Vulnerabilities (CVE)

Total 218097 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-48500 2023-06-19 N/A N/A
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
CVE-2022-48499 2023-06-19 N/A N/A
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
CVE-2022-48498 2023-06-19 N/A N/A
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
CVE-2022-48497 2023-06-19 N/A N/A
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
CVE-2022-48496 2023-06-19 N/A N/A
Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized.
CVE-2022-48495 2023-06-19 N/A N/A
Vulnerability of unauthorized access to foreground app information.Successful exploitation of this vulnerability may cause foreground app information to be obtained.
CVE-2022-48494 2023-06-19 N/A N/A
Vulnerability of lax app identity verification in the pre-authorization function.Successful exploitation of this vulnerability will cause malicious apps to become pre-authorized.
CVE-2022-48493 2023-06-19 N/A N/A
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
CVE-2022-48492 2023-06-19 N/A N/A
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
CVE-2022-48491 2023-06-19 N/A N/A
Vulnerability of missing authentication on certain HUAWEI phones.Successful exploitation of this vulnerability can lead to ads and other windows to display at any time.
CVE-2022-48490 2023-06-19 N/A N/A
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
CVE-2022-48489 2023-06-19 N/A N/A
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
CVE-2022-48488 2023-06-19 N/A N/A
Vulnerability of bypassing the default desktop security controls.Successful exploitation of this vulnerability may cause unauthorized modifications to the desktop.
CVE-2022-48487 2023-06-19 N/A N/A
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
CVE-2022-48486 2023-06-19 N/A N/A
Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability.
CVE-2022-48506 2023-06-19 N/A N/A
A flawed pseudorandom number generator in Dominion Voting Systems ImageCast Precinct (ICP and ICP2) and ImageCast Evolution (ICE) scanners allows anyone to determine the order in which ballots were cast from public ballot-level data, allowing deanonymization of voted ballots, in several types of scenarios. This issue was observed for use of the following versions of Democracy Suite: 5.2, 5.4-NM, 5.5, 5.5-A, 5.5-B, 5.5-C, 5.5-D, 5.7-A, 5.10, 5.10A, 5.15. NOTE: the Democracy Suite 5.17 EAC Certificate of Conformance mentions "Improved pseudo random number algorithm," which may be relevant.
CVE-2019-2388 1 Mongodb 1 Ops Manager 2023-06-19 5.0 MEDIUM 5.3 MEDIUM
In affected Ops Manager versions there is an exposed http route was that may allow attackers to view a specific access log of a publicly exposed Ops Manager instance. This issue affects: MongoDB Inc. MongoDB Ops Manager 4.0 versions 4.0.9, 4.0.10 and MongoDB Ops Manager 4.1 version 4.1.5.
CVE-2019-2391 1 Mongodb 1 Js-bson 2023-06-19 5.5 MEDIUM 5.4 MEDIUM
Incorrect parsing of certain JSON input may result in js-bson not correctly serializing BSON. This may cause unexpected application behaviour including data disclosure. This issue affects: MongoDB Inc. js-bson library version 1.1.3 and prior to.
CVE-2019-2390 2 Microsoft, Mongodb 2 Windows, Mongodb 2023-06-19 6.8 MEDIUM 7.8 HIGH
An unprivileged user or program on Microsoft Windows which can create OpenSSL configuration files in a fixed location may cause utility programs shipped with MongoDB server to run attacker defined code as the user running the utility. This issue affects: MongoDB Inc. MongoDB Server 4.0 prior to 4.0.11; 3.6 prior to 3.6.14; 3.4 prior to 3.4.22.
CVE-2019-2389 1 Mongodb 1 Mongodb 2023-06-19 1.9 LOW 4.2 MEDIUM
Incorrect scoping of kill operations in MongoDB Server's packaged SysV init scripts allow users with write access to the PID file to insert arbitrary PIDs to be killed when the root user stops the MongoDB process via SysV init. This issue affects: MongoDB Inc. MongoDB Server v4.0 versions prior to 4.0.11; v3.6 versions prior to 3.6.14; v3.4 versions prior to 3.4.22.