Total
2430 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-26414 | 1 Zyxel | 64 Ax7501-b0, Ax7501-b0 Firmware, Dx5401-b0 and 61 more | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
| A potential buffer overflow vulnerability was identified in some internal functions of Zyxel VMG3312-T20A firmware version 5.30(ABFX.5)C0, which could be exploited by a local authenticated attacker to cause a denial of service. | |||||
| CVE-2021-22802 | 1 Schneider-electric | 1 Interactive Graphical Scada System Data Collector | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution due to missing length check on user supplied data, when a constructed message is received on the network. Affected Product: Interactive Graphical SCADA System Data Collector (dc.exe) (V15.0.0.21243 and prior) | |||||
| CVE-2022-30552 | 1 Denx | 1 U-boot | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
| Das U-Boot 2022.01 has a Buffer Overflow. | |||||
| CVE-2022-24910 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2024-02-28 | 4.6 MEDIUM | 6.7 MEDIUM |
| A buffer overflow vulnerability exists in the httpd parse_ping_result API functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability. | |||||
| CVE-2022-1110 | 1 Lenovo | 1 Smart Standby Driver | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
| A buffer overflow vulnerability in Lenovo Smart Standby Driver prior to version 4.1.50.0 could allow a local attacker to cause denial of service. | |||||
| CVE-2022-30784 | 3 Debian, Fedoraproject, Tuxera | 3 Debian Linux, Fedora, Ntfs-3g | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
| A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22. | |||||
| CVE-2022-26753 | 1 Apple | 1 Macos | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-46122 | 1 Tp-link | 2 Tl-wr840n, Tl-wr840n Firmware | 2024-02-28 | 9.0 HIGH | 7.2 HIGH |
| Tp-Link TL-WR840N (EU) v6.20 Firmware (0.9.1 4.17 v0001.0 Build 201124 Rel.64328n) is vulnerable to Buffer Overflow via the Password reset feature. | |||||
| CVE-2022-21742 | 1 Realtek | 14 Rtl8152b, Rtl8152b Firmware, Rtl8153 and 11 more | 2024-02-28 | 3.3 LOW | 6.5 MEDIUM |
| Realtek USB driver has a buffer overflow vulnerability due to insufficient parameter length verification in the API function. An unauthenticated LAN attacker can exploit this vulnerability to disrupt services. | |||||
| CVE-2022-24705 | 1 Accel-ppp | 1 Accel-ppp | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| The rad_packet_recv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary memory. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability. | |||||
| CVE-2022-30033 | 1 Tenda | 2 Tx9 Pro, Tx9 Pro Firmware | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
| Tenda TX9 Pro V22.03.02.10 is vulnerable to Buffer Overflow via the functtion setIPv6Status() in httpd module. | |||||
| CVE-2021-38772 | 1 Tendacn | 2 Ac10, Ac10 Firmware | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
| Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function. | |||||
| CVE-2021-42863 | 1 Jerryscript | 1 Jerryscript | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow in ecma_builtin_typedarray_prototype_filter() in JerryScript version fe3a5c0 allows an attacker to construct a fake object or a fake arraybuffer with unlimited size. | |||||
| CVE-2022-26754 | 1 Apple | 1 Macos | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-23850 | 1 Bosch | 136 Autodome 7000, Autodome 7000 Firmware, Autodome Ip 4000 Hd and 133 more | 2024-02-28 | 6.5 MEDIUM | 7.2 HIGH |
| A specially crafted TCP/IP packet may cause a camera recovery image telnet interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload of a new firmware in case of a damaged firmware. | |||||
| CVE-2022-0636 | 1 Lenovo | 1 Thin Installer | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
| A denial of service vulnerability was reported in Lenovo Thin Installer prior to version 1.3.0039 that could trigger a system crash. | |||||
| CVE-2021-43636 | 1 Totolink | 2 T10 V2, T10 V2 Firmware | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| Two Buffer Overflow vulnerabilities exists in T10 V2_Firmware V4.1.8cu.5207_B20210320 in the http_request_parse function when processing host data in the HTTP request process. | |||||
| CVE-2021-30309 | 1 Qualcomm | 86 Mdm9650, Mdm9650 Firmware, Qca6174a and 83 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
| Improper size validation of QXDM commands can lead to memory corruption in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
| CVE-2022-29189 | 1 Pion | 1 Dtls | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
| Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, a buffer that was used for inbound network traffic had no upper limit. Pion DTLS would buffer all network traffic from the remote user until the handshake completes or timed out. An attacker could exploit this to cause excessive memory usage. Version 2.1.4 contains a patch for this issue. There are currently no known workarounds available. | |||||
| CVE-2022-27008 | 1 F5 | 1 Njs | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
| nginx njs 0.7.2 is vulnerable to Buffer Overflow. Type confused in Array.prototype.concat() when a slow array appended element is fast array. | |||||