Vulnerabilities (CVE)

Filtered by CWE-20
Total 11630 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-32486 1 Dell 4 Bios, Precision 5820 Tower, Precision 7820 Tower and 1 more 2026-06-17 N/A 7.5 HIGH
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-32485 1 Dell 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more 2026-06-17 N/A 7.5 HIGH
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
CVE-2022-32484 1 Dell 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more 2026-06-17 N/A 5.6 MEDIUM
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
CVE-2022-32483 1 Dell 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more 2026-06-17 N/A 5.6 MEDIUM
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
CVE-2022-32482 1 Dell 378 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 375 more 2026-06-17 N/A 5.6 MEDIUM
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.
CVE-2022-32253 1 Siemens 1 Sinema Remote Connect Server 2026-06-17 5.0 MEDIUM 4.9 MEDIUM
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.1). Due to improper input validation, the OpenSSL certificate's password could be printed to a file reachable by an attacker.
CVE-2022-32248 1 Sap 1 S\/4hana 2026-06-17 5.0 MEDIUM 5.3 MEDIUM
Due to missing input validation in the Manage Checkbooks component of SAP S/4HANA - version 101, 102, 103, 104, 105, 106, an attacker could insert or edit the value of an existing field in the database. This leads to an impact on the integrity of the data.
CVE-2022-32243 1 Sap 1 3d Visual Enterprise Viewer 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
When a user opens manipulated Scalable Vector Graphics (.svg, svg.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-32242 1 Sap 1 3d Visual Enterprise Viewer 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
When a user opens manipulated Radiance Picture (.hdr, hdr.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-32241 1 Sap 1 3d Visual Enterprise Viewer 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
When a user opens manipulated Portable Document Format (.pdf, PDFView.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-32240 1 Sap 1 3d Visual Enterprise Viewer 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
When a user opens manipulated Jupiter Tesselation (.jt, JTReader.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-32239 1 Sap 1 3d Visual Enterprise Viewer 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
When a user opens manipulated JPEG 2000 (.jp2, jp2k.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-32238 1 Sap 1 3d Visual Enterprise Viewer 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
When a user opens manipulated Encapsulated Post Script (.eps, ai.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-32237 1 Sap 1 3d Visual Enterprise Viewer 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
When a user opens manipulated Computer Graphics Metafile (.cgm, CgmCore.dll) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-32236 1 Sap 1 3d Visual Enterprise Viewer 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
When a user opens manipulated Windows Bitmap (.bmp, 2d.x3d) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-32235 1 Sap 1 3d Visual Enterprise Viewer 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
When a user opens manipulated AutoCAD (.dwg, TeighaTranslator.exe) files received from untrusted sources in SAP 3D Visual Enterprise Viewer, the application crashes and becomes temporarily unavailable to the user until restart of the application.
CVE-2022-32226 1 Rocket.chat 1 Rocket.chat 2026-06-17 N/A 4.3 MEDIUM
An improper access control vulnerability exists in Rocket.Chat <v5, <v4.8.2 and <v4.7.5 due to input data in the getUsersOfRoom Meteor server method is not type validated, so that MongoDB query operator objects are accepted by the server, so that instead of a matching rid String a$regex query can be executed, bypassing the room access permission check for every but the first matching room.
CVE-2022-32204 1 Huawei 2 Cv81-wdm, Cv81-wdm Firmware 2026-06-17 N/A 7.5 HIGH
There is an improper input verification vulnerability in Huawei printer product. Successful exploitation of this vulnerability may cause service abnormal. (Vulnerability ID: HWPSIRT-2022-87185) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32204.
CVE-2022-32144 1 Huawei 2 Cv81-wdm, Cv81-wdm Firmware 2026-06-17 N/A 8.6 HIGH
There is an insufficient input verification vulnerability in Huawei product. Successful exploitation of this vulnerability may lead to service abnormal. (Vulnerability ID: HWPSIRT-2022-76192) This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2022-32144.
CVE-2022-31808 1 Siemens 4 Sipass Integrated Ac5102 \(acc-g2\), Sipass Integrated Ac5102 \(acc-g2\) Firmware, Sipass Integrated Acc-ap and 1 more 2026-06-17 N/A 7.8 HIGH
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V2.85.44), SiPass integrated ACC-AP (All versions < V2.85.43). Affected devices improperly sanitize user input on the telnet command line interface. This could allow an authenticated user to escalate privileges by injecting arbitrary commands that are executed with root privileges.