Security Vulnerabilities - CVEs Published In May 2022
In private_handle_t of mali_gralloc_buffer.h, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213170715References: N/A
CVSS Score
5.5
EPSS Score
0.0
Published
2022-05-10
Product: AndroidVersions: Android kernelAndroid ID: A-203213034References: N/A
CVSS Score
9.8
EPSS Score
0.024
Published
2022-05-10
In getNodeValue of USCCDMPlugin.java, there is a possible disclosure of ICCID due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-212573046References: N/A
CVSS Score
5.5
EPSS Score
0.0
Published
2022-05-10
Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability
CVSS Score
8.1
EPSS Score
0.486
Published
2022-05-10
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVSS Score
8.2
EPSS Score
0.003
Published
2022-05-10
Windows Graphics Component Information Disclosure Vulnerability
CVSS Score
5.5
EPSS Score
0.004
Published
2022-05-10
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVSS Score
9.8
EPSS Score
0.099
Published
2022-05-10
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVSS Score
8.8
EPSS Score
0.157
Published
2022-05-10
Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability
CVSS Score
8.8
EPSS Score
0.157
Published
2022-05-10
Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability
CVSS Score
6.5
EPSS Score
0.161
Published
2022-05-10