Total
29911 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-37172 | 1 Msys2 | 1 Msys2 | 2026-06-17 | N/A | 7.8 HIGH |
| Incorrect access control in the install directory (C:\msys64) of Msys2 v20220603 and below allows authenticated attackers to execute arbitrary code via overwriting binaries located in the directory. | |||||
| CVE-2022-37151 | 1 Online Diagnostic Lab Management System Project | 1 Online Diagnostic Lab Management System | 2026-06-17 | N/A | 7.5 HIGH |
| There is an unauthorized access vulnerability in Online Diagnostic Lab Management System 1.0. | |||||
| CVE-2022-37050 | 2 Debian, Freedesktop | 2 Debian Linux, Poppler | 2026-06-17 | N/A | 6.5 MEDIUM |
| In Poppler 22.07.0, PDFDoc::savePageAs in PDFDoc.c callows attackers to cause a denial-of-service (application crashes with SIGABRT) by crafting a PDF file in which the xref data structure is mishandled in getCatalog processing. Note that this vulnerability is caused by the incomplete patch of CVE-2018-20662. | |||||
| CVE-2022-36956 | 1 Veritas | 1 Netbackup | 2026-06-17 | N/A | 9.0 CRITICAL |
| In Veritas NetBackup, the NetBackup Client allows arbitrary command execution from any remote host that has access to a valid host-id NetBackup certificate/private key from the same domain. The affects 9.0.x through 9.0.0.1 and 9.1.x through 9.1.0.1. | |||||
| CVE-2022-36900 | 1 Jenkins | 2 Compuware Zadviser Api, Jenkins | 2026-06-17 | N/A | 8.2 HIGH |
| Jenkins Compuware zAdviser API Plugin 1.0.3 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties. | |||||
| CVE-2022-36899 | 1 Jenkins | 2 Compuware Ispw Operations, Jenkins | 2026-06-17 | N/A | 8.2 HIGH |
| Jenkins Compuware ISPW Operations Plugin 1.0.8 and earlier does not restrict execution of a controller/agent message to agents, allowing attackers able to control agent processes to retrieve Java system properties. | |||||
| CVE-2022-36879 | 3 Debian, Linux, Netapp | 43 Debian Linux, Linux Kernel, A700s and 40 more | 2026-06-17 | N/A | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice. | |||||
| CVE-2022-36876 | 1 Samsung | 1 Samsung Pass | 2026-06-17 | N/A | 1.8 LOW |
| Improper authorization in UPI payment in Samsung Pass prior to version 4.0.04.10 allows physical attackers to access account list without authentication. | |||||
| CVE-2022-36875 | 1 Samsung | 1 Galaxy Watch Plugin | 2026-06-17 | N/A | 6.6 MEDIUM |
| Improper restriction of broadcasting Intent in SaWebViewRelayActivity of?Waterplugin prior to version 2.2.11.22081151 allows attacker to access the file without permission. | |||||
| CVE-2022-36869 | 1 Samsung | 1 Contacts Provider | 2026-06-17 | N/A | 6.6 MEDIUM |
| Improper access control vulnerability in ContactsDumpActivity of?Contacts Provider prior to version 12.7.59 allows attacker to access the file without permission. | |||||
| CVE-2022-36868 | 1 Google | 1 Android | 2026-06-17 | N/A | 5.9 MEDIUM |
| Improper restriction of broadcasting Intent in MouseNKeyHidDevice prior to SMR Oct-2022 Release 1 leaks MAC address of the connected Bluetooth device. | |||||
| CVE-2022-36867 | 1 Samsung | 1 Editor Lite | 2026-06-17 | N/A | 5.9 MEDIUM |
| Improper access control vulnerability in Editor Lite prior to version 4.0.40.14 allows attackers to access sensitive information. | |||||
| CVE-2022-36866 | 2 Google, Samsung | 2 Android, Group Sharing | 2026-06-17 | N/A | 4.0 MEDIUM |
| Improper access control vulnerability in Broadcaster in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to identify the device. | |||||
| CVE-2022-36865 | 2 Google, Samsung | 2 Android, Group Sharing | 2026-06-17 | N/A | 4.0 MEDIUM |
| Improper access control in Group Sharing prior to versions 13.0.6.15 in Android S(12), 13.0.6.14 in Android R(11) and below allows attackers to access device information. | |||||
| CVE-2022-36864 | 1 Samsung | 1 Samsung Email | 2026-06-17 | N/A | 4.0 MEDIUM |
| Improper access control and intent redirection in Samsung Email prior to 6.1.70.20 allows attacker to access specific formatted file and execute privileged behavior. | |||||
| CVE-2022-36857 | 2 Google, Samsung | 2 Android, Photo Editor | 2026-06-17 | N/A | 1.9 LOW |
| Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data. | |||||
| CVE-2022-36852 | 1 Google | 1 Android | 2026-06-17 | N/A | 1.9 LOW |
| Improper Authorization vulnerability in Video Editor prior to SMR Sep-2022 Release 1 allows local attacker to access internal application data. | |||||
| CVE-2022-36851 | 1 Samsung | 1 Samsung Pass | 2026-06-17 | N/A | 3.9 LOW |
| Improper access control vulnerability in Samsung pass prior to version 4.0.03.1 allow physical attackers to access data of Samsung pass on a certain state of an unlocked device. | |||||
| CVE-2022-36848 | 1 Google | 1 Android | 2026-06-17 | N/A | 5.1 MEDIUM |
| Improper Authorization vulnerability in setDualDARPolicyCmd prior to SMR Sep-2022 Release 1 allows local attackers to cause local permanent denial of service. | |||||
| CVE-2022-36832 | 1 Samsung | 1 Cameralyzer | 2026-06-17 | N/A | 4.0 MEDIUM |
| Improper access control vulnerability in WebApp in Cameralyzer prior to versions 3.2.22, 3.3.22, 3.4.22 and 3.5.51 allows attackers to access external storage as Cameralyzer privilege. | |||||