (.jt, JTReader.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9,. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-41190 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dxf, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-41189 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dwg, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-41188 HIGH This Week

Due to lack of proper memory management, when a victim opens manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-41187 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-41186 HIGH This Week

Due to lack of proper memory management, when a victim opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) file received from untrusted sources in SAP 3D Visual Enterprise Viewer -. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Viewer
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-41185 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Visual Design Stream (.vds, MataiPersistence.dll) file received from untrusted sources in SAP 3D Visual Enterprise Author -. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.4%
CVE-2022-41184 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Windows Cursor File (.cur, ico.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Microsoft RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-41180 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Portable Document Format (.pdf, PDFPublishing.dll) file received from untrusted sources in SAP 3D Visual Enterprise Author -. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-41179 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Jupiter Tesselation (.jt, JtTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author -. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-41177 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Iges Part and Assembly (.igs, .iges, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-41175 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Enhanced Metafile (.emf, emf.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it is. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-41172 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dxf, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-41170 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated CATIA4 Part (.model, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-41168 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated CATIA5 Part (.catpart, CatiaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author -. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-41167 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated AutoCAD (.dwg, TeighaTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version 9, it. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-39808 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Wavefront Object (.obj, ObjTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author - version. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-39806 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated SolidWorks Drawing (.slddrw, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-39805 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated Computer Graphics Metafile (.cgm, CgmTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-39804 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated SolidWorks Part (.sldprt, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author -. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-39803 HIGH This Week

Due to lack of proper memory management, when a victim opens a manipulated ACIS Part and Assembly (.sat, CoreCadTranslator.exe) file received from untrusted sources in SAP 3D Visual Enterprise Author. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE SAP Buffer Overflow 3D Visual Enterprise Author
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2022-20436 HIGH This Week

There is an unauthorized service in the system service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-20435 HIGH This Week

There is a Unauthorized service in the system service, may cause the system reboot. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-20434 HIGH This Week

There is an missing authorization issue in the system service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-20433 HIGH This Week

There is an missing authorization issue in the system service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-20432 HIGH This Week

There is an missing authorization issue in the system service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-20431 HIGH This Week

There is an missing authorization issue in the system service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-20430 HIGH This Week

There is an missing authorization issue in the system service. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Google Authentication Bypass Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-20421 HIGH PATCH This Week

In binder_inc_ref_for_node of binder.c, there is a possible way to corrupt memory due to a use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Denial Of Service Google Privilege Escalation Memory Corruption Use After Free +2
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-20420 HIGH PATCH This Week

In getBackgroundRestrictionExemptionReason of AppRestrictionController.java, there is a possible way to bypass device policy restrictions due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-20419 HIGH PATCH This Week

In setOptions of ActivityRecord.java, there is a possible load any arbitrary Java code into launcher process due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Privilege Escalation Java Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-20417 HIGH This Week

In audioTransportsToHal of HidlUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-20416 HIGH PATCH This Week

In audioTransportsToHal of HidlUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Out-of-bounds Write vulnerability could allow attackers to write data beyond allocated buffer boundaries leading to code execution or crashes.

Memory Corruption Google Privilege Escalation Buffer Overflow Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-20415 HIGH PATCH This Week

In handleFullScreenIntent of StatusBarNotificationActivityStarter.java, there is a possible bypass of the restriction of starting activity from background due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Google Privilege Escalation Android
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-41083 HIGH PATCH This Week

Visual Studio Code Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Jupyter
NVD
CVSS 3.1
7.8
EPSS
0.6%
CVE-2022-41033 HIGH KEV PATCH THREAT This Week

Windows COM+ Event System Service Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Access of Resource Using Incompatible Type (Type Confusion) vulnerability could allow attackers to execute arbitrary code by exploiting type confusion in the application.

Memory Corruption Information Disclosure Microsoft Windows 10 1507 Windows 10 1607 +14
NVD
CVSS 3.1
7.8
EPSS
1.8%
CVE-2022-41032 HIGH PATCH This Week

NuGet Client Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.

Privilege Escalation Net Net Core Visual Studio 2019 Visual Studio 2022 +1
NVD
CVSS 3.1
7.8
EPSS
1.1%
CVE-2022-41031 HIGH PATCH This Week

Microsoft Word Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office Office Long Term Servicing Channel
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-38051 HIGH PATCH This Week

Windows Graphics Component Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
7.3%
CVE-2022-38050 HIGH PATCH This Week

Win32k Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Information Disclosure Windows 10 Windows 11 Windows Server 2019 Windows Server 2022
NVD
CVSS 3.1
7.8
EPSS
7.3%
CVE-2022-38049 HIGH PATCH This Week

Microsoft Office Graphics Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office Office Long Term Servicing Channel
NVD
CVSS 3.1
7.8
EPSS
0.8%
CVE-2022-38048 HIGH PATCH This Week

Microsoft Office Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE 365 Apps Office Office Long Term Servicing Channel
NVD
CVSS 3.1
7.8
EPSS
1.5%
CVE-2022-38044 HIGH PATCH This Week

Windows CD-ROM File System Driver Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity.

Microsoft RCE Windows 10 Windows 11 Windows 7 +7
NVD
CVSS 3.1
7.8
EPSS
56.3%
CVE-2022-38039 HIGH PATCH This Week

Windows Kernel Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Microsoft Information Disclosure Windows 10 Windows 11 Windows Server 2019 +1
NVD
CVSS 3.1
7.8
EPSS
0.6%
Prev Page 2 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy