Vulnerabilities > Low

DATE CVE VULNERABILITY TITLE RISK
2022-12-27 CVE-2022-45430 Unspecified vulnerability in Dahuasecurity products
Some Dahua software products have a vulnerability of unauthenticated enable or disable SSHD service.
network
high complexity
dahuasecurity
3.7
3.7
2022-12-27 CVE-2022-45433 Unspecified vulnerability in Dahuasecurity products
Some Dahua software products have a vulnerability of unauthenticated traceroute host from remote DSS Server.
network
high complexity
dahuasecurity
3.7
3.7
2022-12-22 CVE-2022-41977 Unspecified vulnerability in Openimageio 2.3.19.0
An out of bounds read vulnerability exists in the way OpenImageIO version v2.3.19.0 processes string fields in TIFF image files.
local
low complexity
openimageio
3.3
3.3
2022-12-22 CVE-2022-42931 Cleartext Storage of Sensitive Information vulnerability in Mozilla Firefox
Logins saved by Firefox should be managed by the Password Manager component which uses encryption to save files on-disk.
local
low complexity
mozilla CWE-312
3.3
3.3
2022-12-16 CVE-2022-20519 Missing Authorization vulnerability in Google Android 13.0
In onCreate of AddAppNetworksActivity.java, there is a possible way for a guest user to configure WiFi networks due to a missing permission check.
local
low complexity
google CWE-862
3.3
3.3
2022-12-16 CVE-2022-20525 Information Exposure Through an Error Message vulnerability in Google Android 13.0
In enforceVisualVoicemailPackage of PhoneInterfaceManager.java, there is a possible leak of visual voicemail package name due to a permissions bypass.
local
low complexity
google CWE-209
3.3
3.3
2022-12-16 CVE-2022-20526 Out-of-bounds Write vulnerability in Google Android 13.0
In CanvasContext::draw of CanvasContext.cpp, there is a possible out of bounds write due to a missing bounds check.
local
low complexity
google CWE-787
3.3
3.3
2022-12-16 CVE-2022-20528 Out-of-bounds Read vulnerability in Google Android 13.0
In findParam of HevcUtils.cpp there is a possible out of bounds read due to a missing bounds check.
local
low complexity
google CWE-125
3.3
3.3
2022-12-16 CVE-2022-20529 Missing Authorization vulnerability in Google Android 13.0
In multiple locations of WifiDialogActivity.java, there is a possible limited lockscreen bypass due to a logic error in the code.
low complexity
google CWE-862
2.4
2.4
2022-12-16 CVE-2022-20533 Missing Authorization vulnerability in Google Android 13.0
In getSlice of WifiSlice.java, there is a possible way to connect a new WiFi network from the guest mode due to a missing permission check.
local
low complexity
google CWE-862
3.3
3.3