Vulnerabilities > Critical

DATE CVE VULNERABILITY TITLE RISK
2022-07-17 CVE-2022-31208 Unspecified vulnerability in Infiray Iray-A8Z3 Firmware 1.0.957
An issue was discovered in Infiray IRAY-A8Z3 1.0.957.
network
low complexity
infiray
critical
9.0
2022-07-17 CVE-2022-31209 Classic Buffer Overflow vulnerability in Infiray Iray-A8Z3 Firmware 1.0.957
An issue was discovered in Infiray IRAY-A8Z3 1.0.957.
network
low complexity
infiray CWE-120
critical
10.0
2022-07-17 CVE-2022-31211 Weak Password Requirements vulnerability in Infiray Iray-A8Z3 Firmware 1.0.957
An issue was discovered in Infiray IRAY-A8Z3 1.0.957.
network
low complexity
infiray CWE-521
critical
10.0
2022-07-13 CVE-2022-20216 Unspecified vulnerability in Google Android
android exported is used to set third-party app access permissions, and the default value of intent-filter is true.
network
low complexity
google
critical
10.0
2022-07-13 CVE-2022-20222 Out-of-bounds Write vulnerability in Google Android 12.0/12.1
In read_attr_value of gatt_db.cc, there is a possible out of bounds write due to a missing bounds check.
network
low complexity
google CWE-787
critical
10.0
2022-07-13 CVE-2022-20229 Out-of-bounds Write vulnerability in Google Android
In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check.
network
low complexity
google CWE-787
critical
10.0
2022-07-13 CVE-2022-20238 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android
'remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area), and because the 'vma->vm_page_prot' can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID: A-233154555
network
low complexity
google CWE-119
critical
10.0
2022-07-12 CVE-2022-1025 Incorrect Authorization vulnerability in Linuxfoundation Argo-Cd
All unpatched versions of Argo CD starting with v1.0.0 are vulnerable to an improper access control bug, allowing a malicious user to potentially escalate their privileges to admin-level.
network
low complexity
linuxfoundation CWE-863
critical
9.0
2022-07-12 CVE-2022-29560 Command Injection vulnerability in Siemens products
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < 2.15.1), RUGGEDCOM ROX MX5000RE (All versions < 2.15.1), RUGGEDCOM ROX RX1400 (All versions < 2.15.1), RUGGEDCOM ROX RX1500 (All versions < 2.15.1), RUGGEDCOM ROX RX1501 (All versions < 2.15.1), RUGGEDCOM ROX RX1510 (All versions < 2.15.1), RUGGEDCOM ROX RX1511 (All versions < 2.15.1), RUGGEDCOM ROX RX1512 (All versions < 2.15.1), RUGGEDCOM ROX RX1524 (All versions < 2.15.1), RUGGEDCOM ROX RX1536 (All versions < 2.15.1), RUGGEDCOM ROX RX5000 (All versions < 2.15.1).
network
low complexity
siemens CWE-77
critical
10.0
2022-07-12 CVE-2022-34819 Out-of-bounds Write vulnerability in Siemens products
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions >= V2.0), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions >= V2.0), SIPLUS NET CP 1242-7 V2 (All versions < V3.3.46), SIPLUS NET CP 1543-1 (All versions < V3.0.22), SIPLUS S7-1200 CP 1243-1 (All versions < V3.3.46), SIPLUS S7-1200 CP 1243-1 RAIL (All versions < V3.3.46).
network
siemens CWE-787
critical
9.3