| CVE-2023-21823 | | 0.12 | — | 0.02 | KEV | Feb 14, 2023 | Windows Graphics Component Remote Code Execution Vulnerability |
| CVE-2023-21715 | | 0.12 | — | 0.00 | KEV | Feb 14, 2023 | Microsoft Publisher Security Feature Bypass Vulnerability |
| CVE-2023-0266 | | 0.12 | — | 0.00 | KEV | Jan 30, 2023 | A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend upgrading past commit 56b88b50565cd8b946a2d00b0c83927b7ebb055e |
| CVE-2022-26486 | | 0.12 | — | 0.05 | KEV | Dec 22, 2022 | An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. |
| CVE-2022-42856 | | 0.12 | — | 0.00 | KEV | Dec 15, 2022 | A type confusion issue was addressed with improved state handling. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.1.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15.1.. |
| CVE-2022-4135 | | 0.12 | — | 0.00 | KEV | Nov 25, 2022 | Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) |
| CVE-2022-41125 | | 0.12 | — | 0.01 | KEV | Nov 9, 2022 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability |
| CVE-2022-3723 | | 0.12 | — | 0.01 | KEV | Nov 1, 2022 | Type confusion in V8 in Google Chrome prior to 107.0.5304.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| CVE-2022-42827 | | 0.12 | — | 0.00 | KEV | Nov 1, 2022 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.. |
| CVE-2022-38028 | | 0.12 | — | 0.04 | KEV | Oct 11, 2022 | Windows Print Spooler Elevation of Privilege Vulnerability |
| CVE-2022-41033 | | 0.12 | — | 0.02 | KEV | Oct 11, 2022 | Windows COM+ Event System Service Elevation of Privilege Vulnerability |
| CVE-2022-20775 | | 0.12 | — | 0.00 | KEV | Sep 30, 2022 | A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker to gain elevated privileges.
This vulnerability is due to improper access controls on commands within the application CLI. An attacker could exploit this vulnerability by running a maliciously crafted command on the application CLI. A successful exploit could allow the attacker to execute arbitrary commands as the root user.
Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sd-wan-priv-E6e8tEdF |
| CVE-2022-3075 | | 0.12 | — | 0.02 | KEV | Sep 26, 2022 | Insufficient data validation in Mojo in Google Chrome prior to 105.0.5195.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
| CVE-2022-2856 | | 0.12 | — | 0.03 | KEV | Sep 26, 2022 | Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page. |
| CVE-2022-32917 | | 0.12 | — | 0.01 | KEV | Sep 20, 2022 | The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.. |
| CVE-2022-32893 | | 0.12 | — | 0.00 | KEV | Aug 24, 2022 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. |
| CVE-2022-32894 | | 0.12 | — | 0.00 | KEV | Aug 24, 2022 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited. |
| CVE-2022-0028 | | 0.12 | — | 0.05 | KEV | Aug 10, 2022 | A PAN-OS URL filtering policy misconfiguration could allow a network-based attacker to conduct reflected and amplified TCP denial-of-service (RDoS) attacks. The DoS attack would appear to originate from a Palo Alto Networks PA-Series (hardware), VM-Series (virtual) and CN-Series (container) firewall against an attacker-specified target. To be misused by an external attacker, the firewall configuration must have a URL filtering profile with one or more blocked categories assigned to a source zone that has an external facing interface. This configuration is not typical for URL filtering and, if set, is likely unintended by the administrator. If exploited, this issue would not impact the confidentiality, integrity, or availability of our products. However, the resulting denial-of-service (DoS) attack may help obfuscate the identity of the attacker and implicate the firewall as the source of the attack. We have taken prompt action to address this issue in our PAN-OS software. All software updates for this issue are expected to be released no later than the week of August 15, 2022. This issue does not impact Panorama M-Series or Panorama virtual appliances. This issue has been resolved for all Cloud NGFW and Prisma Access customers and no additional action is required from them. |
| CVE-2022-34713 | | 0.12 | — | 0.04 | KEV | Aug 9, 2022 | Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability |
| CVE-2022-22047 | | 0.12 | — | 0.01 | KEV | Jul 12, 2022 | Windows Client Server Run-time Subsystem (CSRSS) Elevation of Privilege Vulnerability |
| CVE-2022-22071 | | 0.12 | — | 0.01 | KEV | Jun 14, 2022 | Possible use after free when process shell memory is freed using IOCTL munmap call and process initialization is in progress in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music |
| CVE-2022-22675 | | 0.12 | — | 0.01 | KEV | May 26, 2022 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.3.1, iOS 15.4.1 and iPadOS 15.4.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.. |
| CVE-2022-22674 | | 0.12 | — | 0.00 | KEV | May 26, 2022 | An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Monterey 12.3.1, Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. A local user may be able to read kernel memory. |
| CVE-2022-22620 | | 0.12 | — | 0.04 | KEV | Mar 18, 2022 | A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 (v. 16612.4.9.1.8 and 15612.4.9.1.8). Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. |
| CVE-2022-22587 | | 0.12 | — | 0.00 | KEV | Mar 18, 2022 | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 15.3 and iPadOS 15.3, macOS Big Sur 11.6.3, macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited.. |
| CVE-2021-39793 | | 0.12 | — | 0.00 | KEV | Mar 16, 2022 | In kbase_jd_user_buf_pin_pages of mali_kbase_mem.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210470189References: N/A |
| CVE-2022-22706 | | 0.12 | — | 0.00 | KEV | Mar 3, 2022 | Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0. |
| CVE-2021-4102 | | 0.12 | — | 0.05 | KEV | Feb 11, 2022 | Use after free in V8 in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| CVE-2022-0185 | | 0.12 | — | 0.02 | KEV | Feb 11, 2022 | A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length. An unprivileged (in case of unprivileged user namespaces enabled, otherwise needs namespaced CAP_SYS_ADMIN privilege) local user able to open a filesystem that does not support the Filesystem Context API (and thus fallbacks to legacy handling) could use this flaw to escalate their privileges on the system. |
| CVE-2022-20701 | | 0.12 | — | 0.06 | KEV | Feb 10, 2022 | Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. |
| CVE-2022-20703 | | 0.12 | — | 0.02 | KEV | Feb 10, 2022 | Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. |
| CVE-2021-22600 | | 0.12 | — | 0.00 | KEV | Jan 26, 2022 | A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755 |
| CVE-2022-21919 | | 0.12 | — | 0.00 | KEV | Jan 11, 2022 | Windows User Profile Service Elevation of Privilege Vulnerability |
| CVE-2021-35247 | | 0.12 | — | 0.05 | KEV | Jan 7, 2022 | Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper characters. To insure proper input validation is completed in all environments. SolarWinds recommends scheduling an update to the latest version of Serv-U. |
| CVE-2022-22265 | | 0.12 | — | 0.00 | KEV | Jan 7, 2022 | An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution. |
| CVE-2021-44168 | | 0.12 | — | 0.01 | KEV | Jan 4, 2022 | A download of code without integrity check vulnerability in the "execute restore src-vis" command of FortiOS before 7.0.3 may allow a local authenticated attacker to download arbitrary files on the device via specially crafted update packages. |
| CVE-2021-1048 | | 0.12 | — | 0.01 | KEV | Dec 15, 2021 | In ep_loop_check_proc of eventpoll.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204573007References: Upstream kernel |
| CVE-2021-0920 | | 0.12 | — | 0.01 | KEV | Dec 15, 2021 | In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917References: Upstream kernel |
| CVE-2021-38000 | | 0.12 | — | 0.04 | KEV | Nov 23, 2021 | Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page. |
| CVE-2021-41357 | | 0.12 | — | 0.04 | KEV | Oct 13, 2021 | Win32k Elevation of Privilege Vulnerability |
| CVE-2021-40450 | | 0.12 | — | 0.04 | KEV | Oct 13, 2021 | Win32k Elevation of Privilege Vulnerability |
| CVE-2021-25489 | | 0.12 | — | 0.00 | KEV | Oct 6, 2021 | Assuming radio permission is gained, missing input validation in modem interface driver prior to SMR Oct-2021 Release 1 results in format string bug leading to kernel panic. |
| CVE-2021-25487 | | 0.12 | — | 0.03 | KEV | Oct 6, 2021 | Lack of boundary checking of a buffer in set_skb_priv() of modem interface driver prior to SMR Oct-2021 Release 1 allows OOB read and it results in arbitrary code execution by dereference of invalid function pointer. |
| CVE-2021-20035 | | 0.12 | — | 0.04 | KEV | Sep 27, 2021 | Improper neutralization of special elements in the SMA100 management interface allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user which potentially leads to DoS. |
| CVE-2021-38649 | | 0.12 | — | 0.05 | KEV | Sep 15, 2021 | Open Management Infrastructure Elevation of Privilege Vulnerability |
| CVE-2021-30663 | | 0.12 | — | 0.01 | KEV | Sep 8, 2021 | An integer overflow was addressed with improved input validation. This issue is fixed in iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, Safari 14.1.1, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. |
| CVE-2021-30661 | | 0.12 | — | 0.00 | KEV | Sep 8, 2021 | A use after free issue was addressed with improved memory management. This issue is fixed in Safari 14.1, iOS 12.5.3, iOS 14.5 and iPadOS 14.5, watchOS 7.4, tvOS 14.5, macOS Big Sur 11.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. |
| CVE-2021-30713 | | 0.12 | — | 0.00 | KEV | Sep 8, 2021 | A permissions issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.4. A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited.. |
| CVE-2021-30666 | | 0.12 | — | 0.01 | KEV | Sep 8, 2021 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.5.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. |
| CVE-2021-30665 | | 0.12 | — | 0.01 | KEV | Sep 8, 2021 | A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 7.4.1, iOS 14.5.1 and iPadOS 14.5.1, tvOS 14.6, iOS 12.5.3, macOS Big Sur 11.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.. |
