Total
2430 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-22845 | 1 Mikrotik | 1 Routeros | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
A buffer overflow in Mikrotik RouterOS 6.47 allows unauthenticated attackers to cause a denial of service (DOS) via crafted FTP requests. | |||||
CVE-2021-32968 | 1 Moxa | 8 Nport Iaw5150a-12i\/o, Nport Iaw5150a-12i\/o Firmware, Nport Iaw5150a-6i\/o and 5 more | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Two buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O Series firmware version 2.2 or earlier may allow a remote attacker to cause a denial-of-service condition. | |||||
CVE-2022-26750 | 1 Apple | 1 Macos | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2021-44627 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/get_reset_pwd_veirfy_code feature, which allows malicious users to execute arbitrary code on the system via a crafted post request. | |||||
CVE-2022-27387 | 2 Debian, Mariadb | 2 Debian Linux, Mariadb | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements. | |||||
CVE-2021-44622 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in the /cloud_config/router_post/check_reg_verify_code function which could let a remove malicious user execute arbitrary code via a crafted post request. | |||||
CVE-2021-30318 | 1 Qualcomm | 274 Apq8009w, Apq8009w Firmware, Apq8017 and 271 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
Improper validation of input when provisioning the HDCP key can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Voice & Music, Snapdragon Wearables | |||||
CVE-2022-26640 | 1 Tp-link | 2 Tl-wr840n, Tl-wr840n Firmware | 2024-02-28 | 6.5 MEDIUM | 7.2 HIGH |
TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the minAddress parameter. | |||||
CVE-2022-29242 | 1 Gost Engine Project | 1 Gost Engine | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
GOST engine is a reference implementation of the Russian GOST crypto algorithms for OpenSSL. TLS clients using GOST engine when ciphersuite `TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC` is agreed and the server uses 512 bit GOST secret keys are vulnerable to buffer overflow. GOST engine version 3.0.1 contains a patch for this issue. Disabling ciphersuite `TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC` is a possible workaround. | |||||
CVE-2022-29021 | 1 Openrazer Project | 1 Openrazer | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
A buffer overflow vulnerability exists in the razerkbd driver of OpenRazer up to version v3.3.0 allows attackers to cause a Denial of Service (DoS) and possibly escalate their privileges via a crafted buffer sent to the matrix_custom_frame device. | |||||
CVE-2021-43619 | 1 Arm | 1 Trusted Firmware-m | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
Trusted Firmware M 1.4.x through 1.4.1 has a buffer overflow issue in the Firmware Update partition. In the IPC model, a psa_fwu_write caller from SPE or NSPE can overwrite stack memory locations. | |||||
CVE-2021-4207 | 3 Debian, Qemu, Redhat | 3 Debian Linux, Qemu, Enterprise Linux | 2024-02-28 | 4.6 MEDIUM | 8.2 HIGH |
A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use this flaw to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process. | |||||
CVE-2022-26742 | 1 Apple | 1 Macos | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
CVE-2021-44493 | 2 Fisglobal, Yottadb | 2 Gt.m, Yottadb | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in YottaDB through r1.32 and V7.0-000 and FIS GT.M through V7.0-000. Using crafted input, an attacker can cause a call to $Extract to force an signed integer holding the size of a buffer to take on a large negative number, which is then used as the length of a memcpy call that occurs on the stack, causing a buffer overflow. | |||||
CVE-2022-23431 | 2 Google, Samsung | 2 Android, Exynos | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | |||||
CVE-2022-27242 | 1 Siemens | 1 Openv2g | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
A vulnerability has been identified in OpenV2G (V0.9.4). The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a buffer overflow that leads to memory corruption. | |||||
CVE-2022-32140 | 1 Codesys | 2 Plcwinnt, Runtime Toolkit | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
Multiple CODESYS products are affected to a buffer overflow.A low privileged remote attacker may craft a request, which can cause a buffer copy without checking the size of the service, resulting in a denial-of-service condition. User Interaction is not required. | |||||
CVE-2021-30327 | 1 Qualcomm | 158 Apq8097, Apq8097 Firmware, Apq8098 and 155 more | 2024-02-28 | 7.2 HIGH | 6.8 MEDIUM |
Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music | |||||
CVE-2021-44625 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
A Buffer Overflow vulnerability exists in TP-LINK WR-886N 20190826 2.3.8 in /cloud_config/cloud_device/info interface, which allows a malicious user to executee arbitrary code on the system via a crafted post request. | |||||
CVE-2021-3555 | 1 Eufylife | 4 Solo Indoorcam C24, Solo Indoorcam C24 Firmware, Solo Indoorcam P24 and 1 more | 2024-02-28 | 5.4 MEDIUM | 8.8 HIGH |
A Buffer Overflow vulnerability in the RSTP server component of Eufy Indoor 2K Indoor Camera allows a local attacker to achieve remote code execution. This issue affects: Eufy Indoor 2K Indoor Camera 2.0.9.3 version and prior versions. |