Total
2128 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-40241 | 1 Xfig Project | 1 Xfig | 2023-12-10 | N/A | 9.8 CRITICAL |
xfig 3.2.7 is vulnerable to Buffer Overflow. | |||||
CVE-2022-24025 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2023-12-10 | N/A | 9.8 CRITICAL |
A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the sntp binary. | |||||
CVE-2022-20894 | 1 Cisco | 8 Rv110w, Rv110w Firmware, Rv130 and 5 more | 2023-12-10 | N/A | 7.2 HIGH |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | |||||
CVE-2022-41481 | 1 Tenda | 2 Ac6, Ac6v2.0 Firmware | 2023-12-10 | N/A | 7.5 HIGH |
Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47de1c function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
CVE-2022-25680 | 1 Qualcomm | 2 Msm8996au, Msm8996au Firmware | 2023-12-10 | N/A | 7.8 HIGH |
Memory corruption in multimedia due to buffer overflow while processing count variable from client in Snapdragon Auto | |||||
CVE-2022-28722 | 1 Hp | 198 A7w93a, A7w93a Firmware, D3q15a and 195 more | 2023-12-10 | N/A | 9.8 CRITICAL |
Certain HP Print Products are potentially vulnerable to Buffer Overflow. | |||||
CVE-2022-20897 | 1 Cisco | 8 Rv110w, Rv110w Firmware, Rv130 and 5 more | 2023-12-10 | N/A | 7.2 HIGH |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | |||||
CVE-2022-22206 | 1 Juniper | 28 Junos, Srx100, Srx110 and 25 more | 2023-12-10 | N/A | 7.5 HIGH |
A Buffer Overflow vulnerability in the PFE of Juniper Networks Junos OS on SRX series allows an unauthenticated network based attacker to cause a Denial of Service (DoS). The PFE will crash when specific traffic is scanned by Enhanced Web Filtering safe-search feature of UTM (Unified Threat management). Continued receipt of this specific traffic will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks Junos OS: 20.2 versions prior to 20.2R3-S4 on SRX Series; 20.3 versions prior to 20.3R3-S3 on SRX Series; 20.4 versions prior to 20.4R3-S3 on SRX Series; 21.1 versions prior to 21.1R3-S1 on SRX Series; 21.2 versions prior to 21.2R2-S2, 21.2R3 on SRX Series; 21.3 versions prior to 21.3R2 on SRX Series; 21.4 versions prior to 21.4R2 on SRX Series. This issue does not affect Juniper Networks Junos OS versions prior to 20.2R1. | |||||
CVE-2022-34741 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2023-12-10 | 3.3 LOW | 6.5 MEDIUM |
The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation. | |||||
CVE-2022-20889 | 1 Cisco | 9 Application Extension Platform, Rv110w, Rv110w Firmware and 6 more | 2023-12-10 | N/A | 7.2 HIGH |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | |||||
CVE-2022-20895 | 1 Cisco | 8 Rv110w, Rv110w Firmware, Rv130 and 5 more | 2023-12-10 | N/A | 7.2 HIGH |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device or cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. These vulnerabilities are due to insufficient validation of user fields within incoming HTTP packets. An attacker could exploit these vulnerabilities by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device with root-level privileges or to cause the device to restart unexpectedly, resulting in a DoS condition. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device. Cisco has not released software updates that address these vulnerabilities. | |||||
CVE-2022-25724 | 1 Qualcomm | 402 Apq8009, Apq8009 Firmware, Apq8009w and 399 more | 2023-12-10 | N/A | 7.8 HIGH |
Memory corruption in graphics due to buffer overflow while validating the user address in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2022-25659 | 1 Qualcomm | 307 Apq8009, Apq8009 Firmware, Apq8009w and 304 more | 2023-12-10 | N/A | 9.8 CRITICAL |
Memory corruption due to buffer overflow while parsing MKV clips with invalid bitmap size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2022-41485 | 1 Tenda | 3 Ac6, Ac6 Firmware, Ac6v2.0 Firmware | 2023-12-10 | N/A | 7.5 HIGH |
Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47ce00 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | |||||
CVE-2022-24019 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2023-12-10 | N/A | 9.8 CRITICAL |
A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the netctrl binary. | |||||
CVE-2022-30984 | 3 Linux, Opengroup, Rubrik | 3 Linux Kernel, Unix, Cdm | 2023-12-10 | N/A | 7.8 HIGH |
A buffer overflow vulnerability in the Rubrik Backup Service (RBS) Agent for Linux or Unix-based systems in Rubrik CDM 7.0.1, 7.0.1-p1, 7.0.1-p2 or 7.0.1-p3 before CDM 7.0.2-p2 could allow a local attacker to obtain root privileges by sending a crafted message to the RBS agent. | |||||
CVE-2022-36647 | 1 Davs2 Project | 1 Davs2 | 2023-12-10 | N/A | 5.5 MEDIUM |
PKUVCL davs2 v1.6.205 was discovered to contain a global buffer overflow via the function parse_sequence_header() at source/common/header.cc:269. | |||||
CVE-2022-38236 | 1 Xpdf Project | 1 Xpdf | 2023-12-10 | N/A | 7.8 HIGH |
XPDF commit ffaf11c was discovered to contain a global-buffer overflow via Lexer::getObj(Object*) at /xpdf/Lexer.cc. | |||||
CVE-2022-25687 | 1 Qualcomm | 362 Apq8009, Apq8009 Firmware, Apq8009w and 359 more | 2023-12-10 | N/A | 9.8 CRITICAL |
memory corruption in video due to buffer overflow while parsing asf clips in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2022-39047 | 1 Freeciv | 1 Freeciv | 2023-12-10 | N/A | 8.8 HIGH |
Freeciv before 2.6.7 and before 3.0.3 is prone to a buffer overflow vulnerability in the Modpack Installer utility's handling of the modpack URL. |