CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
An improper neutralization of input during web page generation ('Cross-site Scripting') [CWE-79] vulnerability in FortiOS version 7.0.5 and prior and 6.4.9 and prior may allow an unauthenticated remote attacker to perform a reflected cross site scripting (XSS) attack in the captive portal authentication replacement page.
Fujitsu_m10-1_firmware, Fujitsu_m10-1, Fujitsu_m10-4_firmware, Fujitsu_m10-4, Fujitsu_m10-4s_firmware, Fujitsu_m10-4s, Fujitsu_m12-1_firmware, Fujitsu_m12-1, Fujitsu_m12-2_firmware, Fujitsu_m12-2
2022-12-07
N/A
6.5 MEDIUM
There's a vulnerability within the Apache Xerces Java (XercesJ) XML parser when handling specially crafted XML document payloads. This causes, the XercesJ XML parser to wait in an infinite loop, which may sometimes consume system resources for prolonged duration. This vulnerability is present within XercesJ version 2.12.1 and the previous versions.
decoding.c in android-gif-drawable before 1.2.24 does not limit the maximum length of a comment, leading to denial of service.
Phone, S9+_firmware, S9+, S10_firmware, S10, Xcover_4_firmware, Xcover_4, Scx-824_firmware, Scx-824, Galaxy_s6_edge_firmware
2022-02-18
N/A
3.3 LOW
A vulnerability using PendingIntent in Bixby Vision prior to versions 3.7.60.8 in Android S(12), 3.7.50.6 in Andorid R(11) and below allows attackers to execute privileged action by hijacking and modifying the intent.
Improper access control vulnerability in Reminder prior to versions 12.3.01.3000 in Android S(12), 12.2.05.6000 in Android R(11) and 11.6.08.6000 in Andoid Q(10) allows attackers to register reminders or execute exporeted activities remotely.
Phone, S9+_firmware, S9+, S10_firmware, S10, Xcover_4_firmware, Xcover_4, Scx-824_firmware, Scx-824, Galaxy_s6_edge_firmware
2022-02-18
N/A
6.7 MEDIUM
An improper input validation in SMC_SRPMB_WSM handler of RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.
Phone, S9+_firmware, S9+, S10_firmware, S10, Xcover_4_firmware, Xcover_4, Scx-824_firmware, Scx-824, Galaxy_s6_edge_firmware
2022-02-18
N/A
6.7 MEDIUM
An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0044.
An improper boundary check in audio hal service prior to SMR Feb-2022 Release 1 allows attackers to read invalid memory and it leads to application crash.
Phone, S9+_firmware, S9+, S10_firmware, S10, Xcover_4_firmware, Xcover_4, Scx-824_firmware, Scx-824, Galaxy_s6_edge_firmware
2022-02-18
N/A
7.8 HIGH
An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.
