Total
2592 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-25514 | 1 Nothings | 1 Stb Truetype.h | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT() at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input. | |||||
| CVE-2022-24949 | 1 Eternal Terminal Project | 1 Eternal Terminal | 2024-11-21 | N/A | 7.5 HIGH |
| A privilege escalation to root exists in Eternal Terminal prior to version 6.2.0. This is due to the combination of a race condition, buffer overflow, and logic bug all in PipeSocketHandler::listen(). | |||||
| CVE-2022-24910 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| A buffer overflow vulnerability exists in the httpd parse_ping_result API functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. | |||||
| CVE-2022-24807 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a malformed OID in a SET request to `SNMP-VIEW-BASED-ACM-MIB::vacmAccessTable` can cause an out-of-bounds memory access. A user with read-write credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. | |||||
| CVE-2022-24805 | 2024-11-21 | N/A | 6.5 MEDIUM | ||
| net-snmp provides various tools relating to the Simple Network Management Protocol. Prior to version 5.9.2, a buffer overflow in the handling of the `INDEX` of `NET-SNMP-VACM-MIB` can cause an out-of-bounds memory access. A user with read-only credentials can exploit the issue. Version 5.9.2 contains a patch. Users should use strong SNMPv3 credentials and avoid sharing the credentials. Those who must use SNMPv1 or SNMPv2c should use a complex community string and enhance the protection by restricting access to a given IP address range. | |||||
| CVE-2022-24793 | 2 Debian, Pjsip | 2 Debian Linux, Pjsip | 2024-11-21 | 4.3 MEDIUM | 7.5 HIGH |
| PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.12 and prior affects applications that use PJSIP DNS resolution. It doesn't affect PJSIP users who utilize an external resolver. This vulnerability is related to CVE-2023-27585. The difference is that this issue is in parsing the query record `parse_rr()`, while the issue in CVE-2023-27585 is in `parse_query()`. A patch is available in the `master` branch of the `pjsip/pjproject` GitHub repository. A workaround is to disable DNS resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver instead. | |||||
| CVE-2022-24764 | 2 Debian, Teluu | 2 Debian Linux, Pjsip | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| PJSIP is a free and open source multimedia communication library written in C. Versions 2.12 and prior contain a stack buffer overflow vulnerability that affects PJSUA2 users or users that call the API `pjmedia_sdp_print(), pjmedia_sdp_media_print()`. Applications that do not use PJSUA2 and do not directly call `pjmedia_sdp_print()` or `pjmedia_sdp_media_print()` should not be affected. A patch is available on the `master` branch of the `pjsip/pjproject` GitHub repository. There are currently no known workarounds. | |||||
| CVE-2022-24754 | 2 Debian, Teluu | 2 Debian Linux, Pjsip | 2024-11-21 | 7.5 HIGH | 8.5 HIGH |
| PJSIP is a free and open source multimedia communication library written in C language. In versions prior to and including 2.12 PJSIP there is a stack-buffer overflow vulnerability which only impacts PJSIP users who accept hashed digest credentials (credentials with data_type `PJSIP_CRED_DATA_DIGEST`). This issue has been patched in the master branch of the PJSIP repository and will be included with the next release. Users unable to upgrade need to check that the hashed digest data length must be equal to `PJSIP_MD5STRLEN` before passing to PJSIP. | |||||
| CVE-2022-24705 | 1 Accel-ppp | 1 Accel-ppp | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The rad_packet_recv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary memory. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability. | |||||
| CVE-2022-24704 | 1 Accel-ppp | 1 Accel-ppp | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The rad_packet_recv function in opt/src/accel-pppd/radius/packet.c suffers from a buffer overflow vulnerability, whereby user input len is copied into a fixed buffer &attr->val.integer without any bound checks. If the client connects to the server and sends a large radius packet, a buffer overflow vulnerability will be triggered. | |||||
| CVE-2022-24702 | 1 Winaprs | 1 Winaprs | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in WinAPRS 2.9.0. A buffer overflow in the VHF KISS TNC component allows a remote attacker to achieve remote code execution via malicious AX.25 packets over the air. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | |||||
| CVE-2022-24701 | 1 Winaprs | 1 Winaprs | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in WinAPRS 2.9.0. A buffer overflow in national.txt processing allows a local attacker to cause a denial of service or possibly achieve code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | |||||
| CVE-2022-24700 | 1 Winaprs | 1 Winaprs | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in WinAPRS 2.9.0. A buffer overflow in DIGI address processing for VHF KISS packets allows a remote attacker to cause a denial of service (daemon crash) via a malicious AX.25 packet over the air. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | |||||
| CVE-2022-24350 | 1 Insyde | 1 Insydeh2o | 2024-11-21 | N/A | 5.5 MEDIUM |
| An issue was discovered in IhisiSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. IHISI function 0x17 verifies that the output buffer lies within the command buffer but does not verify that output data does not go beyond the end of the command buffer. In particular, the GetFlashTable function is called directly on the Command Buffer before the DataSize is check, leading to possible circumstances where the data immediately following the command buffer could be destroyed before returning a buffer size error. | |||||
| CVE-2022-24324 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | N/A | 9.8 CRITICAL |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22073) | |||||
| CVE-2022-24313 | 1 Schneider-electric | 1 Interactive Graphical Scada System Data Server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior) | |||||
| CVE-2022-24130 | 3 Debian, Fedoraproject, Invisible-island | 3 Debian Linux, Fedora, Xterm | 2024-11-21 | 2.6 LOW | 5.5 MEDIUM |
| xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text. | |||||
| CVE-2022-24029 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2024-11-21 | N/A | 9.8 CRITICAL |
| A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the rp-pppoe.so binary. | |||||
| CVE-2022-24028 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2024-11-21 | N/A | 9.8 CRITICAL |
| A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the libcommonprod.so binary. | |||||
| CVE-2022-24027 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2024-11-21 | N/A | 9.8 CRITICAL |
| A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all occurances of the buffer overflow vulnerability within the libcommon.so binary. | |||||