| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Permission bypass vulnerability in the window module
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability |
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
| Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability |
| An issue in Suning Commerce Group Suning EMall iOS 9.5.198 allows attackers to access sensitive user information via supplying a crafted link. |
| An issue in Beitatong Technology LianJia iOS 9.83.50 allows attackers to access sensitive user information via supplying a crafted link. |
| An issue in Boohee Technology Boohee Health iOS 13.0.13 allows attackers to access sensitive user information via supplying a crafted link. |
| An issue in Tencent Technology (Beijing) Company Limited Tencent MicroVision iOS 8.137.0 allows attackers to access sensitive user information via supplying a crafted link. |
| An issue in Merchants Union Consumer Finance Company Limited Merchants Union Finance iOS 6.19.0 allows attackers to access sensitive user information via supplying a crafted link. |
| An issue in Yibin Fengguan Network Technology Co., Ltd YuPao DirectHire iOS 8.8.0 allows attackers to access sensitive user information via supplying a crafted link. |
| An issue in Shandong Provincial Big Data Center AiShanDong iOS 5.0.0 allows attackers to access sensitive user information via supplying a crafted link. |
| An issue in Qianjin Network Information Technology (Shanghai) Co., Ltd 51Job iOS 14.22.0 allows attackers to access sensitive user information via supplying a crafted link. |
| The ArKUI framework subsystem within OpenHarmony-v3.1.5 and prior versions,
OpenHarmony-v3.0.7 and prior versions
has an Improper Input Validation vulnerability which local attackers can exploit this vulnerability to send malicious data, causing the current application to crash.
|
| Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6. |
| Business Logic Errors in GitHub repository answerdev/answer prior to 1.0.6. |
| Business logic error in some Zoom Workplace Apps may allow an unauthenticated user to conduct a disclosure of information via network access. |
| A flaw was found in the Linux Kernel. The tun/tap sockets have their socket UID hardcoded to 0 due to a type confusion in their initialization function. While it will be often correct, as tuntap devices require CAP_NET_ADMIN, it may not always be the case, e.g., a non-root user only having that capability. This would make tun/tap sockets being incorrectly treated in filtering/routing decisions, possibly bypassing network filters. |
| A flaw was found in the Linux Kernel. The tls_is_tx_ready() incorrectly checks for list emptiness, potentially accessing a type confused entry to the list_head, leaking the last byte of the confused field that overlaps with rec->tx_ready. |
