Total
2430 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-45720 | 1 Ip-com | 2 M50, M50 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the ip, mac, and remark parameters in the formIPMacBindModify function. | |||||
| CVE-2023-24482 | 1 Siemens | 1 Comos | 2024-02-28 | N/A | 9.8 CRITICAL |
| A vulnerability has been identified in COMOS V10.2 (All versions), COMOS V10.3.3.1 (All versions < V10.3.3.1.45), COMOS V10.3.3.2 (All versions < V10.3.3.2.33), COMOS V10.3.3.3 (All versions < V10.3.3.3.9), COMOS V10.3.3.4 (All versions < V10.3.3.4.6), COMOS V10.4.0.0 (All versions < V10.4.0.0.31), COMOS V10.4.1.0 (All versions < V10.4.1.0.32), COMOS V10.4.2.0 (All versions < V10.4.2.0.25). Cache validation service in COMOS is vulnerable to Structured Exception Handler (SEH) based buffer overflow. This could allow an attacker to execute arbitrary code on the target system or cause denial of service condition. | |||||
| CVE-2022-47035 | 1 Dlink | 2 Dir-825, Dir-825 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| Buffer Overflow Vulnerability in D-Link DIR-825 v1.33.0.44ebdd4-embedded and below allows attacker to execute arbitrary code via the GetConfig method to the /CPE endpoint. | |||||
| CVE-2022-47654 | 1 Gpac | 1 Gpac | 2024-02-28 | N/A | 7.8 HIGH |
| GPAC MP4box 2.1-DEV-rev593-g007bf61a0 is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8261 | |||||
| CVE-2021-37311 | 1 Fcitx 5 Project | 1 Fcitx 5 | 2024-02-28 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in fcitx5 5.0.8 allows attackers to cause a denial of service via crafted message to the application's listening port. | |||||
| CVE-2022-47091 | 1 Gpac | 1 Gpac | 2024-02-28 | N/A | 7.8 HIGH |
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer Overflow in gf_text_process_sub function of filters/load_text.c | |||||
| CVE-2022-40989 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'bandwidth WORD dlrate <1-9999> dlceil <1-9999> ulrate <1-9999> ulceil <1-9999> priority (highest|high|normal|low|lowest)' command template. | |||||
| CVE-2021-33983 | 1 Flatcc Project | 1 Flatcc | 2024-02-28 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in Dvidelabs flatcc v.0.6.0 allows local attacker to execute arbitrary code via the fltacc execution of the error_ref_sym function. | |||||
| CVE-2023-22753 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2024-02-28 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2022-45650 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the firewallEn parameter in the formSetFirewallCfg function. | |||||
| CVE-2022-45664 | 1 Tenda | 2 I22, I22 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
| Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDget function. | |||||
| CVE-2022-45648 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the devName parameter in the formSetDeviceName function. | |||||
| CVE-2022-33276 | 1 Qualcomm | 268 Ar8035, Ar8035 Firmware, Ar9380 and 265 more | 2024-02-28 | N/A | 7.8 HIGH |
| Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command. | |||||
| CVE-2022-45658 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedEndTime parameter in the setSchedWifi function. | |||||
| CVE-2022-46550 | 1 Tenda | 2 F1203, F1203 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
| Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the urls parameter at /goform/saveParentControlInfo. | |||||
| CVE-2022-43392 | 1 Zyxel | 96 Ax7501-b0, Ax7501-b0 Firmware, Dx3301-t0 and 93 more | 2024-02-28 | N/A | 6.5 MEDIUM |
| A buffer overflow vulnerability in the parameter of web server in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted authorization request. | |||||
| CVE-2022-40990 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no bandwidth WORD dlrate <1-9999> dlceil <1-9999> ulrate <1-9999> ulceil <1-9999> priority (highest|high|normal|low|lowest)' command template. | |||||
| CVE-2023-27585 | 1 Teluu | 1 Pjsip | 2024-02-28 | N/A | 7.5 HIGH |
| PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to CVE-2022-24793. The difference is that this issue is in parsing the query record `parse_query()`, while the issue in CVE-2022-24793 is in `parse_rr()`. A patch is available as commit `d1c5e4d` in the `master` branch. A workaround is to disable DNS resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver implementation instead. | |||||
| CVE-2022-24324 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-02-28 | N/A | 9.8 CRITICAL |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22073) | |||||
| CVE-2022-45666 | 1 Tenda | 2 I22, I22 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
| Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDset function. | |||||