Search
Total
1326 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-21830 | 1 Att | 1 Xmill | 2022-05-31 | 7.5 HIGH | 9.8 CRITICAL |
| A heap-based buffer overflow vulnerability exists in the XML Decompression LabelDict::Load functionality of AT&T Labs’ Xmill 0.7. A specially crafted XMI file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-40394 | 2 Debian, Gerbv Project | 2 Debian Linux, Gerbv | 2022-05-31 | 7.5 HIGH | 10.0 CRITICAL |
| An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-23676 | 1 Arubanetworks | 22 2530, 2530 Firmware, 2540 and 19 more | 2022-05-25 | 9.3 HIGH | 9.8 CRITICAL |
| A remote execution of arbitrary code vulnerability was discovered in ArubaOS-Switch Devices version(s): ArubaOS-Switch 15.xx.xxxx: All versions; ArubaOS-Switch 16.01.xxxx: All versions; ArubaOS-Switch 16.02.xxxx: K.16.02.0033 and below; ArubaOS-Switch 16.03.xxxx: All versions; ArubaOS-Switch 16.04.xxxx: All versions; ArubaOS-Switch 16.05.xxxx: All versions; ArubaOS-Switch 16.06.xxxx: All versions; ArubaOS-Switch 16.07.xxxx: All versions; ArubaOS-Switch 16.08.xxxx: KB/WB/WC/YA/YB/YC.16.08.0024 and below; ArubaOS-Switch 16.09.xxxx: KB/WB/WC/YA/YB/YC.16.09.0019 and below; ArubaOS-Switch 16.10.xxxx: KB/WB/WC/YA/YB/YC.16.10.0019 and below; ArubaOS-Switch 16.11.xxxx: KB/WB/WC/YA/YB/YC.16.11.0003 and below. Aruba has released upgrades for ArubaOS-Switch Devices that address these security vulnerabilities. | |||||
| CVE-2021-44790 | 6 Apache, Debian, Fedoraproject and 3 more | 6 Http Server, Debian Linux, Fedora and 3 more | 2022-05-17 | 7.5 HIGH | 9.8 CRITICAL |
| A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. | |||||
| CVE-2022-29397 | 1 Totolink | 2 N600r, N600r Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004196c8. | |||||
| CVE-2022-29391 | 1 Totolink | 2 N600r, N600r Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004200c8. | |||||
| CVE-2022-29393 | 1 Totolink | 2 N600r, N600r Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_004192cc. | |||||
| CVE-2022-29392 | 1 Totolink | 2 N600r, N600r Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418c24. | |||||
| CVE-2022-29398 | 1 Totolink | 2 N600r, N600r Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the File parameter in the function FUN_0041309c. | |||||
| CVE-2022-29396 | 1 Totolink | 2 N600r, N600r Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN_00418f10. | |||||
| CVE-2022-29399 | 1 Totolink | 2 N600r, N600r Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the url parameter in the function FUN_00415bf0. | |||||
| CVE-2022-29394 | 1 Totolink | 2 N600r, N600r Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macAddress parameter in the function FUN_0041b448. | |||||
| CVE-2022-29395 | 1 Totolink | 2 N600r, N600r Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the apcliKey parameter in the function FUN_0041bac4. | |||||
| CVE-2022-29329 | 1 Dlink | 2 Dap-1330, Dap-1330 Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a heap overflow via the devicename parameter in /goform/setDeviceSettings. | |||||
| CVE-2022-29328 | 1 Dlink | 2 Dap-1330, Dap-1330 Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a stack overflow via the function checkvalidupgrade. | |||||
| CVE-2022-29327 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the urladd parameter in /goform/websURLFilterAddDel. | |||||
| CVE-2022-29324 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the proto parameter in /goform/form2IPQoSTcAdd. | |||||
| CVE-2022-29326 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addhostfilter parameter in /goform/websHostFilter. | |||||
| CVE-2022-29325 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addurlfilter parameter in /goform/websURLFilter. | |||||
| CVE-2022-29323 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the MAC parameter in /goform/editassignment. | |||||
| CVE-2022-29321 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the lanip parameter in /goform/setNetworkLan. | |||||
| CVE-2022-29322 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the IPADDR and nvmacaddr parameters in /goform/form2Dhcpip. | |||||
| CVE-2021-40010 | 1 Huawei | 1 Harmonyos | 2022-05-13 | 7.5 HIGH | 9.8 CRITICAL |
| The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution. | |||||
| CVE-2021-20038 | 1 Sonicwall | 10 Sma 200, Sma 200 Firmware, Sma 210 and 7 more | 2022-05-13 | 7.5 HIGH | 9.8 CRITICAL |
| A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions. | |||||
| CVE-2020-15866 | 2 Debian, Mruby | 2 Debian Linux, Mruby | 2022-05-12 | 7.5 HIGH | 9.8 CRITICAL |
| mruby through 2.1.2-rc has a heap-based buffer overflow in the mrb_yield_with_class function in vm.c because of incorrect VM stack handling. It can be triggered via the stack_copy function. | |||||
| CVE-2017-12166 | 2 Debian, Openvpn | 2 Debian Linux, Openvpn | 2022-05-12 | 6.8 MEDIUM | 9.8 CRITICAL |
| OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. | |||||
| CVE-2022-20699 | 1 Cisco | 8 Rv340, Rv340 Firmware, Rv340w and 5 more | 2022-05-12 | 10.0 HIGH | 9.8 CRITICAL |
| Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned software Cause denial of service (DoS) For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2020-6151 | 1 Accusoft | 1 Imagegear | 2022-05-12 | 7.5 HIGH | 9.8 CRITICAL |
| A memory corruption vulnerability exists in the TIFF handle_COMPRESSION_PACKBITS functionality of Accusoft ImageGear 19.7. A specially crafted malformed file can cause a memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-28082 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2022-05-12 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the list parameter at /goform/SetNetControlList. | |||||
| CVE-2022-28560 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-05-11 | 10.0 HIGH | 9.8 CRITICAL |
| There is a stack overflow vulnerability in the goform/fast_setting_wifi_set function in the httpd service of Tenda ac9 15.03.2.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload | |||||
| CVE-2021-33945 | 1 Ricoh | 132 Aficio Sp 3500sf, Aficio Sp 3500sf Firmware, M 2700 and 129 more | 2022-05-11 | 7.5 HIGH | 9.8 CRITICAL |
| RICOH Printer series SP products 320DN, SP 325DNw, SP 320SN, SP 320SFN, SP 325SNw, SP 325SFNw, SP 330SN, Aficio SP 3500SF, SP 221S, SP 220SNw, SP 221SNw, SP 221SF, SP 220SFNw, SP 221SFNw v1.06 were discovered to contain a stack buffer overflow in the file /etc/wpa_supplicant.conf. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | |||||
| CVE-2022-28561 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2022-05-09 | 10.0 HIGH | 9.8 CRITICAL |
| There is a stack overflow vulnerability in the /goform/setMacFilterCfg function in the httpd service of Tenda ax12 22.03.01.21_cn router. An attacker can obtain a stable shell through a carefully constructed payload | |||||
| CVE-2022-29077 | 1 Ripple | 1 Rippled | 2022-05-04 | 7.5 HIGH | 9.8 CRITICAL |
| A heap-based buffer overflow exists in rippled before 1.8.5. The vulnerability allows attackers to cause a crash or execute commands remotely on a rippled node, which may lead to XRPL mainnet DoS or compromise. This exposes all digital assets on the XRPL to a security threat. | |||||
| CVE-2020-11182 | 1 Qualcomm | 536 Aqt1000, Aqt1000 Firmware, Pm3003a and 533 more | 2022-05-03 | 10.0 HIGH | 9.8 CRITICAL |
| Possible heap overflow while parsing NAL header due to lack of check of length of data received from user in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2021-38568 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2022-05-03 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Foxit Reader and PhantomPDF before 10.1.4. It allows memory corruption during conversion of a PDF document to a different document format. | |||||
| CVE-2020-11176 | 1 Qualcomm | 198 Apq8017, Apq8017 Firmware, Apq8053 and 195 more | 2022-05-03 | 10.0 HIGH | 9.8 CRITICAL |
| While processing server certificate from IPSec server, certificate validation for subject alternative name API can cause heap overflow which can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile | |||||
| CVE-2020-13995 | 1 Airforce | 1 Nitf Extract Utility | 2022-05-03 | 7.5 HIGH | 9.8 CRITICAL |
| U.S. Air Force Sensor Data Management System extract75 has a buffer overflow that leads to code execution. An overflow in a global variable (sBuffer) leads to a Write-What-Where outcome. Writing beyond sBuffer will clobber most global variables until reaching a pointer such as DES_info or image_info. By controlling that pointer, one achieves an arbitrary write when its fields are assigned. The data written is from a potentially untrusted NITF file in the form of an integer. The attacker can gain control of the instruction pointer. | |||||
| CVE-2019-11835 | 2 Cjson Project, Oracle | 2 Cjson, Timesten In-memory Database | 2022-05-03 | 7.5 HIGH | 9.8 CRITICAL |
| cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments. | |||||
| CVE-2019-11834 | 2 Cjson Project, Oracle | 2 Cjson, Timesten In-memory Database | 2022-05-03 | 7.5 HIGH | 9.8 CRITICAL |
| cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal. | |||||
| CVE-2019-11356 | 5 Canonical, Cyrus, Debian and 2 more | 8 Ubuntu Linux, Imap, Debian Linux and 5 more | 2022-05-03 | 7.5 HIGH | 9.8 CRITICAL |
| The CalDAV feature in httpd in Cyrus IMAP 2.5.x through 2.5.12 and 3.0.x through 3.0.9 allows remote attackers to execute arbitrary code via a crafted HTTP PUT operation for an event with a long iCalendar property name. | |||||
| CVE-2020-12284 | 3 Canonical, Debian, Ffmpeg | 3 Ubuntu Linux, Debian Linux, Ffmpeg | 2022-04-29 | 10.0 HIGH | 9.8 CRITICAL |
| cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check. | |||||
| CVE-2021-21889 | 1 Lantronix | 2 Premierwave 2050, Premierwave 2050 Firmware | 2022-04-28 | 6.5 MEDIUM | 9.9 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the Web Manager Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2021-21891 | 1 Lantronix | 2 Premierwave 2050, Premierwave 2050 Firmware | 2022-04-28 | 6.5 MEDIUM | 9.1 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution in the vulnerable portion of the branch (deletefile). An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2021-21892 | 1 Lantronix | 2 Premierwave 2050, Premierwave 2050 Firmware | 2022-04-28 | 6.5 MEDIUM | 9.9 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2021-21890 | 1 Lantronix | 2 Premierwave 2050, Premierwave 2050 Firmware | 2022-04-28 | 6.5 MEDIUM | 9.1 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution in the vulnerable portion of the branch (deletedir). An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2021-21887 | 1 Lantronix | 2 Premierwave 2050, Premierwave 2050 Firmware | 2022-04-28 | 6.5 MEDIUM | 9.1 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-28592 | 1 Cosori | 2 Cs158-af, Cs158-af Firmware | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| A heap-based buffer overflow vulnerability exists in the configuration server functionality of the Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to remote code execution. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2020-15588 | 1 Zohocorp | 1 Manageengine Desktop Central | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the client side of Zoho ManageEngine Desktop Central 10.0.552.W. An attacker-controlled server can trigger an integer overflow in InternetSendRequestEx and InternetSendRequestByBitrate that leads to a heap-based buffer overflow and Remote Code Execution with SYSTEM privileges. This issue will occur only when untrusted communication is initiated with server. In cloud, Agent will always connect with trusted communication. | |||||
| CVE-2020-15683 | 3 Debian, Mozilla, Opensuse | 5 Debian Linux, Firefox, Firefox Esr and 2 more | 2022-04-28 | 7.5 HIGH | 9.8 CRITICAL |
| Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 78.4, Firefox < 82, and Thunderbird < 78.4. | |||||
| CVE-2021-21903 | 1 Garrett | 1 Ic Module Cma | 2022-04-28 | 10.0 HIGH | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the CMA check_udp_crc function of Garrett Metal Detectors’ iC Module CMA Version 5.0. A specially-crafted packet can lead to a stack-based buffer overflow during a call to strcpy. An attacker can send a malicious packet to trigger this vulnerability. | |||||