Total
3659 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-36867 | 1 Samsung | 1 Editor Lite | 2024-11-21 | 5.9 Medium |
| Improper access control vulnerability in Editor Lite prior to version 4.0.40.14 allows attackers to access sensitive information. | ||||
| CVE-2022-36866 | 2 Google, Samsung | 2 Android, Group Sharing | 2024-11-21 | 4 Medium |
| Improper access control vulnerability in Broadcaster in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to identify the device. | ||||
| CVE-2022-36865 | 2 Google, Samsung | 2 Android, Group Sharing | 2024-11-21 | 4 Medium |
| Improper access control in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to access device information. | ||||
| CVE-2022-36864 | 1 Samsung | 1 Samsung Email | 2024-11-21 | 4 Medium |
| Improper access control and intent redirection in Samsung Email prior to 6.1.70.20 allows attacker to access specific formatted file and execute privileged behavior. | ||||
| CVE-2022-36856 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Improper access control vulnerability in Telecom application prior to SMR Sep-2022 Release 1 allows attacker to start emergency calls via undefined permission. | ||||
| CVE-2022-36851 | 1 Samsung | 1 Samsung Pass | 2024-11-21 | 3.9 Low |
| Improper access control vulnerability in Samsung pass prior to version 4.0.03.1 allow physical attackers to access data of Samsung pass on a certain state of an unlocked device. | ||||
| CVE-2022-36832 | 1 Samsung | 1 Cameralyzer | 2024-11-21 | 4 Medium |
| Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22, 3.4.22 and 3.5.51 allows attackers to access external storage as Cameralyzer privilege. | ||||
| CVE-2022-36396 | 3 Intel, Linux, Microsoft | 3 Aptio V Uefi Firmware Integrator Tools, Linux Kernel, Windows | 2024-11-21 | 8.2 High |
| Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmiEdit-Linux-5.27.06.0017 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-36374 | 3 Intel, Linux, Microsoft | 3 Aptio V Uefi Firmware Integrator Tools, Linux Kernel, Windows | 2024-11-21 | 7.5 High |
| Improper access control in some Intel(R) Aptio* V UEFI Firmware Integrator Tools before version iDmi Windows 5.27.03.0003 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-35843 | 1 Fortinet | 2 Fortios, Fortiproxy | 2024-11-21 | 7.7 High |
| An authentication bypass by assumed-immutable data vulnerability [CWE-302] in the FortiOS SSH login component 7.2.0, 7.0.0 through 7.0.7, 6.4.0 through 6.4.9, 6.2 all versions, 6.0 all versions and FortiProxy SSH login component 7.0.0 through 7.0.5, 2.0.0 through 2.0.10, 1.2.0 all versions may allow a remote and unauthenticated attacker to login into the device via sending specially crafted Access-Challenge response from the Radius server. | ||||
| CVE-2022-34894 | 1 Jetbrains | 1 Hub | 2024-11-21 | 3.5 Low |
| In JetBrains Hub before 2022.2.14799, insufficient access control allowed the hijacking of untrusted services | ||||
| CVE-2022-34453 | 1 Dell | 2 Xtremio X2, Xtremio X2 Firmware | 2024-11-21 | 7.6 High |
| Dell XtremIO X2 XMS versions prior to 6-4-1.11 contain an improper access control vulnerability. A remote read only user could potentially exploit this vulnerability to perform add/delete QoS policies which are disabled by default. | ||||
| CVE-2022-33931 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | 6.3 Medium |
| Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An attacker with no access to Alert Classification page could potentially exploit this vulnerability, leading to the change the alert categories. | ||||
| CVE-2022-33926 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | 7.1 High |
| Dell Wyse Management Suite 3.6.1 and below contains an improper access control vulnerability. A remote malicious user could exploit this vulnerability in order to retain access to a file repository after it has been revoked. | ||||
| CVE-2022-33925 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | 6.5 Medium |
| Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability in UI. An remote authenticated attacker could potentially exploit this vulnerability by bypassing access controls in order to download reports containing sensitive information. | ||||
| CVE-2022-33924 | 1 Dell | 1 Wyse Management Suite | 2024-11-21 | 4.3 Medium |
| Dell Wyse Management Suite 3.6.1 and below contains an Improper Access control vulnerability with which an attacker with no access to create rules could potentially exploit this vulnerability and create rules. | ||||
| CVE-2022-33731 | 1 Google | 1 Android | 2024-11-21 | 5.1 Medium |
| Improper access control vulnerability in DesktopSystemUI prior to SMR Aug-2022 Release 1 allows attackers to enable and disable arbitrary components. | ||||
| CVE-2022-33720 | 1 Google | 1 Android | 2024-11-21 | 2.4 Low |
| Improper authentication vulnerability in AppLock prior to SMR Aug-2022 Release 1 allows physical attacker to access Chrome locked by AppLock via new tap shortcut. | ||||
| CVE-2022-33714 | 1 Google | 1 Android | 2024-11-21 | 6.2 Medium |
| Improper access control vulnerability in SemWifiApBroadcastReceiver prior to SMR Aug-2022 Release 1 allows attacker to reset a setting value related to mobile hotspot. | ||||
| CVE-2022-33706 | 1 Samsung | 1 Samsung Gallery | 2024-11-21 | 2.4 Low |
| Improper access control vulnerability in Samsung Gallery prior to version 13.1.05.8 allows physical attackers to access the pictures using S Pen air gesture. | ||||