Search
Total
1326 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-5093 | 1 Leadtools | 1 Leadtools | 2022-06-17 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable code execution vulnerability exists in the DICOM network response functionality of LEADTOOLS libltdic.so version 20.0.2019.3.15. A specially crafted packet can cause an integer overflow, resulting in heap corruption. An attacker can send a packet to trigger this vulnerability. | |||||
| CVE-2022-30909 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the CMD parameter at /goform/aspForm. | |||||
| CVE-2022-30910 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the GO parameter at /goform/aspForm. | |||||
| CVE-2022-30912 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateWanParams parameter at /goform/aspForm. | |||||
| CVE-2022-30913 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the ipqos_set_bandwidth parameter at /goform/aspForm. | |||||
| CVE-2022-30914 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateMacClone parameter at /goform/aspForm. | |||||
| CVE-2022-30916 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Asp_SetTelnetDebug parameter at /goform/aspForm. | |||||
| CVE-2022-30918 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Asp_SetTelnet parameter at /goform/aspForm. | |||||
| CVE-2022-30917 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the AddWlanMacList parameter at /goform/aspForm. | |||||
| CVE-2022-30919 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Edit_BasicSSID_5G parameter at /goform/aspForm. | |||||
| CVE-2022-30915 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateSnat parameter at /goform/aspForm. | |||||
| CVE-2022-30920 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Edit_BasicSSID parameter at /goform/aspForm. | |||||
| CVE-2022-30921 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the SetMobileAPInfoById parameter at /goform/aspForm. | |||||
| CVE-2022-30922 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the EditWlanMacList parameter at /goform/aspForm. | |||||
| CVE-2022-30923 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Asp_SetTimingtimeWifiAndLed parameter at /goform/aspForm. | |||||
| CVE-2022-30924 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the SetAPWifiorLedInfoById parameter at /goform/aspForm. | |||||
| CVE-2022-30925 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the AddMacList parameter at /goform/aspForm. | |||||
| CVE-2022-30926 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the EditMacList parameter at /goform/aspForm. | |||||
| CVE-2021-39275 | 5 Apache, Debian, Fedoraproject and 2 more | 7 Http Server, Debian Linux, Fedora and 4 more | 2022-06-14 | 7.5 HIGH | 9.8 CRITICAL |
| ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier. | |||||
| CVE-2019-5019 | 1 Rainbowpdf | 1 Office Server Document Converter | 2022-06-13 | 7.5 HIGH | 9.8 CRITICAL |
| A heap-based overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro R1 (7,0,2018,1113). While parsing Document Summary Property Set stream, the getSummaryInformation function is incorrectly checking the correlation between size and the number of properties in PropertySet packets, causing an out-of-bounds write that leads to heap corruption and consequent code execution. | |||||
| CVE-2022-31003 | 1 Signalwire | 1 Sofia-sip | 2022-06-09 | 7.5 HIGH | 9.8 CRITICAL |
| Sofia-SIP is an open-source Session Initiation Protocol (SIP) User-Agent library. Prior to version 1.13.8, when parsing each line of a sdp message, `rest = record + 2` will access the memory behind `\0` and cause an out-of-bounds write. An attacker can send a message with evil sdp to FreeSWITCH, causing a crash or more serious consequence, such as remote code execution. Version 1.13.8 contains a patch for this issue. | |||||
| CVE-2020-13556 | 1 Opener Project | 1 Opener | 2022-06-07 | 7.5 HIGH | 9.8 CRITICAL |
| An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. | |||||
| CVE-2017-2885 | 3 Debian, Gnome, Redhat | 8 Debian Linux, Libsoup, Enterprise Linux Desktop and 5 more | 2022-06-07 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58. A specially crafted HTTP request can cause a stack overflow resulting in remote code execution. An attacker can send a special HTTP request to the vulnerable server to trigger this vulnerability. | |||||
| CVE-2017-2894 | 1 Cesanta | 1 Mongoose | 2022-06-07 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet over the network to trigger this vulnerability. | |||||
| CVE-2018-4013 | 2 Debian, Live555 | 2 Debian Linux, Live555 Media Server | 2022-06-07 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability. | |||||
| CVE-2018-4014 | 1 Anker-in | 2 Roav Dashcam A1, Roav Dashcam A1 Firmware | 2022-06-07 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable code execution vulnerability exists in Wi-Fi Command 9999 of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability. | |||||
| CVE-2018-4029 | 1 Anker-in | 2 Roav Dashcam A1, Roav Dashcam A1 Firmware | 2022-06-07 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable code execution vulnerability exists in the HTTP request-parsing function of the NT9665X Chipset firmware running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an unlimited and arbitrary write to memory, resulting in code execution. | |||||
| CVE-2018-4023 | 1 Anker-in | 2 Roav Dashcam A1, Roav Dashcam A1 Firmware | 2022-06-07 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable code execution vulnerability exists in the XML_UploadFile Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. | |||||
| CVE-2021-32941 | 1 Annke | 2 N48pbb, N48pbb Firmware | 2022-06-07 | 10.0 HIGH | 9.8 CRITICAL |
| Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are vulnerable to a stack-based buffer overflow, which allows an unauthorized remote attacker to execute arbitrary code with the same privileges as the server user (root). | |||||
| CVE-2021-43299 | 2 Debian, Teluu | 2 Debian Linux, Pjsip | 2022-06-05 | 7.5 HIGH | 9.8 CRITICAL |
| Stack overflow in PJSUA API when calling pjsua_player_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation. | |||||
| CVE-2017-2867 | 1 Natus | 1 Xltek Neuroworks | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable code execution vulnerability exists in the SavePatientMontage functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can a malicious packet to trigger this vulnerability. | |||||
| CVE-2017-2868 | 1 Natus | 1 Xltek Neuroworks | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable code execution vulnerability exists in the NewProducerStream functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2017-2869 | 1 Natus | 1 Xltek Neuroworks | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable code execution vulnerability exists in the OpenProducer functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2017-2853 | 1 Natus | 1 Xltek Neuroworks | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable Code Execution vulnerability exists in the RequestForPatientInfoEEGfile functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in arbitrary command execution. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2020-14871 | 1 Oracle | 1 Solaris | 2022-06-03 | 10.0 HIGH | 10.0 CRITICAL |
| Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. Note: This CVE is not exploitable for Solaris 11.1 and later releases, and ZFSSA 8.7 and later releases, thus the CVSS Base Score is 0.0. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). | |||||
| CVE-2011-4372 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Reader, Macos and 1 more | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373. | |||||
| CVE-2011-4373 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Reader, Macos and 1 more | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372. | |||||
| CVE-2022-30595 | 1 Python | 1 Pillow | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files. | |||||
| CVE-2022-29379 | 1 F5 | 1 Njs | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** Nginx NJS v0.7.3 was discovered to contain a stack overflow in the function njs_default_module_loader at /src/njs/src/njs_module.c. NOTE: multiple third parties dispute this report, e.g., the behavior is only found in unreleased development code that was not part of the 0.7.2, 0.7.3, or 0.7.4 release. | |||||
| CVE-2021-43301 | 2 Debian, Teluu | 2 Debian Linux, Pjsip | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| Stack overflow in PJSUA API when calling pjsua_playlist_create. An attacker-controlled 'file_names' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation. | |||||
| CVE-2021-43300 | 2 Debian, Teluu | 2 Debian Linux, Pjsip | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| Stack overflow in PJSUA API when calling pjsua_recorder_create. An attacker-controlled 'filename' argument may cause a buffer overflow since it is copied to a fixed-size stack buffer without any size validation. | |||||
| CVE-2022-30476 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetFirewallCfg request. | |||||
| CVE-2022-30474 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a heap overflow in the httpd module when handling /goform/saveParentControlInfo request. | |||||
| CVE-2022-30472 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Seris Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function fromAddressNat | |||||
| CVE-2022-30477 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request. | |||||
| CVE-2021-21828 | 1 Att | 1 Xmill | 2022-05-31 | 7.5 HIGH | 9.8 CRITICAL |
| A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. In the default case of DecodeTreeBlock a label is created via CurPath::AddLabel in order to track the label for later reference. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-21827 | 1 Att | 1 Xmill | 2022-05-31 | 7.5 HIGH | 9.8 CRITICAL |
| A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. Within `DecodeTreeBlock` which is called during the decompression of an XMI file, a UINT32 is loaded from the file and used as trusted input as the length of a buffer. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-21826 | 1 Att | 1 Xmill | 2022-05-31 | 7.5 HIGH | 9.8 CRITICAL |
| A heap-based buffer overflow vulnerability exists in the XML Decompression DecodeTreeBlock functionality of AT&T Labs Xmill 0.7. Within `DecodeTreeBlock` which is called during the decompression of an XMI file, a UINT32 is loaded from the file and used as trusted input as the length of a buffer. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-21825 | 1 Att | 1 Xmill | 2022-05-31 | 7.5 HIGH | 9.8 CRITICAL |
| A heap-based buffer overflow vulnerability exists in the XML Decompression PlainTextUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-21829 | 1 Att | 1 Xmill | 2022-05-31 | 7.5 HIGH | 9.8 CRITICAL |
| A heap-based buffer overflow vulnerability exists in the XML Decompression EnumerationUncompressor::UncompressItem functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||