Total
1513 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-41090 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-02-28 | N/A | 5.9 MEDIUM |
Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability | |||||
CVE-2022-21776 | 2 Google, Mediatek | 44 Android, Mt6580, Mt6739 and 41 more | 2024-02-28 | 4.4 MEDIUM | 6.4 MEDIUM |
In MDP, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06545450; Issue ID: ALPS06545450. | |||||
CVE-2022-21774 | 2 Google, Mediatek | 17 Android, Mt6761, Mt6765 and 14 more | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
In TEEI driver, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06641447; Issue ID: ALPS06641447. | |||||
CVE-2022-2857 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Use after free in Blink in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2022-44563 | 1 Huawei | 2 Emui, Harmonyos | 2024-02-28 | N/A | 5.9 MEDIUM |
There is a race condition vulnerability in SD upgrade mode. Successful exploitation of this vulnerability may affect data confidentiality. | |||||
CVE-2022-3071 | 2 Fedoraproject, Google | 4 Fedora, Chrome, Chrome Os and 1 more | 2024-02-28 | N/A | 8.8 HIGH |
Use after free in Tab Strip in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interaction. | |||||
CVE-2022-41035 | 1 Microsoft | 1 Edge Chromium | 2024-02-28 | N/A | 5.3 MEDIUM |
Microsoft Edge (Chromium-based) Spoofing Vulnerability | |||||
CVE-2022-41100 | 1 Microsoft | 7 Windows 10, Windows 11, Windows 8.1 and 4 more | 2024-02-28 | N/A | 7.8 HIGH |
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability | |||||
CVE-2022-41086 | 1 Microsoft | 9 Windows 10, Windows 11, Windows 7 and 6 more | 2024-02-28 | N/A | 6.4 MEDIUM |
Windows Group Policy Elevation of Privilege Vulnerability | |||||
CVE-2022-34702 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-02-28 | N/A | 8.1 HIGH |
Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability | |||||
CVE-2022-41044 | 1 Microsoft | 2 Windows 7, Windows Server 2008 | 2024-02-28 | N/A | 8.1 HIGH |
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | |||||
CVE-2022-24951 | 1 Eternal Terminal Project | 1 Eternal Terminal | 2024-02-28 | N/A | 7.0 HIGH |
A race condition exists in Eternal Terminal prior to version 6.2.0 which allows a local attacker to hijack Eternal Terminal's IPC socket, enabling access to Eternal Terminal clients which attempt to connect in the future. | |||||
CVE-2022-2854 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-02-28 | N/A | 8.8 HIGH |
Use after free in SwiftShader in Google Chrome prior to 104.0.5112.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2022-39006 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-02-28 | N/A | 5.9 MEDIUM |
The MPTCP module has the race condition vulnerability. Successful exploitation of this vulnerability may cause the device to restart. | |||||
CVE-2022-24949 | 1 Eternal Terminal Project | 1 Eternal Terminal | 2024-02-28 | N/A | 7.5 HIGH |
A privilege escalation to root exists in Eternal Terminal prior to version 6.2.0. This is due to the combination of a race condition, buffer overflow, and logic bug all in PipeSocketHandler::listen(). | |||||
CVE-2022-3042 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2024-02-28 | N/A | 8.8 HIGH |
Use after free in PhoneHub in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
CVE-2022-3028 | 3 Debian, Fedoraproject, Linux | 3 Debian Linux, Fedora, Linux Kernel | 2024-02-28 | N/A | 7.0 HIGH |
A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. | |||||
CVE-2022-38029 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-02-28 | N/A | 7.0 HIGH |
Windows ALPC Elevation of Privilege Vulnerability | |||||
CVE-2022-33634 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-02-28 | N/A | 8.1 HIGH |
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability | |||||
CVE-2022-41045 | 1 Microsoft | 10 Windows 10, Windows 11, Windows 7 and 7 more | 2024-02-28 | N/A | 7.8 HIGH |
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability |