Search
Total
3972 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-34289 | 1 Siemens | 1 Pads Viewer | 2022-07-15 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-054) | |||||
| CVE-2022-34273 | 1 Siemens | 1 Pads Viewer | 2022-07-15 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-038) | |||||
| CVE-2022-34748 | 1 Siemens | 1 Simcenter Femap | 2022-07-15 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap (All versions < V2022.2). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17293) | |||||
| CVE-2022-33103 | 1 Denx | 1 U-boot | 2022-07-15 | 4.6 MEDIUM | 7.8 HIGH |
| Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir(). | |||||
| CVE-2022-21767 | 2 Google, Mediatek | 7 Android, Mt8167, Mt8175 and 4 more | 2022-07-14 | 8.3 HIGH | 8.8 HIGH |
| In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784430; Issue ID: ALPS06784430. | |||||
| CVE-2022-21768 | 2 Google, Mediatek | 7 Android, Mt8167s, Mt8175 and 4 more | 2022-07-14 | 8.3 HIGH | 8.8 HIGH |
| In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06784351; Issue ID: ALPS06784351. | |||||
| CVE-2021-3697 | 2 Gnu, Redhat | 12 Grub, Codeready Linux Builder, Developer Tools and 9 more | 2022-07-14 | 4.4 MEDIUM | 7.0 HIGH |
| A crafted JPEG image may lead the JPEG reader to underflow its data pointer, allowing user-controlled data to be written in heap. To a successful to be performed the attacker needs to perform some triage over the heap layout and craft an image with a malicious format and payload. This vulnerability can lead to data corruption and eventual code execution or secure boot circumvention. This flaw affects grub2 versions prior grub-2.12. | |||||
| CVE-2022-32384 | 1 Tendacn | 2 Ac23 Ac2100, Ac23 Ac2100 Firmware | 2022-07-13 | 5.8 MEDIUM | 8.8 HIGH |
| Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the security_5g parameter in the function formWifiBasicSet. | |||||
| CVE-2022-28200 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2022-07-12 | 4.6 MEDIUM | 8.2 HIGH |
| NVIDIA DGX A100 contains a vulnerability in SBIOS in the BiosCfgTool, where a local user with elevated privileges can read and write beyond intended bounds in SMRAM, which may lead to code execution, escalation of privileges, denial of service, and information disclosure. The scope of impact can extend to other components. | |||||
| CVE-2020-1020 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-07-12 | 6.8 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format.For all systems except Windows 10, an attacker who successfully exploited the vulnerability could execute code remotely, aka 'Adobe Font Manager Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0938. | |||||
| CVE-2020-12980 | 2 Amd, Microsoft | 3 Radeon Pro Software, Radeon Software, Windows 10 | 2022-07-12 | 4.6 MEDIUM | 7.8 HIGH |
| An out of bounds write and read vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service. | |||||
| CVE-2020-1027 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-07-12 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0913, CVE-2020-1000, CVE-2020-1003. | |||||
| CVE-2021-43247 | 1 Microsoft | 5 Windows 10, Windows 11, Windows Server and 2 more | 2022-07-12 | 7.2 HIGH | 7.8 HIGH |
| Windows TCP/IP Driver Elevation of Privilege Vulnerability | |||||
| CVE-2020-12981 | 2 Amd, Microsoft | 3 Radeon Pro Software, Radeon Software, Windows 10 | 2022-07-12 | 7.2 HIGH | 7.8 HIGH |
| An insufficient input validation in the AMD Graphics Driver for Windows 10 may allow unprivileged users to unload the driver, potentially causing memory corruptions in high privileged processes, which can lead to escalation of privileges or denial of service. | |||||
| CVE-2020-22017 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2022-07-10 | 6.8 MEDIUM | 8.8 HIGH |
| A heap-based Buffer Overflow vulnerability exists in FFmpeg 4.2 at ff_fill_rectangle in libavfilter/drawutils.c, which might lead to memory corruption and other potential consequences. | |||||
| CVE-2020-23060 | 1 Tonec | 1 Internet Download Manager | 2022-07-10 | 6.6 MEDIUM | 7.1 HIGH |
| Internet Download Manager 6.37.11.1 was discovered to contain a stack buffer overflow in the Export/Import function. This vulnerability allows attackers to escalate local process privileges via a crafted ef2 file. | |||||
| CVE-2020-22025 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2022-07-10 | 6.8 MEDIUM | 8.8 HIGH |
| A heap-based Buffer Overflow vulnerability exists in gaussian_blur at libavfilter/vf_edgedetect.c, which might lead to memory corruption and other potential consequences. | |||||
| CVE-2020-22034 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2022-07-10 | 6.8 MEDIUM | 8.8 HIGH |
| A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_floodfill.c, which might lead to memory corruption and other potential consequences. | |||||
| CVE-2020-23332 | 1 Axiosys | 1 Bento4 | 2022-07-10 | 5.0 MEDIUM | 7.5 HIGH |
| A heap-based buffer overflow exists in the AP4_StdcFileByteStream::ReadPartial component located in /StdC/Ap4StdCFileByteStream.cpp of Bento4 version 06c39d9. This issue can lead to a denial of service (DOS). | |||||
| CVE-2020-22032 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2022-07-10 | 6.8 MEDIUM | 8.8 HIGH |
| A heap-based Buffer Overflow vulnerability exists FFmpeg 4.2 at libavfilter/vf_edgedetect.c in gaussian_blur, which might lead to memory corruption and other potential consequences. | |||||
| CVE-2020-20746 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2022-07-10 | 6.5 MEDIUM | 7.2 HIGH |
| A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60_EN allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via a crafted POST request to /goform/SetStaticRouteCfg. | |||||
| CVE-2020-17541 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2022-07-10 | 6.8 MEDIUM | 8.8 HIGH |
| Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service. | |||||
| CVE-2020-21827 | 1 Gnu | 1 Libredwg | 2022-07-10 | 6.8 MEDIUM | 7.8 HIGH |
| A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10 via read_2004_compressed_section ../../src/decode.c:2379. | |||||
| CVE-2020-21598 | 1 Libde265 | 1 Libde265 | 2022-07-10 | 6.8 MEDIUM | 8.8 HIGH |
| libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file. | |||||
| CVE-2022-32036 | 1 Tendacn | 2 M3, M3 Firmware | 2022-07-09 | 7.8 HIGH | 7.5 HIGH |
| Tenda M3 V1.0.0.12 was discovered to contain multiple stack overflow vulnerabilities via the ssidList, storeName, and trademark parameters in the function formSetStoreWeb. | |||||
| CVE-2021-1106 | 1 Nvidia | 10 Jetson Agx Xavier, Jetson Linux, Jetson Nano and 7 more | 2022-07-08 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA Linux kernel distributions contain a vulnerability in nvmap, where writes may be allowed to read-only buffers, which may result in escalation of privileges, complete denial of service, unconstrained information disclosure, and serious data tampering of all processes on the system. | |||||
| CVE-2020-7881 | 2 Afreecatv, Microsoft | 2 Afreecatv, Windows | 2022-07-08 | 6.5 MEDIUM | 8.8 HIGH |
| The vulnerability function is enabled when the streamer service related to the AfreecaTV communicated through web socket using 21201 port. A stack-based buffer overflow leading to remote code execution was discovered in strcpy() operate by "FanTicket" field. It is because of stored data without validation of length. | |||||
| CVE-2022-33087 | 1 Tp-link | 4 Archer A5, Archer A5 Firmware, Archer C50 and 1 more | 2022-07-08 | 7.8 HIGH | 7.5 HIGH |
| A stack overflow in the function DM_ In fillobjbystr() of TP-Link Archer C50&A5(US)_V5_200407 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | |||||
| CVE-2021-3434 | 1 Zephyrproject | 1 Zephyr | 2022-07-08 | 4.6 MEDIUM | 7.8 HIGH |
| Stack based buffer overflow in le_ecred_conn_req(). Zephyr versions >= v2.5.0 Stack-based Buffer Overflow (CWE-121). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-8w87-6rfp-cfrm | |||||
| CVE-2022-24893 | 1 Espressif | 1 Esp-idf | 2022-07-08 | 8.3 HIGH | 8.8 HIGH |
| ESP-IDF is the official development framework for Espressif SoCs. In Espressif’s Bluetooth Mesh SDK (`ESP-BLE-MESH`), a memory corruption vulnerability can be triggered during provisioning, because there is no check for the `SegN` field of the Transaction Start PDU. This can result in memory corruption related attacks and potentially attacker gaining control of the entire system. Patch commits are available on the 4.1, 4.2, 4.3 and 4.4 branches and users are recommended to upgrade. The upgrade is applicable for all applications and users of `ESP-BLE-MESH` component from `ESP-IDF`. As it is implemented in the Bluetooth Mesh stack, there is no workaround for the user to fix the application layer without upgrading the underlying firmware. | |||||
| CVE-2022-33108 | 1 Xpdfreader | 1 Xpdf | 2022-07-08 | 6.8 MEDIUM | 7.8 HIGH |
| XPDF v4.04 was discovered to contain a stack overflow vulnerability via the Object::Copy class of object.cc files. | |||||
| CVE-2022-33007 | 1 Trendnet | 4 Tew-751dr, Tew-751dr Firmware, Tew-752dru and 1 more | 2022-07-07 | 5.8 MEDIUM | 8.8 HIGH |
| TRENDnet Wi-Fi routers TEW751DR v1.03 and TEW-752DRU v1.03 were discovered to contain a stack overflow via the function genacgi_main. | |||||
| CVE-2021-33647 | 1 Mindspore | 1 Mindspore | 2022-07-07 | 5.0 MEDIUM | 7.5 HIGH |
| When performing the inference shape operation of the Tile operator, if the input data type is not int or int32, it will access data outside of bounds of heap allocated buffers. | |||||
| CVE-2022-27666 | 4 Fedoraproject, Linux, Netapp and 1 more | 20 Fedora, Linux Kernel, H300e and 17 more | 2022-07-04 | 4.6 MEDIUM | 7.8 HIGH |
| A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. | |||||
| CVE-2022-2129 | 1 Vim | 1 Vim | 2022-07-04 | 6.8 MEDIUM | 7.8 HIGH |
| Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-0261 | 2 Debian, Vim | 2 Debian Linux, Vim | 2022-07-02 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2021-32995 | 1 Hornerautomation | 1 Cscape | 2022-07-02 | 6.8 MEDIUM | 7.8 HIGH |
| Cscape (All Versions prior to 9.90 SP5) lacks proper validation of user-supplied data when parsing project files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2021-33004 | 1 Advantech | 1 Webaccess\/hmi Designer | 2022-07-02 | 6.8 MEDIUM | 7.8 HIGH |
| The affected product is vulnerable to memory corruption condition due to lack of proper validation of user supplied files, which may allow an attacker to execute arbitrary code. User interaction is required on the WebAccess HMI Designer (versions 2.1.9.95 and prior). | |||||
| CVE-2022-23803 | 3 Debian, Fedoraproject, Kicad | 3 Debian Linux, Fedora, Eda | 2022-07-01 | 6.8 MEDIUM | 7.8 HIGH |
| A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadXYCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-23946 | 3 Debian, Fedoraproject, Kicad | 3 Debian Linux, Fedora, Kicad Eda | 2022-07-01 | 6.8 MEDIUM | 7.8 HIGH |
| A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon GCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-23947 | 3 Debian, Fedoraproject, Kicad | 3 Debian Linux, Fedora, Kicad Eda | 2022-07-01 | 6.8 MEDIUM | 7.8 HIGH |
| A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon DCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-41987 | 1 Mikrotik | 1 Routeros | 2022-06-30 | 6.8 MEDIUM | 8.1 HIGH |
| In the SCEP Server of RouterOS in certain Mikrotik products, an attacker can trigger a heap-based buffer overflow that leads to remote code execution. The attacker must know the scep_server_name value. This affects RouterOS 6.46.8, 6.47.9, and 6.47.10. | |||||
| CVE-2021-46817 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2022-06-30 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file. | |||||
| CVE-2021-46818 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2022-06-30 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Media Encoder version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file. | |||||
| CVE-2021-46816 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2022-06-30 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Premiere Pro version 15.4 (and earlier) are affected by a memory corruption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious M4A file. | |||||
| CVE-2021-28602 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2022-06-29 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe After Effects version 18.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28605 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2022-06-29 | 9.3 HIGH | 7.8 HIGH |
| Adobe After Effects version 18.2 (and earlier) is affected by a memory corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-28607 | 2 Adobe, Microsoft | 2 After Effects, Windows | 2022-06-29 | 9.3 HIGH | 7.8 HIGH |
| Adobe After Effects version 18.2 (and earlier) is affected by a heap corruption vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2020-13547 | 1 Foxitsoftware | 1 Foxit Reader | 2022-06-29 | 6.8 MEDIUM | 8.8 HIGH |
| A type confusion vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger an improper use of an object, resulting in memory corruption and arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | |||||
| CVE-2020-6556 | 4 Debian, Fedoraproject, Google and 1 more | 4 Debian Linux, Fedora, Chrome and 1 more | 2022-06-29 | 9.3 HIGH | 8.8 HIGH |
| Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.4147.135 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||