Search
Total
6424 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-4933 | 2 Apple, Vmware | 4 Mac Os X, Esxi, Fusion and 1 more | 2022-02-03 | 6.0 MEDIUM | 8.8 HIGH |
| VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a heap overflow via a specific set of VNC packets resulting in heap corruption. Successful exploitation of this issue could result in remote code execution in a virtual machine via the authenticated VNC session. Note: In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine's .vmx configuration file. In addition, ESXi must be configured to allow VNC traffic through the built-in firewall. | |||||
| CVE-2016-9343 | 1 Rockwellautomation | 32 1768 Compact Guardlogix L4xs Controller, 1768 Compact Guardlogix L4xs Controller Firmware, 1768 Compactlogix L4x Controller and 29 more | 2022-02-03 | 7.5 HIGH | 10.0 CRITICAL |
| An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service. | |||||
| CVE-2012-0254 | 1 Honeywell | 3 Enterprise Building Manager, Experion, Symmetre | 2022-02-03 | 7.5 HIGH | N/A |
| Stack-based buffer overflow in the HMIWeb Browser HSCDSPRenderDLL ActiveX control in Honeywell Process Solutions (HPS) Experion R2xx, R30x, R31x, and R400.x; Honeywell Building Solutions (HBS) Enterprise Building Manager R400 and R410.1; and Honeywell Environmental Combustion and Controls (ECC) SymmetrE R410.1 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2017-4924 | 1 Vmware | 3 Esxi, Fusion, Workstation Pro | 2022-02-03 | 7.2 HIGH | 8.8 HIGH |
| VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device. This issue may allow a guest to execute code on the host. | |||||
| CVE-2013-0662 | 2 Schneider-electric, Schneider Electric | 13 Concept, Modbus Serial Driver, Modbuscommdtm Sl and 10 more | 2022-02-03 | 9.3 HIGH | N/A |
| Multiple stack-based buffer overflows in ModbusDrv.exe in Schneider Electric Modbus Serial Driver 1.10 through 3.2 allow remote attackers to execute arbitrary code via a large buffer-size value in a Modbus Application Header. | |||||
| CVE-2021-43024 | 2 Adobe, Microsoft | 2 Premiere Rush, Windows | 2022-02-03 | 9.3 HIGH | 7.8 HIGH |
| Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability. | |||||
| CVE-2022-23967 | 1 Tightvnc | 1 Tightvnc | 2022-02-02 | 7.5 HIGH | 9.8 CRITICAL |
| In TightVNC 1.3.10, there is an integer signedness error and resultant heap-based buffer overflow in InitialiseRFBConnection in rfbproto.c (for the vncviewer component). There is no check on the size given to malloc, e.g., -1 is accepted. This allocates a chunk of size zero, which will give a heap pointer. However, one can send 0xffffffff bytes of data, which can have a DoS impact or lead to remote code execution. | |||||
| CVE-2021-22807 | 1 Schneider-electric | 1 Guicon | 2022-02-02 | 6.8 MEDIUM | 7.8 HIGH |
| A CWE-787: Out-of-bounds Write vulnerability exists that could cause arbitrary code execution when a malicious *.gd1 configuration file is loaded into the GUIcon tool. Affected Product: Eurotherm by Schneider Electric GUIcon Version 2.0 (Build 683.003) and prior | |||||
| CVE-2021-46527 | 1 Cesanta | 1 Mjs | 2022-02-01 | 6.8 MEDIUM | 7.8 HIGH |
| Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_get_cstring at src/mjs_string.c. | |||||
| CVE-2021-46524 | 1 Cesanta | 1 Mjs | 2022-02-01 | 6.8 MEDIUM | 7.8 HIGH |
| Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via snquote at mjs/src/mjs_json.c. | |||||
| CVE-2021-46523 | 1 Cesanta | 1 Mjs | 2022-02-01 | 6.8 MEDIUM | 7.8 HIGH |
| Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via to_json_or_debug at mjs/src/mjs_json.c. | |||||
| CVE-2021-46522 | 1 Cesanta | 1 Mjs | 2022-02-01 | 6.8 MEDIUM | 7.8 HIGH |
| Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via /usr/lib/x86_64-linux-gnu/libasan.so.4+0xaff53. | |||||
| CVE-2021-46519 | 1 Cesanta | 1 Mjs | 2022-02-01 | 6.8 MEDIUM | 7.8 HIGH |
| Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_array_length at src/mjs_array.c. | |||||
| CVE-2021-46520 | 1 Cesanta | 1 Mjs | 2022-02-01 | 6.8 MEDIUM | 7.8 HIGH |
| Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_jprintf at src/mjs_util.c. | |||||
| CVE-2021-46518 | 1 Cesanta | 1 Mjs | 2022-02-01 | 6.8 MEDIUM | 7.8 HIGH |
| Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_disown at src/mjs_core.c. | |||||
| CVE-2021-36347 | 1 Dell | 4 Integrated Dell Remote Access Controller 8, Integrated Dell Remote Access Controller 8 Firmware, Integrated Dell Remote Access Controller 9 and 1 more | 2022-01-31 | 9.0 HIGH | 7.2 HIGH |
| iDRAC9 versions prior to 5.00.20.00 and iDRAC8 versions prior to 2.82.82.82 contain a stack-based buffer overflow vulnerability. An authenticated remote attacker with high privileges could potentially exploit this vulnerability to control process execution and gain access to the iDRAC operating system. | |||||
| CVE-2020-7502 | 1 Schneider-electric | 2 Modicon M218, Modicon M218 Firmware | 2022-01-31 | 5.0 MEDIUM | 7.5 HIGH |
| A CWE-787: Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (Firmware version 4.3 and prior), which may cause a Denial of Service when specific TCP/IP crafted packets are sent to the Modicon M218 Logic Controller. | |||||
| CVE-2020-7524 | 1 Schneider-electric | 2 Modicon M218, Modicon M218 Firmware | 2022-01-31 | 5.0 MEDIUM | 7.5 HIGH |
| Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (V5.0.0.7 and prior) which could cause Denial of Service when sending specific crafted IPV4 packet to the controller: Sending a specific IPv4 protocol package to Schneider Electric Modicon M218 Logic Controller can cause IPv4 devices to go down. The device does not work properly and must be powered back on to return to normal. | |||||
| CVE-2016-2292 | 1 Schneider-electric | 4 Proface Gp-pro Ex Ex-ed, Proface Gp-pro Ex Pfxexedls, Proface Gp-pro Ex Pfxexedv and 1 more | 2022-01-31 | 4.3 MEDIUM | 6.5 MEDIUM |
| Stack-based buffer overflow in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2016-2290 | 1 Schneider-electric | 4 Proface Gp-pro Ex Ex-ed, Proface Gp-pro Ex Pfxexedls, Proface Gp-pro Ex Pfxexedv and 1 more | 2022-01-31 | 6.8 MEDIUM | 8.8 HIGH |
| Heap-based buffer overflow in Pro-face GP-Pro EX EX-ED before 4.05.000, PFXEXEDV before 4.05.000, PFXEXEDLS before 4.05.000, and PFXEXGRPLS before 4.05.000 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2017-9445 | 1 Systemd Project | 1 Systemd | 2022-01-31 | 5.0 MEDIUM | 7.5 HIGH |
| In systemd through 233, certain sizes passed to dns_packet_new in systemd-resolved can cause it to allocate a buffer that's too small. A malicious DNS server can exploit this via a response with a specially crafted TCP payload to trick systemd-resolved into allocating a buffer that's too small, and subsequently write arbitrary data beyond the end of it. | |||||
| CVE-2016-10196 | 3 Debian, Libevent Project, Mozilla | 5 Debian Linux, Libevent, Firefox and 2 more | 2022-01-31 | 5.0 MEDIUM | 7.5 HIGH |
| Stack-based buffer overflow in the evutil_parse_sockaddr_port function in evutil.c in libevent before 2.1.6-beta allows attackers to cause a denial of service (segmentation fault) via vectors involving a long string in brackets in the ip_as_string argument. | |||||
| CVE-2020-15999 | 5 Debian, Fedoraproject, Freetype and 2 more | 5 Debian Linux, Fedora, Freetype and 2 more | 2022-01-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-22045 | 2 Apple, Vmware | 5 Mac Os X, Cloud Foundation, Esxi and 2 more | 2022-01-27 | 6.9 MEDIUM | 7.8 HIGH |
| VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device emulation may be able to exploit this vulnerability in conjunction with other issues to execute code on the hypervisor from a virtual machine. | |||||
| CVE-2021-46324 | 1 Espruino | 1 Espruino | 2022-01-27 | 6.8 MEDIUM | 7.8 HIGH |
| Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString. | |||||
| CVE-2021-46325 | 1 Espruino | 1 Espruino | 2022-01-27 | 6.8 MEDIUM | 7.8 HIGH |
| Espruino 2v10.246 was discovered to contain a stack buffer overflow via src/jsutils.c in vcbprintf. | |||||
| CVE-2021-46482 | 1 Jsish | 1 Jsish | 2022-01-27 | 6.8 MEDIUM | 7.8 HIGH |
| Jsish v3.5.0 was discovered to contain a heap buffer overflow via NumberConstructor at src/jsiNumber.c. | |||||
| CVE-2021-46483 | 1 Jsish | 1 Jsish | 2022-01-27 | 6.8 MEDIUM | 7.8 HIGH |
| Jsish v3.5.0 was discovered to contain a heap buffer overflow via BooleanConstructor at src/jsiBool.c. | |||||
| CVE-2021-46480 | 1 Jsish | 1 Jsish | 2022-01-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiValueObjDelete in src/jsiEval.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46478 | 1 Jsish | 1 Jsish | 2022-01-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiClearStack in src/jsiEval.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46474 | 1 Jsish | 1 Jsish | 2022-01-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiEvalCodeSub in src/jsiEval.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46475 | 1 Jsish | 1 Jsish | 2022-01-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsi_ArraySliceCmd in src/jsiArray.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46477 | 1 Jsish | 1 Jsish | 2022-01-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| Jsish v3.5.0 was discovered to contain a heap buffer overflow via RegExp_constructor in src/jsiRegexp.c. This vulnerability can lead to a Denial of Service (DoS). | |||||
| CVE-2021-46238 | 1 Gpac | 1 Gpac | 2022-01-26 | 4.3 MEDIUM | 5.5 MEDIUM |
| GPAC v1.1.0 was discovered to contain a stack overflow via the function gf_node_get_name () at scenegraph/base_scenegraph.c. This vulnerability can lead to a program crash, causing a Denial of Service (DoS). | |||||
| CVE-2022-22895 | 1 Jerryscript | 1 Jerryscript | 2022-01-26 | 6.8 MEDIUM | 7.8 HIGH |
| Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via ecma_utf8_string_to_number_by_radix in /jerry-core/ecma/base/ecma-helpers-conversion.c. | |||||
| CVE-2022-22894 | 1 Jerryscript | 1 Jerryscript | 2022-01-26 | 6.8 MEDIUM | 7.8 HIGH |
| Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_lcache_lookup in /jerry-core/ecma/base/ecma-lcache.c. | |||||
| CVE-2022-22893 | 1 Jerryscript | 1 Jerryscript | 2022-01-26 | 6.8 MEDIUM | 7.8 HIGH |
| Jerryscript 3.0.0 was discovered to contain a stack overflow via vm_loop.lto_priv.304 in /jerry-core/vm/vm.c. | |||||
| CVE-2022-22888 | 1 Jerryscript | 1 Jerryscript | 2022-01-26 | 6.8 MEDIUM | 7.8 HIGH |
| Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_op_object_find_own in /ecma/operations/ecma-objects.c. | |||||
| CVE-2021-46328 | 1 Moddable | 1 Moddable Sdk | 2022-01-26 | 6.8 MEDIUM | 7.8 HIGH |
| Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow via the component __libc_start_main. | |||||
| CVE-2021-46326 | 1 Moddable | 1 Moddable Sdk | 2022-01-26 | 6.8 MEDIUM | 7.8 HIGH |
| Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow via the component __asan_memcpy. | |||||
| CVE-2021-46332 | 1 Moddable | 1 Moddable Sdk | 2022-01-26 | 6.8 MEDIUM | 7.8 HIGH |
| Moddable SDK v11.5.0 was discovered to contain a heap-buffer-overflow via xs/sources/xsDataView.c in fxUint8Getter. | |||||
| CVE-2021-46334 | 1 Moddable | 1 Moddable Sdk | 2022-01-26 | 6.8 MEDIUM | 7.8 HIGH |
| Moddable SDK v11.5.0 was discovered to contain a stack buffer overflow via the component __interceptor_strcat. | |||||
| CVE-2021-33913 | 1 Libspf2 Project | 1 Libspf2 | 2022-01-26 | 9.3 HIGH | 9.8 CRITICAL |
| libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with a crafted SPF DNS record, because of SPF_record_expand_data in spf_expand.c. The amount of overflowed data depends on the relationship between the length of an entire domain name and the length of its leftmost label. The vulnerable code may be part of the supply chain of a site's e-mail infrastructure (e.g., with additional configuration, Exim can use libspf2; the Postfix web site links to unofficial patches for use of libspf2 with Postfix; older versions of spfquery relied on libspf2) but most often is not. | |||||
| CVE-2021-33912 | 2 Debian, Libspf2 Project | 2 Debian Linux, Libspf2 | 2022-01-26 | 9.3 HIGH | 9.8 CRITICAL |
| libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with a crafted SPF DNS record, because of incorrect sprintf usage in SPF_record_expand_data in spf_expand.c. The vulnerable code may be part of the supply chain of a site's e-mail infrastructure (e.g., with additional configuration, Exim can use libspf2; the Postfix web site links to unofficial patches for use of libspf2 with Postfix; older versions of spfquery relied on libspf2) but most often is not. | |||||
| CVE-2021-38783 | 1 Allwinnertech | 2 Android Q Sdk, R818 | 2022-01-26 | 7.8 HIGH | 7.5 HIGH |
| There is a Out-of-Bound Write in the Allwinner R818 SoC Android Q SDK V1.0 camera driver "/dev/cedar_dev" through iotcl cmd IOCTL_SET_PROC_INFO and IOCTL_COPY_PROC_INFO, which could cause a system crash or EoP. | |||||
| CVE-2021-38691 | 1 Qnap | 3 Qvr Elite, Qvr Guard, Qvr Pro | 2022-01-25 | 7.5 HIGH | 9.8 CRITICAL |
| A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later | |||||
| CVE-2021-38690 | 1 Qnap | 3 Qvr Elite, Qvr Guard, Qvr Pro | 2022-01-25 | 7.5 HIGH | 9.8 CRITICAL |
| A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later | |||||
| CVE-2021-38689 | 1 Qnap | 3 Qvr Elite, Qvr Guard, Qvr Pro | 2022-01-25 | 7.5 HIGH | 9.8 CRITICAL |
| A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Guard 2.1.3.0 (2021/12/06) and later | |||||
| CVE-2021-38682 | 1 Qnap | 3 Qvr Elite, Qvr Guard, Qvr Pro | 2022-01-25 | 7.5 HIGH | 9.8 CRITICAL |
| A stack buffer overflow vulnerability has been reported to affect QNAP device running QVR Elite, QVR Pro, QVR Guard. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of QVR Elite, QVR Pro, QVR Guard: QuTS hero h5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QuTS hero h4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 5.0.0: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Elite 2.1.4.0 (2021/12/06) and later QTS 4.5.4: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 5.0.0: QVR Pro 2.1.3.0 (2021/12/06) and later QTS 4.5.4: QVR Guard 2.1.3.0 and later QTS 5.0.0: QVR Guard 2.1.3.0 and later | |||||
| CVE-2020-14107 | 1 Mi | 1 Xiaomi Mirror Screen | 2022-01-24 | 5.0 MEDIUM | 7.5 HIGH |
| A stack overflow in the HTTP server of Cast can be exploited to make the app crash in LAN. | |||||