Total
2430 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-44283 | 1 Avs4you | 1 Avs Audio Converter | 2024-02-28 | N/A | 9.8 CRITICAL |
| AVS Audio Converter 10.3 is vulnerable to Buffer Overflow. | |||||
| CVE-2022-3628 | 1 Linux | 1 Linux Kernel | 2024-02-28 | N/A | 6.6 MEDIUM |
| A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges. | |||||
| CVE-2022-40996 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no firmwall srcmac (WORD|null) srcip (A.B.C.D|null) dstip (A.B.C.D|null) protocol (none|tcp|udp|icmp) srcport (<1-65535>|null) dstport (<1-65535>|null) policy (drop|accept) description (WORD|null)' command template. | |||||
| CVE-2022-45721 | 1 Ip-com | 2 M50, M50 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the picName parameter in the formDelWewifiPic function. | |||||
| CVE-2022-36279 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-02-28 | N/A | 8.8 HIGH |
| A stack-based buffer overflow vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2022-47087 | 1 Gpac | 1 Gpac | 2024-02-28 | N/A | 7.8 HIGH |
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b has a Buffer overflow in gf_vvc_read_pps_bs_internal function of media_tools/av_parsers.c | |||||
| CVE-2022-43391 | 1 Zyxel | 96 Ax7501-b0, Ax7501-b0 Firmware, Dx3301-t0 and 93 more | 2024-02-28 | N/A | 6.5 MEDIUM |
| A buffer overflow vulnerability in the parameter of the CGI program in Zyxel NR7101 firmware prior to V1.15(ACCC.3)C0, which could allow an authenticated attacker to cause denial-of-service (DoS) conditions by sending a crafted HTTP request. | |||||
| CVE-2022-44171 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function form_fast_setting_wifi_set. | |||||
| CVE-2023-22422 | 1 F5 | 12 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 9 more | 2024-02-28 | N/A | 7.5 HIGH |
| On BIG-IP versions 17.0.x before 17.0.0.2 and 16.1.x before 16.1.3.3, when a HTTP profile with the non-default Enforcement options of Enforce HTTP Compliance and Unknown Methods: Reject are configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2021-3966 | 1 Zephyrproject | 1 Zephyr | 2024-02-28 | N/A | 8.8 HIGH |
| usb device bluetooth class includes a buffer overflow related to implementation of net_buf_add_mem. | |||||
| CVE-2022-32526 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-02-28 | N/A | 9.8 CRITICAL |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted setting value messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170) | |||||
| CVE-2022-32524 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-02-28 | N/A | 9.8 CRITICAL |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted time reduced data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170) | |||||
| CVE-2023-22755 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2024-02-28 | N/A | 9.8 CRITICAL |
| There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | |||||
| CVE-2022-45712 | 1 Ip-com | 2 M50, M50 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsForward function. | |||||
| CVE-2022-46532 | 1 Tenda | 2 F1203, F1203 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
| Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceMac parameter at /goform/addWifiMacFilter. | |||||
| CVE-2022-46551 | 1 Tenda | 2 F1203, F1203 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
| Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the time parameter at /goform/saveParentControlInfo. | |||||
| CVE-2022-46824 | 2 Apple, Jetbrains | 2 Macos, Intellij Idea | 2024-02-28 | N/A | 7.8 HIGH |
| In JetBrains IntelliJ IDEA before 2022.2.4 a buffer overflow in the fsnotifier daemon on macOS was possible. | |||||
| CVE-2022-47949 | 1 Nintendo | 9 Animal Crossing\, Arms, Mario Kart 7 and 6 more | 2024-02-28 | N/A | 9.8 CRITICAL |
| The Nintendo NetworkBuffer class, as used in Animal Crossing: New Horizons before 2.0.6 and other products, allows remote attackers to execute arbitrary code via a large UDP packet that causes a buffer overflow, aka ENLBufferPwn. The victim must join a game session with the attacker. Other affected products include Mario Kart 7 before 1.2, Mario Kart 8, Mario Kart 8 Deluxe before 2.1.0, ARMS before 5.4.1, Splatoon, Splatoon 2 before 5.5.1, Splatoon 3 before late 2022, Super Mario Maker 2 before 3.0.2, and Nintendo Switch Sports before late 2022. | |||||
| CVE-2022-45707 | 1 Ip-com | 2 M50, M50 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsHijack function. | |||||
| CVE-2023-0996 | 1 Struktur | 1 Libheif | 2024-02-28 | N/A | 7.8 HIGH |
| There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call. | |||||