Total
9529 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-25042 | 1 Bittorrent | 1 Utorrent | 2023-12-10 | 6.8 MEDIUM | 8.8 HIGH |
A vulnerability classified as critical has been found in uTorrent. This affects an unknown part. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to upgrade the affected component. | |||||
CVE-2021-37107 | 1 Huawei | 1 Emui | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
There is an improper memory access permission configuration on ACPU.Successful exploitation of this vulnerability may cause out-of-bounds access. | |||||
CVE-2022-20711 | 1 Cisco | 8 Rv340, Rv340 Firmware, Rv340w and 5 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | |||||
CVE-2022-1785 | 2 Debian, Vim | 2 Debian Linux, Vim | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. | |||||
CVE-2021-46584 | 1 Bentley | 3 Microstation, Microstation Connect, View | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K images. Crafted data in a J2K image can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15378. | |||||
CVE-2022-22633 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-12-10 | 9.3 HIGH | 7.8 HIGH |
A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, macOS Monterey 12.3. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution. | |||||
CVE-2022-25549 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsEn parameter. | |||||
CVE-2022-23901 | 1 Re2c | 1 Re2c | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A stack overflow re2c 2.2 exists due to infinite recursion issues in src/dfa/dead_rules.cc. | |||||
CVE-2022-20203 | 1 Google | 1 Android | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
In multiple locations of the nanopb library, there is a possible way to corrupt memory when decoding untrusted protobuf files. This could lead to local escalation of privilege,with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2022-20056 | 2 Google, Mediatek | 33 Android, Mt6761, Mt6762 and 30 more | 2023-12-10 | 4.4 MEDIUM | 6.6 MEDIUM |
In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160820. | |||||
CVE-2022-20038 | 2 Google, Mediatek | 9 Android, Mt6833, Mt6853 and 6 more | 2023-12-10 | 4.6 MEDIUM | 6.7 MEDIUM |
In ccu driver, there is a possible memory corruption due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06183335; Issue ID: ALPS06183335. | |||||
CVE-2022-20048 | 2 Google, Mediatek | 11 Android, Mt5816, Mt5835 and 8 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917502; Issue ID: ALPS05917502. | |||||
CVE-2014-125010 | 1 Ffmpeg | 1 Ffmpeg | 2023-12-10 | 4.3 MEDIUM | 5.5 MEDIUM |
A vulnerability was found in FFmpeg 2.0. It has been rated as critical. Affected by this issue is the function decode_slice_header of the file libavcodec/h64.c. The manipulation leads to memory corruption. The attack may be launched remotely. It is recommended to apply a patch to fix this issue. | |||||
CVE-2022-27870 | 1 Autodesk | 1 Autocad | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
A maliciously crafted TGA file in Autodesk AutoCAD 2023 may be used to write beyond the allocated buffer while parsing TGA file. This vulnerability may be exploited to execute arbitrary code. | |||||
CVE-2021-32969 | 1 Deltaww | 1 Diascreen | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
Delta Electronics DIAScreen versions prior to 1.1.0 are vulnerable to an out-of-bounds write condition, which may result in a system crash or allow an attacker to remotely execute arbitrary code. | |||||
CVE-2022-0995 | 3 Fedoraproject, Linux, Netapp | 24 Fedora, Linux Kernel, H300e and 21 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system. | |||||
CVE-2021-46574 | 1 Bentley | 3 Microstation, Microstation Connect, View | 2023-12-10 | 6.8 MEDIUM | 7.8 HIGH |
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JT files. Crafted data in a JT file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15368. | |||||
CVE-2022-25448 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the day parameter in the openSchedWifi function. | |||||
CVE-2021-40036 | 1 Huawei | 1 Harmonyos | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The bone voice ID TA has a memory overwrite vulnerability. Successful exploitation of this vulnerability may result in malicious code execution. | |||||
CVE-2021-42692 | 1 Tinytoml Project | 1 Tinytoml | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
There is a stack-overflow vulnerability in tinytoml v0.4 that can cause a crash or DoS. |