Skip to main content
CVE-2022-41584 HIGH This Week

The kernel module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause memory overwriting. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Emui Harmonyos
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2022-41576 HIGH This Week

The rphone module has a script that can be maliciously modified.Successful exploitation of this vulnerability may cause irreversible programs to be implanted on user devices. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Code Injection Emui Harmonyos
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-42488 HIGH This Week

OpenHarmony-v3.1.2 and prior versions have a Missing permission validation vulnerability in param service of startup subsystem. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Openharmony
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-42464 HIGH This Week

OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have a Kernel memory pool override vulnerability in /dev/mmz_userdev device driver. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

RCE Privilege Escalation Openharmony
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2022-28762 HIGH This Week

Zoom Client for Meetings for macOS (Standard and for IT Admin) starting with 5.10.6 and prior to 5.12.0 contains a debugging port misconfiguration. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Apple Meetings
NVD
CVSS 3.1
7.8
EPSS
0.3%
CVE-2022-42341 HIGH This Week

Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XXE Adobe Coldfusion
NVD
CVSS 3.1
7.5
EPSS
35.5%
CVE-2022-42340 HIGH This Week

Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary file system read. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Adobe Coldfusion
NVD
CVSS 3.1
7.5
EPSS
33.8%
CVE-2022-41623 HIGH This Week

Sensitive Data Exposure in Villatheme ALD - AliExpress Dropshipping and Fulfillment for WooCommerce premium plugin <= 1.1.0 on WordPress. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure WordPress Dropshipping And Fulfillment For Aliexpress And Woocommerce
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-38422 HIGH This Week

Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Path Traversal Adobe Coldfusion
NVD
CVSS 3.1
7.5
EPSS
44.3%
CVE-2022-38420 HIGH PATCH This Week

Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Use of Hard-coded Credentials vulnerability that could result in application denial-of-service by. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Authentication Bypass Adobe Coldfusion
NVD
CVSS 3.1
7.5
EPSS
44.0%
CVE-2022-38419 HIGH PATCH This Week

Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that could result in. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

XXE Adobe Coldfusion
NVD
CVSS 3.1
7.5
EPSS
53.0%
CVE-2022-3479 HIGH PATCH This Week

A vulnerability found in nss. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Network Security Services
NVD
CVSS 3.1
7.5
EPSS
0.7%
CVE-2022-41589 HIGH This Week

The DFX unwind stack module of the ArkCompiler has a vulnerability in interface calling.Successful exploitation of this vulnerability affects system services and device availability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-41588 HIGH This Week

The home screen module has a vulnerability in service logic processing.Successful exploitation of this vulnerability may affect data integrity. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2022-41586 HIGH This Week

The communication framework module has a vulnerability of not truncating data properly.Successful exploitation of this vulnerability may affect data confidentiality. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-41583 HIGH This Week

The storage maintenance and debugging module has an array out-of-bounds read vulnerability.Successful exploitation of this vulnerability will cause incorrect statistics of this module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-41582 HIGH This Week

The security module has configuration defects.Successful exploitation of this vulnerability may affect system availability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2022-39011 HIGH This Week

The HISP module has a vulnerability of bypassing the check of the data transferred in the kernel space.Successful exploitation of this vulnerability may cause unauthorized access to the HISP module. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-38998 HIGH This Week

The HISP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-38985 HIGH This Week

The facial recognition module has a vulnerability in input validation.Successful exploitation of this vulnerability may affect data confidentiality. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-38984 HIGH This Week

The HIPP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Emui Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-38981 HIGH This Week

The HwAirlink module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause information leakage. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-38977 HIGH This Week

The HwAirlink module has a heap overflow vulnerability.Successful exploitation of this vulnerability may cause out-of-bounds writes, resulting in modification of sensitive data. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Information Disclosure Buffer Overflow Harmonyos
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2022-41715 HIGH PATCH This Week

Programs which compile regular expressions from untrusted sources may be vulnerable to memory exhaustion or denial of service. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Go
NVD
CVSS 3.1
7.5
EPSS
1.3%
CVE-2022-32149 HIGH POC PATCH This Week

An attacker may cause a denial of service by crafting an Accept-Language header which ParseAcceptLanguage will take significant time to parse. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Text
NVD GitHub
CVSS 3.1
7.5
EPSS
1.4%
CVE-2022-2879 HIGH PATCH This Week

Reader.Read does not set a limit on the maximum size of file headers. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Allocation of Resources Without Limits vulnerability could allow attackers to exhaust system resources through uncontrolled allocation.

Denial Of Service Go
NVD
CVSS 3.1
7.5
EPSS
1.5%
CVE-2022-38424 HIGH This Week

Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Path Traversal Adobe Coldfusion
NVD
CVSS 3.1
7.2
EPSS
45.2%
CVE-2022-38421 HIGH PATCH This Week

Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could. Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.

RCE Path Traversal Adobe Coldfusion
NVD
CVSS 3.1
7.2
EPSS
79.2%
CVE-2022-41577 HIGH This Week

The kernel server has a vulnerability of not verifying the length of the data transferred in the user space.Successful exploitation of this vulnerability may cause out-of-bounds read in the kernel,. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Buffer Overflow Emui Harmonyos
NVD
CVSS 3.1
7.1
EPSS
0.1%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy