CVE-2022-48xxx

There are 755 CVE in this subgroup.
Last updated: 
← Back to 2022
ID Summary Flags Max Score
CVE-2022-48006 An arbitrary file upload vulnerability in taocms v3.0.2 allows attackers to execute arbitrary code v...
E
CVE-2022-48007 A stored cross-site scripting (XSS) vulnerability in identification.php of Piwigo v13.4.0 allows att...
E S
CVE-2022-48008 An arbitrary file upload vulnerability in the plugin manager of LimeSurvey v5.4.15 allows attackers ...
E
CVE-2022-48010 LimeSurvey v5.4.15 was discovered to contain a stored cross-site scripting (XSS) vulnerability in th...
E
CVE-2022-48011 Opencats v0.9.7 was discovered to contain a SQL injection vulnerability via the importID parameter i...
E
CVE-2022-48012 Opencats v0.9.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via t...
E
CVE-2022-48013 Opencats v0.9.7 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the c...
E
CVE-2022-48019 The components wfshbr64.sys and wfshbr32.sys in Another Eden before v3.0.20 and before v2.14.200 all...
E
CVE-2022-48020 Vinteo VCC v2.36.4 was discovered to contain a reflected cross-site scripting (XSS) vulnerability vi...
E
CVE-2022-48021 A vulnerability in Zammad v5.3.0 allows attackers to execute arbitrary code or escalate privileges v...
CVE-2022-48022 An issue in the component /api/v1/mentions of Zammad v5.3.0 allows authenticated attackers with agen...
CVE-2022-48023 Insufficient privilege verification in Zammad v5.3.0 allows an authenticated attacker to perform cha...
CVE-2022-48063 GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via...
E
CVE-2022-48064 GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via...
E
CVE-2022-48065 GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find...
E
CVE-2022-48066 An issue in the component global.so of Totolink A830R V4.1.2cu.5182 allows attackers to bypass authe...
E
CVE-2022-48067 An information disclosure vulnerability in Totolink A830R V4.1.2cu.5182 allows attackers to obtain t...
E
CVE-2022-48069 Totolink A830R V4.1.2cu.5182 was discovered to contain a command injection vulnerability via the QUE...
E
CVE-2022-48070 Phicomm K2 v22.6.534.263 was discovered to contain a command injection vulnerability via the autoUpT...
E
CVE-2022-48071 Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext....
E
CVE-2022-48072 Phicomm K2G v22.6.3.20 was discovered to contain a command injection vulnerability via the autoUpTim...
E
CVE-2022-48073 Phicomm K2G v22.6.3.20 was discovered to store the root and admin passwords in plaintext....
E
CVE-2022-48074 An issue in NoMachine before v8.2.3 allows attackers to execute arbitrary commands via a crafted .nx...
CVE-2022-48077 Genymotion Desktop v3.3.2 was discovered to contain a DLL hijacking vulnerability that allows attack...
CVE-2022-48078 pycdc commit 44a730f3a889503014fec94ae6e62d8401cb75e5 was discovered to contain a stack overflow via...
E
CVE-2022-48079 Monnai aaPanel host system v1.5 contains an access control issue which allows attackers to escalate ...
E
CVE-2022-48082 Easyone CRM v5.50.02 was discovered to contain a SQL Injection vulnerability via the text parameter ...
CVE-2022-48085 Softr v2.0 was discovered to contain a HTML injection vulnerability via the Work Space Name paramete...
E
CVE-2022-48090 Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to SQL Injection via /app/dao/CustomerDAO.p...
E
CVE-2022-48091 Tramyardg hotel-mgmt-system version 2022.4 is vulnerable to Cross Site Scripting (XSS) via process_u...
E
CVE-2022-48093 Seacms v12.7 was discovered to contain a remote code execution (RCE) vulnerability via the ip parame...
E
CVE-2022-48094 lmxcms v1.41 was discovered to contain an arbitrary file read vulnerability via TemplateAction.class...
E
CVE-2022-48107 D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the compone...
E
CVE-2022-48108 D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the compone...
E
CVE-2022-48110 CKSource CKEditor 5 35.4.0 was discovered to contain a cross-site scripting (XSS) vulnerability via ...
CVE-2022-48111 A cross-site scripting (XSS) vulnerability in the check_login function of SIPE s.r.l WI400 between v...
E
CVE-2022-48113 A vulnerability in TOTOLINK N200RE_v5 firmware V9.3.5u.6139 allows unauthenticated attackers to acce...
E
CVE-2022-48114 RuoYi up to v4.7.5 was discovered to contain a SQL injection vulnerability via the component /tool/g...
E
CVE-2022-48115 The dropdown menu in jspreadsheet before v4.6.0 was discovered to be vulnerable to cross-site script...
E
CVE-2022-48116 AyaCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the componen...
E
CVE-2022-48118 Jorani v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Acronym par...
E
CVE-2022-48120 SQL Injection vulnerability in kishan0725 Hospital Management System thru commit 4770d740f2512693ef8...
E
CVE-2022-48121 TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability v...
E
CVE-2022-48122 TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability v...
E
CVE-2022-48123 TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability v...
E
CVE-2022-48124 TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability v...
E
CVE-2022-48125 TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability v...
E
CVE-2022-48126 TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability v...
E
CVE-2022-48130 Tenda W20E v15.11.0.6 was discovered to contain multiple stack overflows in the function formSetStat...
E
CVE-2022-48137 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-26830. Reason: This candidat...
R
CVE-2022-48138 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-26829. Reason: This candidat...
R
CVE-2022-48140 DedeCMS v5.7.97 was discovered to contain a cross-site scripting (XSS) vulnerability in the componen...
E
CVE-2022-48149 Online Student Admission System in PHP Free Source Code 1.0 was discovered to contain a SQL injectio...
CVE-2022-48150 Shopware v5.5.10 was discovered to contain a cross-site scripting (XSS) vulnerability via the recove...
E
CVE-2022-48152 SQL Injection vulnerability in RemoteClinic 2.0 allows attackers to execute arbitrary commands and g...
E
CVE-2022-48161 Easy Images v2.0 was discovered to contain an arbitrary file download vulnerability via the componen...
E
CVE-2022-48164 An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.19...
E
CVE-2022-48165 An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN530H4 M30H4.V5030.21...
E
CVE-2022-48166 An access control issue in Wavlink WL-WN530HG4 M30HG4.V5030.201217 allows unauthenticated attackers ...
E
CVE-2022-48174 There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of ...
CVE-2022-48175 Rukovoditel v3.2.1 was discovered to contain a remote code execution (RCE) vulnerability in the comp...
E
CVE-2022-48176 Netgear routers R7000P before v1.3.3.154, R6900P before v1.3.3.154, R7960P before v1.4.4.94, and R80...
S
CVE-2022-48177 X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a reflected cross-site scripting (...
E
CVE-2022-48178 X2CRM Open Source Sales CRM 6.6 and 6.9 was discovered to contain a stored cross-site scripting (XSS...
E
CVE-2022-48181 An ErrorMessage driver stack-based buffer overflow vulnerability in BIOS of some ThinkPad models cou...
S
CVE-2022-48182 A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper d...
S
CVE-2022-48183 A vulnerability was reported in ThinkPad T14s Gen 3 and X13 Gen3 that could cause the BIOS tamper d...
S
CVE-2022-48185 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2022-48186 A certificate validation vulnerability exists in the Baiying Android application which could lead to...
S
CVE-2022-48187 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse...
R
CVE-2022-48188 A buffer overflow vulnerability in the SecureBootDXE BIOS driver of some Lenovo Desktop and ThinkSta...
S
CVE-2022-48189 An SMM driver input validation vulnerability in the BIOS of some ThinkPad models could allow an atta...
S
CVE-2022-48190 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2022-48191 A vulnerability exists in Trend Micro Maximum Security 2022 (17.7) wherein a low-privileged user can...
S
CVE-2022-48192 Cross-site scripting vulnerability in Softing smartLink SW-HT
CVE-2022-48193 Weak ciphers vulnerability in Softing smartLink SW-HT
CVE-2022-48194 TP-Link TL-WR902AC devices through V3 0.9.1 allow remote authenticated attackers to execute arbitrar...
E
CVE-2022-48195 An issue was discovered in Mellium mellium.im/sasl before 0.3.1. When performing SCRAM-based SASL au...
CVE-2022-48196 Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affec...
S
CVE-2022-48197 Reflected cross-site scripting (XSS) exists in Sandbox examples in the YUI2 repository. The download...
CVE-2022-48198 The ntpd_driver component before 1.3.0 and 2.x before 2.2.0 for Robot Operating System (ROS) allows ...
E S
CVE-2022-48199 SoftPerfect NetWorx 7.1.1 on Windows allows an attacker to execute a malicious binary with potential...
CVE-2022-48216 Uniswap Universal Router before 1.1.0 mishandles reentrancy. This would have allowed theft of funds....
E S
CVE-2022-48217 The tf_remapper_node component 1.1.1 for Robot Operating System (ROS) allows attackers, who control ...
E
CVE-2022-48219 Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP Tamper...
CVE-2022-48220 Potential vulnerabilities have been identified in certain HP Desktop PC products using the HP Tamper...
CVE-2022-48221 An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. Multiple MSI's get executed out of...
CVE-2022-48222 An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During SDK installation, certutil....
CVE-2022-48223 An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During SDK repair, certutil.exe is...
CVE-2022-48224 An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. It is installed with insecure perm...
CVE-2022-48225 An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. It is used to install drivers from...
CVE-2022-48226 An issue was discovered in Acuant AcuFill SDK before 10.22.02.03. During installation, an EXE gets e...
CVE-2022-48227 An issue was discovered in Acuant AsureID Sentinel before 5.2.149. It allows elevation of privileges...
CVE-2022-48228 An issue was discovered in Acuant AsureID Sentinel before 5.2.149. It uses the root of the C: drive ...
CVE-2022-48230 There is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploita...
CVE-2022-48231 In soter service, there is a possible missing permission check. This could lead to local denial of s...
CVE-2022-48232 In FM service , there is a possible missing params check. This could lead to local denial of service...
CVE-2022-48233 In FM service , there is a possible missing params check. This could lead to local denial of service...
CVE-2022-48234 In FM service , there is a possible missing params check. This could lead to local denial of service...
CVE-2022-48235 In MP3 encoder, there is a possible out of bounds write due to a missing bounds check. This could le...
CVE-2022-48236 In MP3 encoder, there is a possible out of bounds read due to a missing bounds check. This could lea...
CVE-2022-48237 In Image filter, there is a possible out of bounds write due to a missing bounds check. This could l...
CVE-2022-48238 In Image filter, there is a possible out of bounds write due to a missing bounds check. This could l...
CVE-2022-48239 In camera driver, there is a possible out of bounds write due to a missing bounds check. This could ...
CVE-2022-48240 In camera driver, there is a possible out of bounds write due to a missing bounds check. This could ...
CVE-2022-48241 In telephony service, there is a possible missing permission check. This could lead to local denial ...
CVE-2022-48242 In telephony service, there is a possible missing permission check. This could lead to local informa...
CVE-2022-48243 In audio service, there is a possible missing permission check. This could lead to local escalation ...
CVE-2022-48244 In audio service, there is a possible missing permission check. This could lead to local escalation ...
CVE-2022-48245 In audio service, there is a possible missing permission check. This could lead to local escalation ...
CVE-2022-48246 In audio service, there is a possible missing permission check. This could lead to local escalation ...
CVE-2022-48247 In audio service, there is a possible missing permission check. This could lead to local escalation ...
CVE-2022-48248 In audio service, there is a possible missing permission check. This could lead to local escalation ...
CVE-2022-48249 In audio service, there is a possible missing permission check. This could lead to local escalation ...
CVE-2022-48250 In audio service, there is a possible missing permission check. This could lead to local escalation ...
CVE-2022-48251 The AES instructions on the ARMv8 platform do not have an algorithm that is "intrinsically resistant...
E
CVE-2022-48252 The jokob-sk/Pi.Alert fork (before 22.12.20) of Pi.Alert allows Remote Code Execution via nmap_scan....
E
CVE-2022-48253 nhttpd in Nostromo before 2.1 is vulnerable to a path traversal that may allow an attacker to execut...
E
CVE-2022-48254 There is a data processing error vulnerability in Leia-B29 2.0.0.49(M03). Successful exploitation co...
CVE-2022-48255 There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. A Huawei printer has ...
CVE-2022-48256 Technitium DNS Server before 10.0 allows a self-CNAME denial-of-service attack in which a CNAME loop...
CVE-2022-48257 In Eternal Terminal 6.2.1, etserver and etclient have predictable logfile names in /tmp....
E S
CVE-2022-48258 In Eternal Terminal 6.2.1, etserver and etclient have world-readable logfiles....
E S
CVE-2022-48259 There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitati...
CVE-2022-48260 There is a buffer overflow vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could ...
CVE-2022-48261 There is a misinterpretation of input vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploita...
CVE-2022-48279 In ModSecurity before 2.9.6 and 3.x before 3.0.8, HTTP multipart requests were incorrectly parsed an...
S
CVE-2022-48281 processCropSelections in tools/tiffcrop.c in LibTIFF through 4.5.0 has a heap-based buffer overflow ...
E S
CVE-2022-48282 Deserializing compromised object with MongoDB .NET/C# Driver may cause remote code execution
S
CVE-2022-48283 A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerabili...
CVE-2022-48284 A piece of Huawei whole-home intelligence software has an Incorrect Privilege Assignment vulnerabili...
CVE-2022-48285 loadAsync in JSZip before 3.8.0 allows Directory Traversal via a crafted ZIP archive....
S
CVE-2022-48286 The multi-screen collaboration module has a privilege escalation vulnerability. Successful exploitat...
CVE-2022-48287 The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerabilit...
CVE-2022-48288 The bundle management module lacks authentication and control mechanisms in some APIs. Successful ex...
CVE-2022-48289 The bundle management module lacks authentication and control mechanisms in some APIs. Successful ex...
CVE-2022-48290 The phone-PC collaboration module has a logic bypass vulnerability. Successful exploitation of this ...
CVE-2022-48291 The Bluetooth module has an authentication bypass vulnerability in the pairing process. Successful e...
CVE-2022-48292 The Bluetooth module has an out-of-memory (OOM) vulnerability. Successful exploitation of this vulne...
S
CVE-2022-48293 The Bluetooth module has an OOM vulnerability. Successful exploitation of this vulnerability may aff...
S
CVE-2022-48294 The IHwAttestationService interface has a defect in authentication. Successful exploitation of this ...
CVE-2022-48295 The IHwAntiMalPlugin interface lacks permission verification. Successful exploitation of this vulner...
CVE-2022-48296 The SystemUI has a vulnerability in permission management. Successful exploitation of this vulnerabi...
CVE-2022-48297 The geofencing kernel code has a vulnerability of not verifying the length of the input data. Succes...
S
CVE-2022-48298 The geofencing kernel code does not verify the length of the input data. Successful exploitation of ...
S
CVE-2022-48299 The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this vuln...
CVE-2022-48300 The WMS module lacks the authentication mechanism in some APIs. Successful exploitation of this vuln...
CVE-2022-48301 The bundle management module lacks permission verification in some APIs. Successful exploitation of ...
S
CVE-2022-48302 The AMS module has a vulnerability of lacking permission verification in APIs.Successful exploitatio...
CVE-2022-48303 GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory f...
E S
CVE-2022-48305 There is an identity authentication bypass vulnerability in Huawei Children Smart Watch (Simba-AL00)...
CVE-2022-48306 Gotham Chat IRC help does not validate hostnames in TLS certificates
CVE-2022-48307 It was discovered that the Magritte-ftp was not verifying hostnames in TLS certificates due to a mis...
CVE-2022-48308 It was discovered that the sls-logging was not verifying hostnames in TLS certificates due to a misu...
CVE-2022-48309 A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in So...
CVE-2022-48310 An information disclosure vulnerability allows sensitive key material to be included in technical su...
CVE-2022-48311 **UNSUPPORTED WHEN ASSIGNED** Cross Site Scripting (XSS) in HP Deskjet 2540 series printer Firmware ...
E
CVE-2022-48312 The HwPCAssistant module has the out-of-bounds read/write vulnerability. Successful exploitation of ...
CVE-2022-48313 The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. ...
CVE-2022-48314 The Bluetooth module has a vulnerability of bypassing the user confirmation in the pairing process. ...
CVE-2022-48317 Insecure Termination of RestAPI Session Tokens
CVE-2022-48318 Insecure access control mechanisms for RestAPI documentation
CVE-2022-48319 Host secret disclosed in Checkmk logs
M
CVE-2022-48320 CSRF in add-visual endpoint
M
CVE-2022-48321 SSRF in agent-receiver API
E M
CVE-2022-48322 NETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stack-based buffer overflow vulner...
CVE-2022-48323 Sunlogin Sunflower Simplified (aka Sunflower Simple and Personal) 1.0.1.43315 is vulnerable to a pat...
E
CVE-2022-48324 Multiple Cross Site Scripting (XSS) vulnerabilities in Mapos 4.39.0 allow attackers to execute arbit...
E S
CVE-2022-48325 Multiple Cross Site Scripting (XSS) vulnerabilities in Mapos 4.39.0 allow attackers to execute arbit...
E S
CVE-2022-48326 Multiple Cross Site Scripting (XSS) vulnerabilities in Mapos 4.39.0 allow attackers to execute arbit...
E S
CVE-2022-48327 Multiple Cross Site Scripting (XSS) vulnerabilities in Mapos 4.39.0 allow attackers to execute arbit...
E S
CVE-2022-48328 app/Controller/Component/IndexFilterComponent.php in MISP before 2.4.167 mishandles ordered_url_para...
E S
CVE-2022-48329 MISP before 2.4.166 unsafely allows users to use the order parameter, related to app/Model/Attribute...
S
CVE-2022-48330 A Huawei sound box product has an out-of-bounds write vulnerability. Attackers can exploit this vuln...
CVE-2022-48331 Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys feature_name_len integer o...
E
CVE-2022-48332 Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_save_keys file_name_len integer over...
E
CVE-2022-48333 Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys prefix_len+feature_name_...
E
CVE-2022-48334 Widevine Trusted Application (TA) 5.0.0 through 5.1.1 has a drm_verify_keys total_len+file_name_len ...
E
CVE-2022-48335 Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagVerifyProvisioning integer overflo...
E
CVE-2022-48336 Widevine Trusted Application (TA) 5.0.0 through 7.1.1 has a PRDiagParseAndStoreData integer overflow...
E
CVE-2022-48337 GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of ...
S
CVE-2022-48338 An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file funct...
S
CVE-2022-48339 An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerabil...
S
CVE-2022-48340 In Gluster GlusterFS 11.0, there is an xlators/cluster/dht/src/dht-common.c dht_setxattr_mds_cbk use...
E S
CVE-2022-48341 ThingsBoard 3.4.1 could allow a remote authenticated attacker to achieve Vertical Privilege Escalati...
CVE-2022-48342 In JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents....
CVE-2022-48343 In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the user creation process....
CVE-2022-48344 In JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the group creation process....
CVE-2022-48345 sanitize-url (aka @braintree/sanitize-url) before 6.0.2 allows XSS via HTML entities....
S
CVE-2022-48346 The HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerabilit...
CVE-2022-48347 The MediaProvider module has a vulnerability in permission verification. Successful exploitation of ...
CVE-2022-48348 The MediaProvider module has a vulnerability of unauthorized data read. Successful exploitation of t...
CVE-2022-48349 The control component has a spoofing vulnerability. Successful exploitation of this vulnerability ma...
CVE-2022-48350 The HUAWEI Messaging app has a vulnerability of unauthorized file access. Successful exploitation of...
CVE-2022-48351 The secure OS module has configuration defects. Successful exploitation of this vulnerability may af...
CVE-2022-48352 Some smartphones have data initialization issues. Successful exploitation of this vulnerability may ...
CVE-2022-48353 Some smartphones have configuration issues. Successful exploitation of this vulnerability may cause ...
CVE-2022-48354 The Bluetooth module has a heap out-of-bounds write vulnerability. Successful exploitation of this v...
CVE-2022-48355 The Bluetooth module has a heap out-of-bounds read vulnerability. Successful exploitation of this vu...
CVE-2022-48356 The facial recognition module has a vulnerability in input parameter verification. Successful exploi...
CVE-2022-48357 Some products have the double fetch vulnerability. Successful exploitation of this vulnerability may...
CVE-2022-48358 The BatteryHealthActivity has a redirection vulnerability. Successful exploitation of this vulnerabi...
CVE-2022-48359 The recovery mode for updates has a vulnerability that causes arbitrary disk modification. Successfu...
CVE-2022-48360 The facial recognition module has a vulnerability in file permission control. Successful exploitatio...
CVE-2022-48361 The Always On Display (AOD) has a path traversal vulnerability in theme files. Successful exploitati...
CVE-2022-48362 Zoho ManageEngine Desktop Central and Desktop Central MSP before 10.1.2137.2 allow directory travers...
E
CVE-2022-48363 In MPD before 0.23.8, as used on Automotive Grade Linux and other platforms, the PipeWire output plu...
E S
CVE-2022-48364 The undo_mark_statuses_as_sensitive method in app/services/approve_appeal_service.rb in Mastodon 3.5...
E S
CVE-2022-48365 An issue was discovered in eZ Platform Ibexa Kernel before 1.3.26. The Company admin role gives exce...
S
CVE-2022-48366 An issue was discovered in eZ Platform Ibexa Kernel before 1.3.19. It allows determining account exi...
CVE-2022-48367 An issue was discovered in eZ Publish Ibexa Kernel before 7.5.28. Access control based on object sta...
CVE-2022-48368 In audio service, there is a possible missing permission check. This could lead to local escalation ...
CVE-2022-48369 In audio service, there is a possible missing permission check. This could lead to local escalation ...
CVE-2022-48370 In dialer service, there is a possible missing permission check. This could lead to local informatio...
CVE-2022-48371 In dialer service, there is a possible missing permission check. This could lead to local informatio...
CVE-2022-48372 In bootcp service, there is a possible out of bounds write due to a missing bounds check. This could...
CVE-2022-48373 In tee service, there is a possible out of bounds write due to a missing bounds check. This could le...
CVE-2022-48374 In tee service, there is a possible out of bounds write due to a missing bounds check. This could le...
CVE-2022-48375 In contacts service, there is a possible missing permission check. This could lead to local denial o...
CVE-2022-48376 In dialer service, there is a possible missing permission check. This could lead to local denial of ...
CVE-2022-48377 In dialer service, there is a possible missing permission check. This could lead to local denial of ...
CVE-2022-48378 In engineermode service, there is a possible missing permission check. This could lead to local deni...
CVE-2022-48379 In dialer service, there is a possible missing permission check. This could lead to local denial of ...
CVE-2022-48380 In modem control device, there is a possible out of bounds write due to a missing bounds check. This...
CVE-2022-48381 In modem control device, there is a possible out of bounds write due to a missing bounds check. This...
CVE-2022-48382 In log service, there is a possible out of bounds write due to a missing bounds check. This could le...
CVE-2022-48383 .In srtd service, there is a possible missing permission check. This could lead to local escalation ...
CVE-2022-48384 In srtd service, there is a possible missing permission check. This could lead to local escalation o...
CVE-2022-48385 In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could...
CVE-2022-48386 the apipe driver, there is a possible use after free due to a logic error. This could lead to local ...
CVE-2022-48387 the apipe driver, there is a possible out of bounds write due to a missing bounds check. This could ...
CVE-2022-48388 In powerEx service, there is a possible missing permission check. This could lead to local escalatio...
CVE-2022-48389 In modem control device, there is a possible out of bounds write due to a missing bounds check. This...
CVE-2022-48390 In telephony service, there is a possible missing permission check. This could lead to local escalat...
CVE-2022-48391 In telephony service, there is a possible missing permission check. This could lead to local denial ...
CVE-2022-48392 In dialer service, there is a possible missing permission check. This could lead to local escalation...
CVE-2022-48422 ONLYOFFICE Docs through 7.3 on certain Linux distributions allows local users to gain privileges via...
E
CVE-2022-48423 In the Linux kernel before 6.1.3, fs/ntfs3/record.c does not validate resident attribute names. An o...
S
CVE-2022-48424 In the Linux kernel before 6.1.3, fs/ntfs3/inode.c does not validate the attribute name offset. An u...
S
CVE-2022-48425 In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validat...
S
CVE-2022-48426 In JetBrains TeamCity before 2022.10.3 stored XSS in Perforce connection settings was possible...
CVE-2022-48427 In JetBrains TeamCity before 2022.10.3 stored XSS on “Pending changes” and “Changes” tabs was possib...
CVE-2022-48428 In JetBrains TeamCity before 2022.10.3 stored XSS on the SSH keys page was possible...
CVE-2022-48429 In JetBrains Hub before 2022.3.15573, 2022.2.15572, 2022.1.15583 reflected XSS in dashboards was pos...
CVE-2022-48430 In JetBrains IntelliJ IDEA before 2023.1 file content could be disclosed via an external stylesheet ...
CVE-2022-48431 In JetBrains IntelliJ IDEA before 2023.1 in some cases, Gradle and Maven projects could be imported ...
CVE-2022-48432 In JetBrains IntelliJ IDEA before 2023.1 the bundled version of Chromium wasn't sandboxed....
CVE-2022-48433 In JetBrains IntelliJ IDEA before 2023.1 the NTLM hash could leak through an API method used in the ...
CVE-2022-48434 libavcodec/pthread_frame.c in FFmpeg before 5.1.2, as used in VLC and other products, leaves stale h...
E S
CVE-2022-48435 In JetBrains PhpStorm before 2023.1 source code could be logged in the local idea.log file...
CVE-2022-48437 An issue was discovered in x509/x509_verify.c in LibreSSL before 3.6.1, and in OpenBSD before 7.2 er...
S
CVE-2022-48438 In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could...
CVE-2022-48439 In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could...
CVE-2022-48440 In dialer service, there is a possible missing permission check. This could lead to local denial of ...
CVE-2022-48441 In dialer service, there is a possible missing permission check. This could lead to local denial of ...
CVE-2022-48442 In dialer service, there is a possible missing permission check. This could lead to local denial of ...
CVE-2022-48443 In telephony service, there is a possible missing permission check. This could lead to local denial ...
CVE-2022-48444 In telephony service, there is a possible missing permission check. This could lead to local denial ...
CVE-2022-48445 In telephony service, there is a possible missing permission check. This could lead to local denial ...
CVE-2022-48446 In telephony service, there is a possible missing permission check. This could lead to local denial ...
CVE-2022-48447 In telephony service, there is a possible missing permission check. This could lead to local denial ...
CVE-2022-48448 In telephony service, there is a possible missing permission check. This could lead to local denial ...
CVE-2022-48450 In bluetooth service, there is a possible missing params check. This could lead to local denial of ...
CVE-2022-48451 In bluetooth service, there is a possible out of bounds write due to race condition. This could lea...
CVE-2022-48452 In Ifaa service, there is a possible missing permission check. This could lead to local denial of se...
CVE-2022-48453 In camera driver, there is a possible out of bounds write due to a missing bounds check. This could ...
CVE-2022-48454 In wifi service, there is a possible out of bounds write due to a missing bounds check. This could l...
CVE-2022-48455 In wifi service, there is a possible out of bounds write due to a missing bounds check. This could l...
CVE-2022-48456 In camera driver, there is a possible out of bounds write due to a incorrect bounds check. This coul...
CVE-2022-48457 In TeleService, there is a possible system crash due to improper input validation. This could lead t...
CVE-2022-48458 In TeleService, there is a possible system crash due to improper input validation. This could lead t...
CVE-2022-48459 In TeleService, there is a possible system crash due to improper input validation. This could lead t...
CVE-2022-48460 In setting service, there is a possible undefined behavior due to incorrect error handling. This cou...
CVE-2022-48461 In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could ...
CVE-2022-48462 In wifi service, there is a possible out of bounds write due to a missing bounds check. This could l...
CVE-2022-48463 In wifi service, there is a possible out of bounds write due to a missing bounds check. This could l...
CVE-2022-48464 In wifi service, there is a possible out of bounds write due to a missing bounds check. This could l...
CVE-2022-48468 protobuf-c before 1.4.1 has an unsigned integer overflow in parse_required_member....
S
CVE-2022-48469 There is a traffic hijacking vulnerability in Huawei routers. Successful exploitation of this vulner...
CVE-2022-48470 Huawei HiLink AI Life product has an identity authentication bypass vulnerability. Successful exploi...
CVE-2022-48471 There is a misinterpretation of input vulnerability in Huawei Printer. Successful exploitation of th...
CVE-2022-48472 A Huawei printer has a system command injection vulnerability. Successful exploitation could lead to...
CVE-2022-48473 There is a misinterpretation of input vulnerability in Huawei Printer. Successful exploitation of th...
CVE-2022-48474 Control de Ciber, in its 1.650 version, is affected by a Denial of Service condition through the ver...
CVE-2022-48475 Buffer Overflow vulnerability in Control de Ciber version 1.650, in the printing function. Sending a...
CVE-2022-48476 In JetBrains Ktor before 2.3.0 path traversal in the `resolveResource` method was possible ...
CVE-2022-48477 In JetBrains Hub before 2023.1.15725 SSRF protection in Auth Module integration was missing ...
CVE-2022-48478 The facial recognition TA of some products lacks memory length verification. Successful exploitation...
CVE-2022-48479 The facial recognition TA of some products has the out-of-bounds memory read vulnerability. Successf...
CVE-2022-48480 Integer overflow vulnerability in some phones. Successful exploitation of this vulnerability may aff...
CVE-2022-48481 In JetBrains Toolbox App before 1.28 a DYLIB injection on macOS was possible...
CVE-2022-48482 3CX before 18 Update 2 Security Hotfix build 18.0.2.315 on Windows allows unauthenticated remote att...
CVE-2022-48483 3CX before 18 Hotfix 1 build 18.0.3.461 on Windows allows unauthenticated remote attackers to read %...
CVE-2022-48486 Configuration defects in the secure OS module.Successful exploitation of this vulnerability will aff...
CVE-2022-48487 Configuration defects in the secure OS module.Successful exploitation of this vulnerability will aff...
CVE-2022-48488 Vulnerability of bypassing the default desktop security controls.Successful exploitation of this vul...
CVE-2022-48489 Configuration defects in the secure OS module.Successful exploitation of this vulnerability will aff...
CVE-2022-48490 Configuration defects in the secure OS module.Successful exploitation of this vulnerability will aff...
CVE-2022-48491 Vulnerability of missing authentication on certain HUAWEI phones.Successful exploitation of this vul...
CVE-2022-48492 Configuration defects in the secure OS module.Successful exploitation of this vulnerability will aff...
CVE-2022-48493 Configuration defects in the secure OS module.Successful exploitation of this vulnerability will aff...
CVE-2022-48494 Vulnerability of lax app identity verification in the pre-authorization function.Successful exploita...
CVE-2022-48495 Vulnerability of unauthorized access to foreground app information.Successful exploitation of this v...
CVE-2022-48496 Vulnerability of lax app identity verification in the pre-authorization function.Successful exploita...
CVE-2022-48497 Configuration defects in the secure OS module.Successful exploitation of this vulnerability will aff...
CVE-2022-48498 Configuration defects in the secure OS module.Successful exploitation of this vulnerability will aff...
CVE-2022-48499 Configuration defects in the secure OS module.Successful exploitation of this vulnerability will aff...
CVE-2022-48500 Configuration defects in the secure OS module.Successful exploitation of this vulnerability will aff...
CVE-2022-48501 Configuration defects in the secure OS module.Successful exploitation of this vulnerability will aff...
CVE-2022-48502 An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check ...
E S
CVE-2022-48503 The issue was addressed with improved bounds checks. This issue is fixed in tvOS 15.6, watchOS 8.7, ...
CVE-2022-48504 The issue was addressed with improved handling of caches. This issue is fixed in macOS Ventura 13. A...
CVE-2022-48505 This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. An ...
CVE-2022-48506 A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and ICP2) ...
CVE-2022-48507 Vulnerability of identity verification being bypassed in the storage module. Successful exploitation...
CVE-2022-48508 Inappropriate authorization vulnerability in the system apps. Successful exploitation of this vulne...
CVE-2022-48509 Race condition vulnerability due to multi-thread access to mutually exclusive resources in Huawei Sh...
CVE-2022-48510 Input verification vulnerability in the AMS module. Successful exploitation of this vulnerability wi...
CVE-2022-48511 Use After Free (UAF) vulnerability in the audio PCM driver module under special conditions. Successf...
CVE-2022-48512 Use After Free (UAF) vulnerability in the Vdecoderservice service. Successful exploitation of this v...
CVE-2022-48513 Vulnerability of identity verification being bypassed in the Gallery module. Successful exploitation...
CVE-2022-48514 The Sepolicy module has inappropriate permission control on the use of Netlink.Successful exploitati...
CVE-2022-48515 Vulnerability of inappropriate permission control in Nearby. Successful exploitation of this vulnera...
CVE-2022-48516 Vulnerability that a unique value can be obtained by a third-party app in the DSoftBus module. Succe...
CVE-2022-48517 Unauthorized service access vulnerability in the DSoftBus module. Successful exploitation of this vu...
CVE-2022-48518 Vulnerability of signature verification in the iaware system being initialized later than the time w...
CVE-2022-48519 Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerabil...
CVE-2022-48520 Unauthorized access vulnerability in the SystemUI module. Successful exploitation of this vulnerabil...
CVE-2022-48521 An issue was discovered in OpenDKIM through 2.10.3, and 2.11.x through 2.11.0-Beta2. It fails to kee...
CVE-2022-48522 In Perl 5.34.0, function S_find_uninit_var in sv.c has a stack-based crash that can lead to remote c...
E
CVE-2022-48538 In Cacti 1.2.19, there is an authentication bypass in the web login functionality because of imprope...
E
CVE-2022-48541 A memory leak in ImageMagick 7.0.10-45 and 6.9.11-22 allows remote attackers to perform a denial of ...
E
CVE-2022-48545 An infinite recursion in Catalog::findDestInTree can cause denial of service for xpdf 4.02....
CVE-2022-48547 A reflected cross-site scripting (XSS) vulnerability in Cacti 0.8.7g and earlier allows unauthentica...
E
CVE-2022-48554 File before 5.43 has an stack-based buffer over-read in file_copystr in funcs.c. NOTE: "File" is the...
E
CVE-2022-48560 A use-after-free exists in Python through 3.9 via heappushpop in heapq....
E S
CVE-2022-48564 read_ints in plistlib.py in Python through 3.9.1 is vulnerable to a potential DoS attack via CPU and...
E S
CVE-2022-48565 An XML External Entity (XXE) issue was discovered in Python through 3.9.1. The plistlib module no lo...
E S
CVE-2022-48566 An issue was discovered in compare_digest in Lib/hmac.py in Python through 3.9.1. Constant-time-defe...
E S
CVE-2022-48570 Crypto++ through 8.4 contains a timing side channel in ECDSA signature generation. Function FixedSiz...
E S
CVE-2022-48571 memcached 1.6.7 allows a Denial of Service via multi-packet uploads in UDP....
S
CVE-2022-48577 An access issue was addressed with improved access restrictions. This issue is fixed in macOS Ventur...
CVE-2022-48578 An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mont...
CVE-2022-48579 UnRAR before 6.2.3 allows extraction of files outside of the destination folder via symlink chains....
S
CVE-2022-48580 A command injection vulnerability exists in the ARP ping device tool feature of the ScienceLogic SL1...
CVE-2022-48581 A command injection vulnerability exists in the “dash export” feature of the ScienceLogic SL1 that t...
CVE-2022-48582 A command injection vulnerability exists in the ticket report generate feature of the ScienceLogic S...
CVE-2022-48583 A command injection vulnerability exists in the dashboard scheduler feature of the ScienceLogic SL1 ...
CVE-2022-48584 A command injection vulnerability exists in the download and convert report feature of the ScienceLo...
CVE-2022-48585 A SQL injection vulnerability exists in the “admin brand portal” feature of the ScienceLogic SL1 tha...
CVE-2022-48586 A SQL injection vulnerability exists in the “json walker” feature of the ScienceLogic SL1 that takes...
CVE-2022-48587 A SQL injection vulnerability exists in the “schedule editor” feature of the ScienceLogic SL1 that t...
CVE-2022-48588 A SQL injection vulnerability exists in the “schedule editor decoupled” feature of the ScienceLogic ...
CVE-2022-48589 A SQL injection vulnerability exists in the “reporting job editor” feature of the ScienceLogic SL1 t...
CVE-2022-48590 A SQL injection vulnerability exists in the “admin dynamic app mib errors” feature of the ScienceLog...
CVE-2022-48591 A SQL injection vulnerability exists in the vendor_state parameter of the “vendor print report” feat...
CVE-2022-48592 A SQL injection vulnerability exists in the vendor_country parameter of the “vendor print report” fe...
CVE-2022-48593 A SQL injection vulnerability exists in the “topology data service” feature of the ScienceLogic SL1 ...
CVE-2022-48594 A SQL injection vulnerability exists in the “ticket watchers email” feature of the ScienceLogic SL1 ...
CVE-2022-48595 A SQL injection vulnerability exists in the “ticket template watchers” feature of the ScienceLogic S...
CVE-2022-48596 A SQL injection vulnerability exists in the “ticket queue watchers” feature of the ScienceLogic SL1 ...
CVE-2022-48597 A SQL injection vulnerability exists in the “ticket event report” feature of the ScienceLogic SL1 th...
CVE-2022-48598 A SQL injection vulnerability exists in the “reporter events type date” feature of the ScienceLogic ...
CVE-2022-48599 A SQL injection vulnerability exists in the “reporter events type” feature of the ScienceLogic SL1 t...
CVE-2022-48600 A SQL injection vulnerability exists in the “notes view” feature of the ScienceLogic SL1 that takes ...
CVE-2022-48601 A SQL injection vulnerability exists in the “network print report” feature of the ScienceLogic SL1 t...
CVE-2022-48602 A SQL injection vulnerability exists in the “message viewer print” feature of the ScienceLogic SL1 t...
CVE-2022-48603 A SQL injection vulnerability exists in the “message viewer iframe” feature of the ScienceLogic SL1 ...
CVE-2022-48604 A SQL injection vulnerability exists in the “logging export” feature of the ScienceLogic SL1 that ta...
CVE-2022-48605 Input verification vulnerability in the fingerprint module. Successful exploitation of this vulnerab...
CVE-2022-48606 Stability-related vulnerability in the binder background management and control module. Successful e...
CVE-2022-48610 This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13....
CVE-2022-48611 A logic issue was addressed with improved checks. This issue is fixed in iTunes 12.12.4 for Windows....
CVE-2022-48612 A Universal Cross Site Scripting (UXSS) vulnerability in ClassLink OneClick Extension through 10.7 a...
E
CVE-2022-48613 Race condition vulnerability in the kernel module. Successful exploitation of this vulnerability may...
CVE-2022-48614 Special:Ask in Semantic MediaWiki before 4.0.2 allows Reflected XSS....
CVE-2022-48615 An improper access control vulnerability exists in a Huawei datacom product. Attackers can exploit t...
E
CVE-2022-48616 A Huawei data communication product has a command injection vulnerability. Successful exploitation o...
E
CVE-2022-48618 The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.1, watchOS 9.2...
KEV
CVE-2022-48619 An issue was discovered in drivers/input/input.c in the Linux kernel before 5.17.10. An attacker can...
S
CVE-2022-48620 uev (aka libuev) before 2.4.1 has a buffer overflow in epoll_wait if maxevents is a large number....
S
CVE-2022-48621 Vulnerability of missing authentication for critical functions in the Wi-Fi module.Successful exploi...
CVE-2022-48622 In GNOME GdkPixbuf (aka gdk-pixbuf) through 2.42.10, the ANI (Windows animated cursor) decoder encou...
E
CVE-2022-48623 The Cpanel::JSON::XS package before 4.33 for Perl performs out-of-bounds accesses in a way that allo...
S
CVE-2022-48624 close_altfile in filename.c in less before 606 omits shell_quote calls for LESSCLOSE....
S
CVE-2022-48625 Yealink Config Encrypt Tool add RSA before 1.2 has a built-in RSA key pair, and thus there is a risk...
CVE-2022-48626 moxart: fix potential use-after-free on remove path
S
CVE-2022-48627 vt: fix memory overlapping when deleting chars in the buffer
S
CVE-2022-48628 ceph: drop messages from MDS when unmounting
S
CVE-2022-48629 crypto: qcom-rng - ensure buffer for generate is completely filled
E S
CVE-2022-48630 crypto: qcom-rng - fix infinite loop on requests not multiple of WORD_SZ
S
CVE-2022-48631 ext4: fix bug in extents parsing when eh_entries == 0 and eh_depth > 0
CVE-2022-48632 i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction()
S
CVE-2022-48633 drm/gma500: Fix WARN_ON(lock->magic != lock) error
CVE-2022-48634 drm/gma500: Fix BUG: sleeping function called from invalid context errors
S
CVE-2022-48635 fsdax: Fix infinite loop in dax_iomap_rw()
S
CVE-2022-48636 s390/dasd: fix Oops in dasd_alias_get_start_dev due to missing pavgroup
S
CVE-2022-48637 bnxt: prevent skb UAF after handing over to PTP worker
S
CVE-2022-48638 cgroup: cgroup_get_from_id() must check the looked-up kn is a directory
S
CVE-2022-48639 net: sched: fix possible refcount leak in tc_new_tfilter()
S
CVE-2022-48640 bonding: fix NULL deref in bond_rr_gen_slave_id
CVE-2022-48641 netfilter: ebtables: fix memory leak when blob is malformed
S
CVE-2022-48642 netfilter: nf_tables: fix percpu memory leak at nf_tables_addchain()
S
CVE-2022-48643 netfilter: nf_tables: fix nft_counters_enabled underflow at nf_tables_addchain()
CVE-2022-48644 net/sched: taprio: avoid disabling offload when it was never enabled
CVE-2022-48645 net: enetc: deny offload of tc-based TSN features on VF interfaces
CVE-2022-48646 sfc/siena: fix null pointer dereference in efx_hard_start_xmit
S
CVE-2022-48647 sfc: fix TX channel offset when using legacy interrupts
S
CVE-2022-48648 sfc: fix null pointer dereference in efx_hard_start_xmit
S
CVE-2022-48649 mm/slab_common: fix possible double free of kmem_cache
S
CVE-2022-48650 scsi: qla2xxx: Fix memory leak in __qlt_24xx_handle_abts()
S
CVE-2022-48651 ipvlan: Fix out-of-bound bugs caused by unset skb->mac_header
S
CVE-2022-48652 ice: Fix crash by keep old cfg when update TCs more than queues
CVE-2022-48653 ice: Don't double unplug aux on peer initiated reset
CVE-2022-48654 netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find()
S
CVE-2022-48655 firmware: arm_scmi: Harden accesses to the reset domains
S
CVE-2022-48656 dmaengine: ti: k3-udma-private: Fix refcount leak bug in of_xudma_dev_get()
S
CVE-2022-48657 arm64: topology: fix possible overflow in amu_fie_setup()
S
CVE-2022-48658 mm: slub: fix flush_cpu_slab()/__free_slab() invocations in task context.
S
CVE-2022-48659 mm/slub: fix to return errno if kmalloc() fails
S
CVE-2022-48660 gpiolib: cdev: Set lineevent_state::irq after IRQ register successfully
S
CVE-2022-48661 gpio: mockup: Fix potential resource leakage when register a chip
S
CVE-2022-48662 drm/i915/gem: Really move i915_gem_context.link under ref protection
S
CVE-2022-48663 gpio: mockup: fix NULL pointer dereference when removing debugfs
S
CVE-2022-48664 btrfs: fix hang during unmount when stopping a space reclaim worker
CVE-2022-48665 exfat: fix overflow for large capacity partition
CVE-2022-48666 scsi: core: Fix a use-after-free
S
CVE-2022-48667 smb3: fix temporary data corruption in insert range
CVE-2022-48668 smb3: fix temporary data corruption in collapse range
CVE-2022-48669 powerpc/pseries: Fix potential memleak in papr_get_attr()
S
CVE-2022-48670 peci: cpu: Fix use-after-free in adev_release()
S
CVE-2022-48671 cgroup: Add missing cpus_read_lock() to cgroup_attach_task_all()
S
CVE-2022-48672 of: fdt: fix off-by-one error in unflatten_dt_nodes()
S
CVE-2022-48673 net/smc: Fix possible access to freed memory in link clear
S
CVE-2022-48674 erofs: fix pcluster use-after-free on UP platforms
S
CVE-2022-48675 IB/core: Fix a nested dead lock as part of ODP flow
S
CVE-2022-48681 Some Huawei smart speakers have a memory overflow vulnerability. Successful exploitation of this vul...
CVE-2022-48682 In deletefiles in FDUPES before 2.2.0, a TOCTOU race condition allows arbitrary file deletion via a ...
CVE-2022-48683 An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Ven...
CVE-2022-48684 An issue was discovered in Logpoint before 7.1.1. Template injection was seen in the search template...
CVE-2022-48685 An issue was discovered in Logpoint 7.1 before 7.1.2. The daily executed cron file clean_secbi_old_l...
CVE-2022-48686 nvme-tcp: fix UAF when detecting digest errors
S
CVE-2022-48687 ipv6: sr: fix out-of-bounds read when setting HMAC data.
S
CVE-2022-48688 i40e: Fix kernel crash during module removal
S
CVE-2022-48689 tcp: TX zerocopy should not sense pfmemalloc status
S
CVE-2022-48690 ice: Fix DMA mappings leak
CVE-2022-48691 netfilter: nf_tables: clean up hook list when offload flags check fails
S
CVE-2022-48692 RDMA/srp: Set scmnd->result only when scmnd is not NULL
S
CVE-2022-48693 soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs
S
CVE-2022-48694 RDMA/irdma: Fix drain SQ hang with no completion
S
CVE-2022-48695 scsi: mpt3sas: Fix use-after-free warning
S
CVE-2022-48696 regmap: spi: Reserve space for register address/padding
S
CVE-2022-48697 nvmet: fix a use-after-free
S
CVE-2022-48698 drm/amd/display: fix memory leak when using debugfs_lookup()
S
CVE-2022-48699 sched/debug: fix dentry leak in update_sched_domain_debugfs
CVE-2022-48700 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2022-48701 ALSA: usb-audio: Fix an out-of-bounds bug in __snd_usb_parse_audio_interface()
S
CVE-2022-48702 ALSA: emu10k1: Fix out of bounds access in snd_emu10k1_pcm_channel_alloc()
S
CVE-2022-48703 thermal/int340x_thermal: handle data_vault when the value is ZERO_SIZE_PTR
S
CVE-2022-48704 drm/radeon: add a force flush to delay work when radeon
CVE-2022-48705 wifi: mt76: mt7921e: fix crash in chip reset fail
CVE-2022-48706 vdpa: ifcvf: Do proper cleanup if IFCVF init fails
S
CVE-2022-48707 cxl/region: Fix null pointer dereference for resetting decoder
S
CVE-2022-48708 pinctrl: single: fix potential NULL dereference
S
CVE-2022-48709 ice: switch: fix potential memleak in ice_add_adv_recipe()
S
CVE-2022-48710 drm/radeon: fix a possible null pointer dereference
S
CVE-2022-48711 tipc: improve size validations for received domain records
CVE-2022-48712 ext4: fix error handling in ext4_fc_record_modified_inode()
CVE-2022-48713 perf/x86/intel/pt: Fix crash with stop filters in single-range mode
CVE-2022-48714 bpf: Use VM_MAP instead of VM_ALLOC for ringbuf
CVE-2022-48715 scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe
CVE-2022-48716 ASoC: codecs: wcd938x: fix incorrect used of portid
S
CVE-2022-48717 ASoC: max9759: fix underflow in speaker_gain_control_put()
S
CVE-2022-48718 drm: mxsfb: Fix NULL pointer dereference
S
CVE-2022-48719 net, neigh: Do not trigger immediate probes on NUD_FAILED from neigh_managed_work
S
CVE-2022-48720 net: macsec: Fix offload support for NETDEV_UNREGISTER event
CVE-2022-48721 net/smc: Forward wakeup to smc socket waitqueue after fallback
CVE-2022-48722 net: ieee802154: ca8210: Stop leaking skb's
CVE-2022-48723 spi: uniphier: fix reference count leak in uniphier_spi_probe()
S
CVE-2022-48724 iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping()
S
CVE-2022-48725 RDMA/siw: Fix refcounting leak in siw_create_qp()
S
CVE-2022-48726 RDMA/ucma: Protect mc during concurrent multicast leaves
S
CVE-2022-48727 KVM: arm64: Avoid consuming a stale esr value when SError occur
CVE-2022-48728 IB/hfi1: Fix AIP early init panic
S
CVE-2022-48729 IB/hfi1: Fix panic with larger ipoib send_queue_size
S
CVE-2022-48730 dma-buf: heaps: Fix potential spectre v1 gadget
S
CVE-2022-48731 mm/kmemleak: avoid scanning potential huge holes
S
CVE-2022-48732 drm/nouveau: fix off by one in BIOS boundary checking
S
CVE-2022-48733 btrfs: fix use-after-free after failure to create a snapshot
S
CVE-2022-48734 btrfs: fix deadlock between quota disable and qgroup rescan worker
S
CVE-2022-48735 ALSA: hda: Fix UAF of leds class devs at unbinding
S
CVE-2022-48736 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2022-48737 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2022-48738 ASoC: ops: Reject out of bounds values in snd_soc_put_volsw()
CVE-2022-48739 ASoC: hdmi-codec: Fix OOB memory accesses
S
CVE-2022-48740 selinux: fix double free of cond_list on error paths
S
CVE-2022-48741 ovl: fix NULL pointer dereference in copy up warning
S
CVE-2022-48742 rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink()
S
CVE-2022-48743 net: amd-xgbe: Fix skb data length underflow
S
CVE-2022-48744 net/mlx5e: Avoid field-overflowing memcpy()
CVE-2022-48745 net/mlx5: Use del_timer_sync in fw reset flow of halting poll
CVE-2022-48746 net/mlx5e: Fix handling of wrong devices during bond netevent
S
CVE-2022-48747 block: Fix wrong offset in bio_truncate()
S
CVE-2022-48748 net: bridge: vlan: fix memory leak in __allowed_ingress
S
CVE-2022-48749 drm/msm/dpu: invalid parameter check in dpu_setup_dspp_pcc
S
CVE-2022-48750 hwmon: (nct6775) Fix crash in clear_caseopen
S
CVE-2022-48751 net/smc: Transitional solution for clcsock race issue
S
CVE-2022-48752 powerpc/perf: Fix power_pmu_disable to call clear_pmi_irq_pending only if PMI is pending
CVE-2022-48753 block: fix memory leak in disk_register_independent_access_ranges
S
CVE-2022-48754 phylib: fix potential use-after-free
S
CVE-2022-48755 powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA v2.06
S
CVE-2022-48756 drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable
S
CVE-2022-48757 net: fix information leakage in /proc/net/ptype
CVE-2022-48758 scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put()
CVE-2022-48759 rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev
CVE-2022-48760 USB: core: Fix hang in usb_kill_urb by adding memory barriers
CVE-2022-48761 usb: xhci-plat: fix crash when suspend if remote wake enable
CVE-2022-48762 arm64: extable: fix load_unaligned_zeropad() reg indices
S
CVE-2022-48763 KVM: x86: Forcibly leave nested virt when SMM state is toggled
CVE-2022-48764 KVM: x86: Free kvm_cpuid_entry2 array on post-KVM_RUN KVM_SET_CPUID{,2}
S
CVE-2022-48765 KVM: LAPIC: Also cancel preemption timer during SET_LAPIC
CVE-2022-48766 drm/amd/display: Wrap dcn301_calculate_wm_and_dlg for FPU.
S
CVE-2022-48767 ceph: properly put ceph_string reference after async create attempt
CVE-2022-48768 tracing/histogram: Fix a potential memory leak for kstrdup()
S
CVE-2022-48769 efi: runtime: avoid EFIv2 runtime services on Apple x86 machines
CVE-2022-48770 bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack()
S
CVE-2022-48771 drm/vmwgfx: Fix stale file descriptors on failed usercopy
S
CVE-2022-48772 media: lgdt3306a: Add a check against null-pointer-def
S
CVE-2022-48773 xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create
S
CVE-2022-48774 dmaengine: ptdma: Fix the error handling path in pt_core_init()
CVE-2022-48775 Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj
S
CVE-2022-48776 mtd: parsers: qcom: Fix missing free for pparts in cleanup
CVE-2022-48777 mtd: parsers: qcom: Fix kernel panic on skipped partition
S
CVE-2022-48778 mtd: rawnand: gpmi: don't leak PM reference in error path
S
CVE-2022-48779 net: mscc: ocelot: fix use-after-free in ocelot_vlan_del()
S
CVE-2022-48780 net/smc: Avoid overwriting the copies of clcsock callback functions
CVE-2022-48781 crypto: af_alg - get rid of alg_memory_allocated
S
CVE-2022-48782 mctp: fix use after free
S
CVE-2022-48783 net: dsa: lantiq_gswip: fix use after free in gswip_remove()
S
CVE-2022-48784 cfg80211: fix race in netlink owner interface destruction
S
CVE-2022-48785 ipv6: mcast: use rcu-safe version of ipv6_get_lladdr()
CVE-2022-48786 vsock: remove vsock from connected table when connect is interrupted by a signal
CVE-2022-48787 iwlwifi: fix use-after-free
S
CVE-2022-48788 nvme-rdma: fix possible use-after-free in transport error_recovery work
S
CVE-2022-48789 nvme-tcp: fix possible use-after-free in transport error_recovery work
S
CVE-2022-48790 nvme: fix a possible use-after-free in controller reset during load
S
CVE-2022-48791 scsi: pm8001: Fix use-after-free for aborted TMF sas_task
S
CVE-2022-48792 scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task
S
CVE-2022-48793 KVM: x86: nSVM: fix potential NULL derefernce on nested migration
S
CVE-2022-48794 net: ieee802154: at86rf230: Stop leaking skb's
CVE-2022-48795 parisc: Fix data TLB miss in sba_unmap_sg
CVE-2022-48796 iommu: Fix potential use-after-free during probe
S
CVE-2022-48797 mm: don't try to NUMA-migrate COW pages that have other uses
CVE-2022-48798 s390/cio: verify the driver availability for path_event call
CVE-2022-48799 perf: Fix list corruption in perf_cgroup_switch()
CVE-2022-48800 mm: vmscan: remove deadlock due to throttling failing to make progress
S
CVE-2022-48801 iio: buffer: Fix file related error handling in IIO_BUFFER_GET_FD_IOCTL
CVE-2022-48802 fs/proc: task_mmu.c: don't read mapcount for migration entry
CVE-2022-48803 phy: ti: Fix missing sentinel for clk_div_table
CVE-2022-48804 vt_ioctl: fix array_index_nospec in vt_setactivate
S
CVE-2022-48805 net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup
S
CVE-2022-48806 eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX
CVE-2022-48807 ice: Fix KASAN error in LAG NETDEV_UNREGISTER handler
CVE-2022-48808 net: dsa: fix panic when DSA master device unbinds on shutdown
S
CVE-2022-48809 net: fix a memleak when uncloning an skb dst and its metadata
S
CVE-2022-48810 ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path
CVE-2022-48811 ibmvnic: don't release napi in __ibmvnic_open()
CVE-2022-48812 net: dsa: lantiq_gswip: don't use devres for mdiobus
CVE-2022-48813 net: dsa: felix: don't use devres for mdiobus
CVE-2022-48814 net: dsa: seville: register the mdiobus under devres
CVE-2022-48815 net: dsa: bcm_sf2: don't use devres for mdiobus
CVE-2022-48816 SUNRPC: lock against ->sock changing during sysfs read
CVE-2022-48817 net: dsa: ar9331: register the mdiobus under devres
CVE-2022-48818 net: dsa: mv88e6xxx: don't use devres for mdiobus
CVE-2022-48819 tcp: take care of mixed splice()/sendmsg(MSG_ZEROCOPY) case
CVE-2022-48820 phy: stm32: fix a refcount leak in stm32_usbphyc_pll_enable()
S
CVE-2022-48821 misc: fastrpc: avoid double fput() on failed usercopy
CVE-2022-48822 usb: f_fs: Fix use-after-free for epfile
S
CVE-2022-48823 scsi: qedf: Fix refcount issue when LOGO is received during TMF
CVE-2022-48824 scsi: myrs: Fix crash in error case
S
CVE-2022-48825 scsi: qedf: Add stag_work to all the vports
CVE-2022-48826 drm/vc4: Fix deadlock on DSI device attach error
S
CVE-2022-48827 NFSD: Fix the behavior of READ near OFFSET_MAX
CVE-2022-48828 NFSD: Fix ia_size underflow
CVE-2022-48829 NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes
CVE-2022-48830 can: isotp: fix potential CAN frame reception race in isotp_rcv()
CVE-2022-48831 ima: fix reference leak in asymmetric_verify()
CVE-2022-48832 audit: don't deref the syscall args when checking the openat2 open_how::flags
CVE-2022-48833 btrfs: skip reserved bytes warning on unmount after log cleanup failure
CVE-2022-48834 usb: usbtmc: Fix bug in pipe direction for control transfers
S
CVE-2022-48835 scsi: mpt3sas: Page fault in reply q processing
S
CVE-2022-48836 Input: aiptek - properly check endpoint type
S
CVE-2022-48837 usb: gadget: rndis: prevent integer overflow in rndis_set_response()
S
CVE-2022-48838 usb: gadget: Fix use-after-free bug by not setting udc->dev.driver
S
CVE-2022-48839 net/packet: fix slab-out-of-bounds access in packet_recvmsg()
S
CVE-2022-48840 iavf: Fix hang during reboot/shutdown
S
CVE-2022-48841 ice: fix NULL pointer dereference in ice_update_vsi_tx_ring_stats()
S
CVE-2022-48842 ice: Fix race condition during interface enslave
S
CVE-2022-48843 drm/vrr: Set VRR capable prop only if it is attached to connector
S
CVE-2022-48844 Bluetooth: hci_core: Fix leaking sent_cmd skb
S
CVE-2022-48845 MIPS: smp: fill in sibling and core maps earlier
S
CVE-2022-48846 block: release rq qos structures for queue without disk
S
CVE-2022-48847 watch_queue: Fix filter limit check
S
CVE-2022-48848 tracing/osnoise: Do not unregister events twice
S
CVE-2022-48849 drm/amdgpu: bypass tiling flag check in virtual display case (v2)
S
CVE-2022-48850 net-sysfs: add check for netdevice being present to speed_show
S
CVE-2022-48851 staging: gdm724x: fix use after free in gdm_lte_rx()
S
CVE-2022-48852 drm/vc4: hdmi: Unregister codec device on unbind
S
CVE-2022-48853 swiotlb: fix info leak with DMA_FROM_DEVICE
S
CVE-2022-48854 net: arc_emac: Fix use after free in arc_mdio_probe()
S
CVE-2022-48855 sctp: fix kernel-infoleak for SCTP sockets
S
CVE-2022-48856 gianfar: ethtool: Fix refcount leak in gfar_get_ts_info
S
CVE-2022-48857 NFC: port100: fix use-after-free in port100_send_complete
S
CVE-2022-48858 net/mlx5: Fix a race on command flush flow
S
CVE-2022-48859 net: marvell: prestera: Add missing of_node_put() in prestera_switch_set_base_mac_addr
S
CVE-2022-48860 ethernet: Fix error handling in xemaclite_of_probe
S
CVE-2022-48861 vdpa: fix use-after-free on vp_vdpa_remove
S
CVE-2022-48862 vhost: fix hung thread due to erroneous iotlb entries
S
CVE-2022-48863 mISDN: Fix memory leak in dsp_pipeline_build()
S
CVE-2022-48864 vdpa/mlx5: add validation for VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET command
S
CVE-2022-48865 tipc: fix kernel panic when enabling bearer
S
CVE-2022-48866 HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts
S
CVE-2022-48867 dmaengine: idxd: Prevent use after free on completion memory
S
CVE-2022-48868 dmaengine: idxd: Let probe fail when workqueue cannot be enabled
S
CVE-2022-48869 USB: gadgetfs: Fix race between mounting and unmounting
S
CVE-2022-48870 tty: fix possible null-ptr-defer in spk_ttyio_release
S
CVE-2022-48871 tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer
S
CVE-2022-48872 misc: fastrpc: Fix use-after-free race condition for maps
S
CVE-2022-48873 misc: fastrpc: Don't remove map on creater_process and device_release
S
CVE-2022-48874 misc: fastrpc: Fix use-after-free and race in fastrpc_map_find
S
CVE-2022-48875 wifi: mac80211: sdata can be NULL during AMPDU start
S
CVE-2022-48876 wifi: mac80211: fix initialization of rx->link and rx->link_sta
S
CVE-2022-48877 f2fs: let's avoid panic if extent_tree is not created
S
CVE-2022-48878 Bluetooth: hci_qca: Fix driver shutdown on closed serdev
S
CVE-2022-48879 efi: fix NULL-deref in init error path
S
CVE-2022-48880 platform/surface: aggregator: Add missing call to ssam_request_sync_free()
CVE-2022-48881 platform/x86/amd: Fix refcount leak in amd_pmc_probe
S
CVE-2022-48882 net/mlx5e: Fix macsec possible null dereference when updating MAC security entity (SecY)
S
CVE-2022-48883 net/mlx5e: IPoIB, Block PKEY interfaces with less rx queues than parent
CVE-2022-48884 net/mlx5: Fix command stats access after free
S
CVE-2022-48885 ice: Fix potential memory leak in ice_gnss_tty_write()
S
CVE-2022-48886 ice: Add check for kzalloc
S
CVE-2022-48887 drm/vmwgfx: Remove rcu locks from user resources
S
CVE-2022-48888 drm/msm/dpu: Fix memory leak in msm_mdss_parse_data_bus_icc_path
S
CVE-2022-48889 ASoC: Intel: sof-nau8825: fix module alias overflow
S
CVE-2022-48890 scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM
S
CVE-2022-48891 regulator: da9211: Use irq handler when ready
S
CVE-2022-48892 sched/core: Fix use-after-free bug in dup_user_cpus_ptr()
S
CVE-2022-48893 drm/i915/gt: Cleanup partial engine discovery failures
S
CVE-2022-48894 iommu/arm-smmu-v3: Don't unregister on shutdown
S
CVE-2022-48895 iommu/arm-smmu: Don't unregister on shutdown
S
CVE-2022-48896 ixgbe: fix pci device refcount leak
S
CVE-2022-48897 arm64/mm: fix incorrect file_map_count for invalid pmd
S
CVE-2022-48898 drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for aux transfer
S
CVE-2022-48899 drm/virtio: Fix GEM handle creation UAF
S
CVE-2022-48900 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2022-48901 btrfs: do not start relocation until in progress drops are done
S
CVE-2022-48902 btrfs: do not WARN_ON() if we have PageError set
S
CVE-2022-48903 btrfs: fix relocation crash due to premature return from btrfs_commit_transaction()
S
CVE-2022-48904 iommu/amd: Fix I/O page table memory leak
S
CVE-2022-48905 ibmvnic: free reset-work-item when flushing
S
CVE-2022-48906 mptcp: Correctly set DATA_FIN timeout when number of retransmits is large
S
CVE-2022-48907 auxdisplay: lcd2s: Fix memory leak in ->remove()
S
CVE-2022-48908 net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe()
S
CVE-2022-48909 net/smc: fix connection leak
S
CVE-2022-48910 net: ipv6: ensure we call ipv6_mc_down() at most once
S
CVE-2022-48911 netfilter: nf_queue: fix possible use-after-free
S
CVE-2022-48912 netfilter: fix use-after-free in __nf_register_net_hook()
S
CVE-2022-48913 blktrace: fix use after free for struct blk_trace
S
CVE-2022-48914 xen/netfront: destroy queues before real_num_tx_queues is zeroed
S
CVE-2022-48915 thermal: core: Fix TZ_GET_TRIP NULL pointer dereference
S
CVE-2022-48916 iommu/vt-d: Fix double list_add when enabling VMD in scalable mode
S
CVE-2022-48917 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2022-48918 iwlwifi: mvm: check debugfs_dir ptr before use
S
CVE-2022-48919 cifs: fix double free race when mount fails in cifs_get_root()
S
CVE-2022-48920 btrfs: get rid of warning on transaction commit when using flushoncommit
S
CVE-2022-48921 sched/fair: Fix fault in reweight_entity
S
CVE-2022-48922 riscv: fix oops caused by irqsoff latency tracer
S
CVE-2022-48923 btrfs: prevent copying too big compressed lzo segment
S
CVE-2022-48924 thermal: int340x: fix memory leak in int3400_notify()
S
CVE-2022-48925 RDMA/cma: Do not change route.addr.src_addr outside state checks
S
CVE-2022-48926 usb: gadget: rndis: add spinlock for rndis response list
S
CVE-2022-48927 iio: adc: tsc2046: fix memory corruption by preventing array overflow
S
CVE-2022-48928 iio: adc: men_z188_adc: Fix a resource leak in an error handling path
S
CVE-2022-48929 bpf: Fix crash due to out of bounds access into reg2btf_ids.
S
CVE-2022-48930 RDMA/ib_srp: Fix a deadlock
S
CVE-2022-48931 configfs: fix a race in configfs_{,un}register_subsystem()
S
CVE-2022-48932 net/mlx5: DR, Fix slab-out-of-bounds in mlx5_cmd_dr_create_fte
S
CVE-2022-48933 netfilter: nf_tables: fix memory leak during stateful obj update
S
CVE-2022-48934 nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac()
S
CVE-2022-48935 netfilter: nf_tables: unregister flowtable hooks on netns exit
S
CVE-2022-48936 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2022-48937 io_uring: add a schedule point in io_add_buffers()
S
CVE-2022-48938 CDC-NCM: avoid overflow in sanity checking
S
CVE-2022-48939 bpf: Add schedule points in batch ops
S
CVE-2022-48940 bpf: Fix crash due to incorrect copy_map_value
S
CVE-2022-48941 ice: fix concurrent reset and removal of VFs
S
CVE-2022-48942 hwmon: Handle failure to register sensor with thermal zone correctly
S
CVE-2022-48943 KVM: x86/mmu: make apf token non-zero to fix bug
S
CVE-2022-48944 sched: Fix yet more sched_fork() races
S
CVE-2022-48945 media: vivid: fix compose size exceed boundary
CVE-2022-48946 udf: Fix preallocation discarding at indirect extent boundary
S
CVE-2022-48947 Bluetooth: L2CAP: Fix u8 overflow
S
CVE-2022-48948 usb: gadget: uvc: Prevent buffer overflow in setup handler
S
CVE-2022-48949 igb: Initialize mailbox message for VF reset
S
CVE-2022-48950 perf: Fix perf_pending_task() UaF
S
CVE-2022-48951 ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()
S
CVE-2022-48952 PCI: mt7621: Add sentinel to quirks table
S
CVE-2022-48953 rtc: cmos: Fix event handler registration ordering issue
S
CVE-2022-48954 s390/qeth: fix use-after-free in hsci
S
CVE-2022-48955 net: thunderbolt: fix memory leak in tbnet_open()
S
CVE-2022-48956 ipv6: avoid use-after-free in ip6_fragment()
S
CVE-2022-48957 dpaa2-switch: Fix memory leak in dpaa2_switch_acl_entry_add() and dpaa2_switch_acl_entry_remove()
S
CVE-2022-48958 ethernet: aeroflex: fix potential skb leak in greth_init_rings()
S
CVE-2022-48959 net: dsa: sja1105: fix memory leak in sja1105_setup_devlink_regions()
S
CVE-2022-48960 net: hisilicon: Fix potential use-after-free in hix5hd2_rx()
S
CVE-2022-48961 net: mdio: fix unbalanced fwnode reference count in mdio_device_release()
S
CVE-2022-48962 net: hisilicon: Fix potential use-after-free in hisi_femac_rx()
S
CVE-2022-48963 net: wwan: iosm: fix memory leak in ipc_mux_init()
S
CVE-2022-48964 ravb: Fix potential use-after-free in ravb_rx_gbeth()
S
CVE-2022-48965 gpio/rockchip: fix refcount leak in rockchip_gpiolib_register()
S
CVE-2022-48966 net: mvneta: Prevent out of bounds read in mvneta_config_rss()
S
CVE-2022-48967 NFC: nci: Bounds check struct nfc_target arrays
S
CVE-2022-48968 octeontx2-pf: Fix potential memory leak in otx2_init_tc()
S
CVE-2022-48969 xen-netfront: Fix NULL sring after live migration
S
CVE-2022-48970 af_unix: Get user_ns from in_skb in unix_diag_get_exact().
S
CVE-2022-48971 Bluetooth: Fix not cleanup led when bt_init fails
S
CVE-2022-48972 mac802154: fix missing INIT_LIST_HEAD in ieee802154_if_add()
S
CVE-2022-48973 gpio: amd8111: Fix PCI device reference count leak
S
CVE-2022-48974 netfilter: conntrack: fix using __this_cpu_add in preemptible
S
CVE-2022-48975 gpiolib: fix memory leak in gpiochip_setup_dev()
S
CVE-2022-48976 netfilter: flowtable_offload: fix using __this_cpu_add in preemptible
S
CVE-2022-48977 can: af_can: fix NULL pointer dereference in can_rcv_filter
S
CVE-2022-48978 HID: core: fix shift-out-of-bounds in hid_report_raw_event
S
CVE-2022-48979 drm/amd/display: fix array index out of bound error in DCN32 DML
S
CVE-2022-48980 net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing()
S
CVE-2022-48981 drm/shmem-helper: Remove errant put in error path
S
CVE-2022-48982 Bluetooth: Fix crash when replugging CSR fake controllers
S
CVE-2022-48983 io_uring: Fix a null-ptr-deref in io_tctx_exit_cb()
S
CVE-2022-48984 can: slcan: fix freed work crash
S
CVE-2022-48985 net: mana: Fix race on per-CQ variable napi work_done
S
CVE-2022-48986 mm/gup: fix gup_pud_range() for dax
S
CVE-2022-48987 media: v4l2-dv-timings.c: fix too strict blanking sanity checks
S
CVE-2022-48988 memcg: fix possible use-after-free in memcg_write_event_control()
S
CVE-2022-48989 fscache: Fix oops due to race with cookie_lru and use_cookie
S
CVE-2022-48990 drm/amdgpu: fix use-after-free during gpu recovery
S
CVE-2022-48991 mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths
S
CVE-2022-48992 ASoC: soc-pcm: Add NULL check in BE reparenting
S
CVE-2022-48993 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority....
R
CVE-2022-48994 ALSA: seq: Fix function prototype mismatch in snd_seq_expand_var_event
S
CVE-2022-48995 Input: raydium_ts_i2c - fix memory leak in raydium_i2c_send()
S
CVE-2022-48996 mm/damon/sysfs: fix wrong empty schemes assumption under online tuning in damon_sysfs_set_schemes()
S
CVE-2022-48997 char: tpm: Protect tpm_pm_suspend with locks
S
CVE-2022-48998 powerpc/bpf/32: Fix Oops on tail call tests
S
CVE-2022-48999 ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference
S
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.