Total
2137 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-23143 | 1 Gpac | 1 Gpac | 2023-12-10 | N/A | 7.8 HIGH |
Buffer overflow vulnerability in function avc_parse_slice in file media_tools/av_parsers.c. GPAC version 2.3-DEV-rev1-g4669ba229-master. | |||||
CVE-2022-40137 | 1 Lenovo | 571 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 568 more | 2023-12-10 | N/A | 6.7 MEDIUM |
A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code. | |||||
CVE-2022-45648 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2023-12-10 | N/A | 7.5 HIGH |
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the devName parameter in the formSetDeviceName function. | |||||
CVE-2022-47654 | 1 Gpac | 1 Gpac | 2023-12-10 | N/A | 7.8 HIGH |
GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8261 | |||||
CVE-2022-40987 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the '(ddns1|ddns2) username WORD password CODE' command template. | |||||
CVE-2022-45652 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2023-12-10 | N/A | 7.5 HIGH |
Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the startIp parameter in the formSetPPTPServer function. | |||||
CVE-2022-45721 | 1 Ip-com | 2 M50, M50 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the picName parameter in the formDelWewifiPic function. | |||||
CVE-2022-32522 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2023-12-10 | N/A | 9.8 CRITICAL |
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted mathematically reduced data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170) | |||||
CVE-2022-45670 | 1 Tenda | 2 I22, I22 Firmware | 2023-12-10 | N/A | 7.5 HIGH |
Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function. | |||||
CVE-2023-26769 | 1 Liblouis | 1 Liblouis | 2023-12-10 | N/A | 7.5 HIGH |
Buffer Overflow vulnerability found in Liblouis Lou_Trace v.3.24.0 allows a remote attacker to cause a denial of service via the resolveSubtable function at compileTranslationTabel.c. | |||||
CVE-2023-26768 | 1 Liblouis | 1 Liblouis | 2023-12-10 | N/A | 7.5 HIGH |
Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the compileTranslationTable.c and lou_setDataPath functions. | |||||
CVE-2022-46537 | 1 Tenda | 2 F1203, F1203 Firmware | 2023-12-10 | N/A | 7.5 HIGH |
Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the security parameter at /goform/WifiBasicSet. | |||||
CVE-2022-46531 | 1 Tenda | 2 F1203, F1203 Firmware | 2023-12-10 | N/A | 7.5 HIGH |
Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/addWifiMacFilter. | |||||
CVE-2022-45706 | 1 Ip-com | 2 M50, M50 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the hostname parameter in the formSetNetCheckTools function. | |||||
CVE-2022-25708 | 1 Qualcomm | 34 Sd888 5g, Sd888 5g Firmware, Sd 8 Gen1 5g Firmware and 31 more | 2023-12-10 | N/A | 9.8 CRITICAL |
Memory corruption in WLAN due to buffer copy without checking size of input while parsing keys in Snapdragon Connectivity, Snapdragon Mobile | |||||
CVE-2022-37888 | 2 Arubanetworks, Siemens | 56 Ap-103, Ap-114, Ap-115 and 53 more | 2023-12-10 | N/A | 9.8 CRITICAL |
There are buffer overflow vulnerabilities in multiple underlying services that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211). Successful exploitation of these vulnerabilities results in the ability to execute arbitrary code as a privileged user on the underlying operating system of Aruba InstantOS 6.4.x: 6.4.4.8-4.2.4.20 and below; Aruba InstantOS 6.5.x: 6.5.4.23 and below; Aruba InstantOS 8.6.x: 8.6.0.18 and below; Aruba InstantOS 8.7.x: 8.7.1.9 and below; Aruba InstantOS 8.10.x: 8.10.0.1 and below; ArubaOS 10.3.x: 10.3.1.0 and below; Aruba has released upgrades for Aruba InnstantOS that address these security vulnerabilities. | |||||
CVE-2022-38827 | 1 Totolink | 2 T6, T6 Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
TOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to Buffer Overflow via cstecgi.cgi | |||||
CVE-2022-34740 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2023-12-10 | 3.3 LOW | 6.5 MEDIUM |
The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation. | |||||
CVE-2022-37839 | 1 Totolink | 2 A860r, A860r Firmware | 2023-12-10 | N/A | 9.8 CRITICAL |
TOTOLINK A860R V4.1.2cu.5182_B20201027 is vulnerable to Buffer Overflow via Cstecgi.cgi. | |||||
CVE-2022-41483 | 1 Tenda | 2 Ac6, Ac6v2.0 Firmware | 2023-12-10 | N/A | 7.5 HIGH |
Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x4a12cc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. |