Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 156185 entries
IDDescriptionPriorityModified date
CVE-2022-30154 Microsoft File Server Shadow Copy Agent Service (RVSS) Elevation of Privilege Vulnerability. -- Jun 16, 2022
CVE-2022-30153 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30161. -- Jun 16, 2022
CVE-2022-30152 Windows Network Address Translation (NAT) Denial of Service Vulnerability. -- Jun 16, 2022
CVE-2022-30151 Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability. -- Jun 16, 2022
CVE-2022-30150 Windows Defender Remote Credential Guard Elevation of Privilege Vulnerability. -- Jun 16, 2022
CVE-2022-30149 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30153, CVE-2022-30161. -- Jun 16, 2022
CVE-2022-30148 Windows Desired State Configuration (DSC) Information Disclosure Vulnerability. -- Jun 16, 2022
CVE-2022-30147 Windows Installer Elevation of Privilege Vulnerability. -- Jun 16, 2022
CVE-2022-30146 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30143, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. -- Jun 16, 2022
CVE-2022-30145 Windows Encrypting File System (EFS) Remote Code Execution Vulnerability. -- Jun 16, 2022
CVE-2022-30143 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30141, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. -- Jun 16, 2022
CVE-2022-30142 Windows File History Remote Code Execution Vulnerability. -- Jun 16, 2022
CVE-2022-30141 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30139, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. -- Jun 16, 2022
CVE-2022-30140 Windows iSCSI Discovery Service Remote Code Execution Vulnerability. -- Jun 16, 2022
CVE-2022-30139 Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-30141, CVE-2022-30143, CVE-2022-30146, CVE-2022-30149, CVE-2022-30153, CVE-2022-30161. -- Jun 16, 2022
CVE-2022-30137 Azure Service Fabric Container Elevation of Privilege Vulnerability. -- Jun 16, 2022
CVE-2022-30136 Windows Network File System Remote Code Execution Vulnerability. -- Jun 16, 2022
CVE-2022-30135 Windows Media Center Elevation of Privilege Vulnerability. -- Jun 16, 2022
CVE-2022-30132 Windows Container Manager Service Elevation of Privilege Vulnerability. -- Jun 16, 2022
CVE-2022-30131 Windows Container Isolation FS Filter Driver Elevation of Privilege Vulnerability. -- Jun 16, 2022
CVE-2022-29149 Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability. -- Jun 16, 2022
CVE-2022-29143 Microsoft SQL Server Remote Code Execution Vulnerability. -- Jun 16, 2022
CVE-2022-29119 HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29111, CVE-2022-30188. -- Jun 16, 2022
CVE-2022-29111 HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22018, CVE-2022-29119, CVE-2022-30188. -- Jun 16, 2022
CVE-2022-28850 Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-28848 Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-28847 Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-28846 Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-28845 Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-28843 Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-28842 Adobe Bridge version 12.0.1 (and earlier versions) is affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-28841 Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-28840 Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-28839 Adobe Bridge version 12.0.1 (and earlier versions) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2022-22021 Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability. -- Jun 16, 2022
CVE-2022-22018 HEVC Video Extensions Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-29111, CVE-2022-29119, CVE-2022-30188. -- Jun 16, 2022
CVE-2022-21742 Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt services. -- Jun 20, 2022
CVE-2022-21504 The code in UEK6 U3 was missing an appropiate file descriptor count to be missing. This resulted in a use count error that allowed a file descriptor to a socket to be closed and freed while it was still in use by another portion of the kernel. An attack with local access can operate on the socket, and cause a denial of service. CVSS 3.1 Base Score 6.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). -- Jun 15, 2022
CVE-2022-21503 Vulnerability in the Oracle Cloud Infrastructure product of Oracle Cloud Services. Easily exploitable vulnerability allows high privileged attacker with network access to compromise Oracle Cloud Infrastructure. Successful attacks of this vulnerability can result in unauthorized access to Oracle Cloud Infrastructure accessible data. All affected customers were notified of CVE-2022-21503 by Oracle. CVSS 3.1 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N) -- Jun 18, 2022
CVE-2021-46818 Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file. -- Jun 13, 2022
CVE-2021-46817 Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file. -- Jun 13, 2022
CVE-2021-46816 Adobe Premiere Pro version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file. -- Jun 13, 2022
CVE-2021-43756 Adobe Media Encoder versions 22.0, 15.4.2 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. -- Jun 16, 2022
CVE-2021-43755 Adobe After Effects versions 22.0 (and earlier) and 18.4.2 (and earlier) are affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. -- Jun 16, 2022
CVE-2021-43754 Adobe Prelude version 22.1.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. -- Jun 16, 2022
CVE-2021-42735 Adobe Photoshop version 22.5.1 (and earlier versions ) is affected by an Access of Memory Location After End of Buffer vulnerability, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. -- Jun 16, 2022
CVE-2021-42732 Access of Memory Location After End of Buffer (CWE-788) -- Jun 15, 2022
CVE-2021-39820 Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. -- Jun 15, 2022
CVE-2022-28737 shim: Buffer overflow when loading crafted EFI images -- Jun 9, 2022
CVE-2022-28736 grub2: use-after-free in grub_cmd_chainloader() -- Jun 9, 2022
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online