Total
218097 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-48500 | 2023-06-19 | N/A | N/A | ||
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. | |||||
CVE-2022-48499 | 2023-06-19 | N/A | N/A | ||
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. | |||||
CVE-2022-48498 | 2023-06-19 | N/A | N/A | ||
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. | |||||
CVE-2022-48497 | 2023-06-19 | N/A | N/A | ||
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. | |||||
CVE-2022-48496 | 2023-06-19 | N/A | N/A | ||
Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized. | |||||
CVE-2022-48495 | 2023-06-19 | N/A | N/A | ||
Vulnerability of unauthorized access to foreground app information.Successful exploitation of this vulnerability may cause foreground app information to be obtained. | |||||
CVE-2022-48494 | 2023-06-19 | N/A | N/A | ||
Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized. | |||||
CVE-2022-48493 | 2023-06-19 | N/A | N/A | ||
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. | |||||
CVE-2022-48492 | 2023-06-19 | N/A | N/A | ||
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. | |||||
CVE-2022-48491 | 2023-06-19 | N/A | N/A | ||
Vulnerability of missing authentication on certain HUAWEI phones.Successful exploitation of this vulnerability can lead to ads and other windows to display at any time. | |||||
CVE-2022-48490 | 2023-06-19 | N/A | N/A | ||
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. | |||||
CVE-2022-48489 | 2023-06-19 | N/A | N/A | ||
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. | |||||
CVE-2022-48488 | 2023-06-19 | N/A | N/A | ||
Vulnerability of bypassing the default desktop security controls.Successful exploitation of this vulnerability may cause unauthorized modifications to the desktop. | |||||
CVE-2022-48487 | 2023-06-19 | N/A | N/A | ||
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. | |||||
CVE-2022-48486 | 2023-06-19 | N/A | N/A | ||
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. | |||||
CVE-2022-48506 | 2023-06-19 | N/A | N/A | ||
A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and ICP2) and ImageCast Evolution (ICE) scanners allows anyone to determine the order in which ballots were cast from public ballot-level data, allowing deanonymization of voted ballots, in several types of scenarios. This issue was observed for use of the following versions of Democracy Suite: 5.2, 5.4-NM, 5.5, 5.5-A, 5.5-B, 5.5-C, 5.5-D, 5.7-A, 5.10, 5.10A, 5.15. NOTE: the Democracy Suite 5.17 EAC Certificate of Conformance mentions "Improved pseudo random number algorithm," which may be relevant. | |||||
CVE-2019-2388 | 1 Mongodb | 1 Ops Manager | 2023-06-19 | 5.0 MEDIUM | 5.3 MEDIUM |
In affected Ops Manager versions there is an exposed http route was that may allow attackers to view a specific access log of a publicly exposed Ops Manager instance. This issue affects: MongoDB Inc. MongoDB Ops Manager 4.0 versions 4.0.9, 4.0.10 and MongoDB Ops Manager 4.1 version 4.1.5. | |||||
CVE-2019-2391 | 1 Mongodb | 1 Js-bson | 2023-06-19 | 5.5 MEDIUM | 5.4 MEDIUM |
Incorrect parsing of certain JSON input may result in js-bson not correctly serializing BSON. This may cause unexpected application behaviour including data disclosure. This issue affects: MongoDB Inc. js-bson library version 1.1.3 and prior to. | |||||
CVE-2019-2390 | 2 Microsoft, Mongodb | 2 Windows, Mongodb | 2023-06-19 | 6.8 MEDIUM | 7.8 HIGH |
An unprivileged user or program on Microsoft Windows which can create OpenSSL configuration files in a fixed location may cause utility programs shipped with MongoDB server to run attacker defined code as the user running the utility. This issue affects: MongoDB Inc. MongoDB Server 4.0 prior to 4.0.11; 3.6 prior to 3.6.14; 3.4 prior to 3.4.22. | |||||
CVE-2019-2389 | 1 Mongodb | 1 Mongodb | 2023-06-19 | 1.9 LOW | 4.2 MEDIUM |
Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init. This issue affects: MongoDB Inc. MongoDB Server v4.0 versions prior to 4.0.11; v3.6 versions prior to 3.6.14; v3.4 versions prior to 3.4.22. |