Filtered by NVD-CWE-noinfo
Total 35577 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-0004 2 Fedoraproject, Paloaltonetworks 2 Fedora, Pan-os 2025-02-13 6.5 Medium
A local file deletion vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator to delete files from the local file system with elevated privileges. These files can include logs and system components that impact the integrity and availability of PAN-OS software.
CVE-2022-4926 2 Fedoraproject, Google 3 Fedora, Android, Chrome 2025-02-13 6.5 Medium
Insufficient policy enforcement in Intents in Google Chrome on Android prior to 109.0.5414.119 allowed a remote attacker to bypass same origin policy via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-4923 1 Google 1 Chrome 2025-02-13 3.1 Low
Inappropriate implementation in Omnibox in Google Chrome prior to 99.0.4844.51 allowed an attacker in a privileged network position to perform a man-in-the-middle attack via malicious network traffic. (Chromium security severity: Low)
CVE-2022-4922 1 Google 1 Chrome 2025-02-13 6.5 Medium
Inappropriate implementation in Blink in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-4917 2 Fedoraproject, Google 3 Fedora, Android, Chrome 2025-02-13 4.3 Medium
Incorrect security UI in Notifications in Google Chrome on Android prior to 103.0.5060.53 allowed a remote attacker to obscure the full screen notification via a crafted HTML page. (Chromium security severity: Low)
CVE-2022-4915 1 Google 1 Chrome 2025-02-13 6.5 Medium
Inappropriate implementation in URL Formatting in Google Chrome prior to 103.0.5060.134 allowed a remote attacker to perform domain spoofing via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-4913 1 Google 1 Chrome 2025-02-13 6.5 Medium
Inappropriate implementation in Extensions in Google Chrome prior to 105.0.5195.52 allowed a remote attacker who had compromised the renderer process to spoof extension storage via a crafted HTML page. (Chromium security severity: High)
CVE-2022-4910 1 Google 1 Chrome 2025-02-13 5.4 Medium
Inappropriate implementation in Autofill in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-4909 1 Google 1 Chrome 2025-02-13 6.3 Medium
Inappropriate implementation in XML in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially perform an ASLR bypass via a crafted HTML page. (Chromium security severity: Low)
CVE-2022-4908 1 Google 1 Chrome 2025-02-13 4.3 Medium
Inappropriate implementation in iFrame Sandbox in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-4907 3 Debian, Fedoraproject, Google 3 Debian Linux, Fedora, Chrome 2025-02-13 8.8 High
Uninitialized Use in FFmpeg in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-4906 1 Google 1 Chrome 2025-02-13 8.8 High
Inappropriate implementation in Blink in Google Chrome prior to 108.0.5359.71 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
CVE-2022-46725 2 Apple, Redhat 4 Ipados, Iphone Os, Enterprise Linux and 1 more 2025-02-13 4.3 Medium
A spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue is fixed in iOS 16.4 and iPadOS 16.4. Visiting a malicious website may lead to address bar spoofing.
CVE-2022-44611 1 Intel 596 Atom X6200fe, Atom X6200fe Firmware, Atom X6211e and 593 more 2025-02-13 6.9 Medium
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via adjacent access.
CVE-2022-42331 2 Fedoraproject, Xen 2 Fedora, Xen 2025-02-13 5.5 Medium
x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be attacked with a variety of speculative attacks.
CVE-2022-38102 1 Intel 98 Atom X6200fe, Atom X6211e, Atom X6212re and 95 more 2025-02-13 7.2 High
Improper Input validation in firmware for some Intel(R) Converged Security and Management Engine before versions 15.0.45, and 16.1.27 may allow a privileged user to potentially enable denial of service via local access.
CVE-2022-38076 4 Debian, Fedoraproject, Intel and 1 more 16 Debian Linux, Fedora, Dual Band Wireless-ac 3165 and 13 more 2025-02-13 3.8 Low
Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2022-36392 2 Intel, Intel And Intel Standard Manageability In Intel Csme 135 B150, B250, B360 and 132 more 2025-02-13 8.6 High
Improper input validation in some firmware for Intel(R) AMT and Intel(R) Standard Manageability before versions 11.8.94, 11.12.94, 11.22.94, 12.0.93, 14.1.70, 15.0.45, and 16.1.27 in Intel (R) CSME may allow an unauthenticated user to potentially enable denial of service via network access.
CVE-2022-36351 4 Debian, Fedoraproject, Intel and 1 more 16 Debian Linux, Fedora, Killer and 13 more 2025-02-13 4.3 Medium
Improper input validation in some Intel(R) PROSet/Wireless WiFi and Killer(TM) WiFi software may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2022-33894 1 Intel 546 Core I3-1000g1, Core I3-1000g1 Firmware, Core I3-1000g4 and 543 more 2025-02-13 7.5 High
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.