Vulnerabilities (CVE)

Filtered by CWE-787
Total 6784 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-44256 1 Totolink 2 Nr1800x, Nr1800x Firmware 2022-11-26 N/A 8.8 HIGH
TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter lang in the setLanguageCfg function.
CVE-2022-44257 1 Totolink 2 Lr350, Lr350 Firmware 2022-11-26 N/A 8.8 HIGH
TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter pppoeUser in the setOpModeCfg function.
CVE-2022-44258 1 Totolink 2 Lr350, Lr350 Firmware 2022-11-26 N/A 8.8 HIGH
TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter command in the setTracerouteCfg function.
CVE-2022-44260 1 Totolink 2 Lr350, Lr350 Firmware 2022-11-26 N/A 8.8 HIGH
TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter sPort/ePort in the setIpPortFilterRules function.
CVE-2022-44259 1 Totolink 2 Lr350, Lr350 Firmware 2022-11-26 N/A 8.8 HIGH
TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter week, sTime, and eTime in the setParentalRules function.
CVE-2022-44255 1 Totolink 2 Lr350, Lr350 Firmware 2022-11-26 N/A 9.8 CRITICAL
TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a pre-authentication buffer overflow in the main function via long post data.
CVE-2022-44253 1 Totolink 2 Lr350, Lr350 Firmware 2022-11-26 N/A 8.8 HIGH
TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter ip in the setDiagnosisCfg function.
CVE-2022-44254 1 Totolink 2 Lr350, Lr350 Firmware 2022-11-26 N/A 8.8 HIGH
TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter text in the setSmsCfg function.
CVE-2019-0053 1 Juniper 1 Junos 2022-11-25 4.6 MEDIUM 7.8 HIGH
Insufficient validation of environment variables in the telnet client supplied in Junos OS can lead to stack-based buffer overflows, which can be exploited to bypass veriexec restrictions on Junos OS. A stack-based overflow is present in the handling of environment variables when connecting via the telnet client to remote telnet servers. This issue only affects the telnet client — accessible from the CLI or shell — in Junos OS. Inbound telnet services are not affected by this issue. This issue affects: Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S13; 12.3X48 versions prior to 12.3X48-D80; 14.1X53 versions prior to 14.1X53-D130, 14.1X53-D49; 15.1 versions prior to 15.1F6-S12, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D170; 15.1X53 versions prior to 15.1X53-D237, 15.1X53-D496, 15.1X53-D591, 15.1X53-D69; 16.1 versions prior to 16.1R3-S11, 16.1R7-S4; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R3; 17.2 versions prior to 17.2R1-S8, 17.2R2-S7, 17.2R3-S1; 17.3 versions prior to 17.3R3-S4; 17.4 versions prior to 17.4R1-S6, 17.4R2-S3, 17.4R3; 18.1 versions prior to 18.1R2-S4, 18.1R3-S3; 18.2 versions prior to 18.2R1-S5, 18.2R2-S2, 18.2R3; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R1-S3, 18.3R2; 18.4 versions prior to 18.4R1-S2, 18.4R2.
CVE-2022-40152 1 Xstream Project 1 Xstream 2022-11-25 N/A 7.5 HIGH
Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks (DOS) if DTD support is enabled. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack.
CVE-2022-1621 4 Apple, Debian, Fedoraproject and 1 more 4 Macos, Debian Linux, Fedora and 1 more 2022-11-24 6.8 MEDIUM 7.8 HIGH
Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
CVE-2022-2129 2 Fedoraproject, Vim 2 Fedora, Vim 2022-11-24 6.8 MEDIUM 7.8 HIGH
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVE-2022-1897 3 Apple, Fedoraproject, Vim 3 Macos, Fedora, Vim 2022-11-24 6.8 MEDIUM 7.8 HIGH
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVE-2022-1785 1 Vim 1 Vim 2022-11-24 4.6 MEDIUM 7.8 HIGH
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977.
CVE-2022-2000 3 Apple, Fedoraproject, Vim 3 Macos, Fedora, Vim 2022-11-24 6.8 MEDIUM 7.8 HIGH
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVE-2022-0318 2 Apple, Vim 2 Macos, Vim 2022-11-24 7.5 HIGH 9.8 CRITICAL
Heap-based Buffer Overflow in vim/vim prior to 8.2.
CVE-2022-44806 1 Dlink 2 Dir-882, Dir-882 Firmware 2022-11-23 N/A 9.8 CRITICAL
D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow.
CVE-2022-44804 1 Dlink 2 Dir-882, Dir-882 Firmware 2022-11-23 N/A 9.8 CRITICAL
D-Link DIR-882 1.10B02 and1.20B06 is vulnerable to Buffer Overflow via the websRedirect function.
CVE-2022-44202 1 Dlink 2 Dir-878, Dir-878 Firmware 2022-11-23 N/A 9.8 CRITICAL
D-Link DIR878 1.02B04 and 1.02B05 are vulnerable to Buffer Overflow.
CVE-2022-44807 1 Dlink 2 Dir-882, Dir-882 Firmware 2022-11-23 N/A 9.8 CRITICAL
D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow via webGetVarString.