Total
2430 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-25746 | 1 Qualcomm | 196 Aqt1000, Aqt1000 Firmware, Ar8035 and 193 more | 2024-02-28 | N/A | 7.8 HIGH |
| Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping. | |||||
| CVE-2022-45716 | 1 Ip-com | 2 M50, M50 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formIPMacBindDel function. | |||||
| CVE-2022-23468 | 2 Debian, Neutrinolabs | 2 Debian Linux, Xrdp | 2024-02-28 | N/A | 9.8 CRITICAL |
| xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_login_wnd_create() function. There are no known workarounds for this issue. Users are advised to upgrade. | |||||
| CVE-2022-46540 | 1 Tenda | 2 F1203, F1203 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
| Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the entrys parameter at /goform/addressNat. | |||||
| CVE-2022-40998 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'no gre index <1-8> destination A.B.C.D/M description (WORD|null)' command template. | |||||
| CVE-2023-24809 | 1 Nethack | 1 Nethack | 2024-02-28 | N/A | 5.5 MEDIUM |
| NetHack is a single player dungeon exploration game. Starting with version 3.6.2 and prior to version 3.6.7, illegal input to the "C" (call) command can cause a buffer overflow and crash the NetHack process. This vulnerability may be a security issue for systems that have NetHack installed suid/sgid and for shared systems. For all systems, it may result in a process crash. This issue is resolved in NetHack 3.6.7. There are no known workarounds. | |||||
| CVE-2021-33897 | 1 Synthesiagame | 1 Synthesia | 2024-02-28 | N/A | 5.5 MEDIUM |
| A buffer overflow in Synthesia before 10.7.5567, when a non-Latin locale is used, allows user-assisted attackers to cause a denial of service (application crash) via a crafted MIDI file with malformed bytes. This file is mishandled during a deletion attempt. In Synthesia before 10.9, an improper path handling allows local attackers to cause a denial of service (application crash) via a crafted MIDI file with malformed bytes. | |||||
| CVE-2022-41001 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these vulnerabilities.This buffer overflow is in the function that manages the 'icmp check link WORD destination WORD interval <1-255> retries <1-255> description (WORD|null)' command template. | |||||
| CVE-2023-26767 | 1 Liblouis | 1 Liblouis | 2024-02-28 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the lou_logFile function at logginc.c endpoint. | |||||
| CVE-2022-47664 | 1 Struktur | 1 Libde265 | 2024-02-28 | N/A | 7.8 HIGH |
| Libde265 1.0.9 is vulnerable to Buffer Overflow in ff_hevc_put_hevc_qpel_pixels_8_sse | |||||
| CVE-2022-32527 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-02-28 | N/A | 9.8 CRITICAL |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm cache data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170) | |||||
| CVE-2023-27852 | 1 Netgear | 2 Rax30, Rax30 Firmware | 2024-02-28 | N/A | 9.8 CRITICAL |
| NETGEAR Nighthawk WiFi6 Router prior to V1.0.10.94 contains a buffer overflow vulnerability in various CGI mechanisms that could allow an attacker to execute arbitrary code on the device. | |||||
| CVE-2022-46534 | 1 Tenda | 2 F1203, F1203 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
| Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the speed_dir parameter at /goform/SetSpeedWan. | |||||
| CVE-2022-46544 | 1 Tenda | 2 F1203, F1203 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
| Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the cmdinput parameter at /goform/exeCommand. | |||||
| CVE-2023-22416 | 1 Juniper | 46 Junos, Mx10, Mx10000 and 43 more | 2024-02-28 | N/A | 7.5 HIGH |
| A Buffer Overflow vulnerability in SIP ALG of Juniper Networks Junos OS allows a network-based, unauthenticated attacker to cause a Denial of Service (DoS). On all MX Series and SRX Series platform with SIP ALG enabled, when a malformed SIP packet is received, the flow processing daemon (flowd) will crash and restart. This issue affects: Juniper Networks Junos OS on MX Series and SRX Series 20.4 versions prior to 20.4R3-S5; 21.1 versions prior to 21.1R3-S4; 21.2 versions prior to 21.2R3-S2; 21.3 versions prior to 21.3R3-S1; 21.4 versions prior to 21.4R3; 22.1 versions prior to 22.1R1-S2, 22.1R2; 22.2 versions prior to 22.2R1-S1, 22.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 20.4R1 on SRX Series. | |||||
| CVE-2022-45654 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the ssid parameter in the form_fast_setting_wifi_set function. | |||||
| CVE-2022-1892 | 1 Lenovo | 140 100e 2nd Gen, 100e 2nd Gen Firmware, 100w Gen 3 and 137 more | 2024-02-28 | N/A | 7.8 HIGH |
| A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code. | |||||
| CVE-2022-46549 | 1 Tenda | 2 F1203, F1203 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
| Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/saveParentControlInfo. | |||||
| CVE-2022-45646 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2024-02-28 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeedUp parameter in the formSetClientState function. | |||||
| CVE-2022-23479 | 2 Debian, Neutrinolabs | 2 Debian Linux, Xrdp | 2024-02-28 | N/A | 9.8 CRITICAL |
| xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_mm_chan_data_in() function. There are no known workarounds for this issue. Users are advised to upgrade. | |||||