CVE’s

Out of bounds writing is possible while verifying device IDs due to improper length check before copying the data in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.

Memory corruption due to out of bound read while parsing a video file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Memory corruption due to use after free issue in kernel while processing ION handles in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Use after free in graphics fence due to a race condition while closing fence file descriptor and destroy graphics timeline simultaneously in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

The Le-yan dental management system contains a hard-coded credentials vulnerability in the web page source code, which allows an unauthenticated remote attacker to acquire administrator’s privilege and control the system or disrupt service.

The Le-yan dental management system contains an SQL-injection vulnerability. An unauthenticated remote attacker can inject SQL commands into the input field of the login page to acquire administrator’s privilege and perform arbitrary operations on the system or disrupt service.

ASUS RT-AX56U’s login function contains a path traversal vulnerability due to its inadequate filtering for special characters in URL parameters, which allows an unauthenticated local area network attacker to access restricted system paths and download arbitrary files.

Windows Fax Service Elevation of Privilege Vulnerability.

Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026, CVE-2022-22047.