Security Vulnerabilities - CVEs Published In 2022
wfshbr64.sys and wfshbr32.sys specially crafted IOCTL allows arbitrary user to perform local privilege escalation
CVSS Score
7.8
EPSS Score
0.008
Published
2022-12-20
Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.
CVSS Score
9.8
EPSS Score
0.018
Published
2022-12-20
Some smartphones have the input validation vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-12-20
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a local user with elevated privileges to exploit a vulnerability in the lpd daemon to cause a denial of service. IBM X-Force ID: 238641.
CVSS Score
6.2
EPSS Score
0.0
Published
2022-12-20
The TelephonyProvider module has a vulnerability in obtaining values.Successful exploitation of this vulnerability may affect data confidentiality.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-12-20
The contacts component has a free (undefined) provider vulnerability. Successful exploitation of this vulnerability may affect data integrity.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-12-20
The application management module has a vulnerability in permission verification. Successful exploitation of this vulnerability causes unexpected clear of device applications.
CVSS Score
7.5
EPSS Score
0.0
Published
2022-12-20
The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone's camera and microphone.
CVSS Score
5.3
EPSS Score
0.0
Published
2022-12-20
The IPC module has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-12-20
The ProfileSDK has defects introduced in the design process. Successful exploitation of this vulnerability may affect system availability.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-12-20