Total
10982 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-45507 | 1 Tenda | 2 W30e, W30e Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the editNameMit parameter at /goform/editFileName. | |||||
| CVE-2022-45505 | 1 Tenda | 2 W30e, W30e Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the cmdinput parameter at /goform/exeCommand. | |||||
| CVE-2022-45503 | 1 Tenda | 2 W6-s, W6-s Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the linkEn parameter at /goform/setAutoPing. | |||||
| CVE-2022-45501 | 1 Tenda | 2 W6-s, W6-s Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the wl_radio parameter at /goform/wifiSSIDset. | |||||
| CVE-2022-45499 | 1 Tenda | 2 W6-s, W6-s Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the wl_radio parameter at /goform/WifiMacFilterGet. | |||||
| CVE-2022-45496 | 1 Json.h Project | 1 Json.h | 2024-11-21 | N/A | 7.8 HIGH |
| Buffer overflow vulnerability in function json_parse_string in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 (November 14, 2022) allows attackers to code arbitrary code and gain escalated privileges. | |||||
| CVE-2022-45494 | 1 Json.h Project | 1 Json.h | 2024-11-21 | N/A | 7.8 HIGH |
| Buffer overflow vulnerability in function json_parse_object in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 (November 14, 2022) allows attackers to code arbitrary code and gain escalated privileges. | |||||
| CVE-2022-45493 | 1 Json.h Project | 1 Json.h | 2024-11-21 | N/A | 7.8 HIGH |
| Buffer overflow vulnerability in function json_parse_key in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 (November 14, 2022) allows attackers to code arbitrary code and gain escalated privileges. | |||||
| CVE-2022-45492 | 1 Json.h Project | 1 Json.h | 2024-11-21 | N/A | 7.8 HIGH |
| Buffer overflow vulnerability in function json_parse_number in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 (November 14, 2022) allows attackers to code arbitrary code and gain escalated privileges. | |||||
| CVE-2022-45491 | 1 Json.h Project | 1 Json.h | 2024-11-21 | N/A | 7.8 HIGH |
| Buffer overflow vulnerability in function json_parse_value in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 (November 14, 2022) allows attackers to code arbitrary code and gain escalated privileges. | |||||
| CVE-2022-45460 | 1 Xiongmaitech | 4 Mbd6304t, Mbd6304t Firmware, Nbd6808t-pl and 1 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow an unauthenticated and remote user to exploit a stack-based buffer overflow and crash the web server, resulting in a system reboot. An unauthenticated and remote attacker can execute arbitrary code by sending a crafted HTTP request that triggers the overflow condition via a long URI passed to a sprintf call. NOTE: this is different than CVE-2018-10088, but this may overlap CVE-2017-16725. | |||||
| CVE-2022-45421 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-11-21 | N/A | 8.8 HIGH |
| Mozilla developers Andrew McCreight and Gabriele Svelto reported memory safety bugs present in Thunderbird 102.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.5, Thunderbird < 102.5, and Firefox < 107. | |||||
| CVE-2022-45337 | 1 Tenda | 2 Tx9 Pro, Tx9 Pro Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda TX9 Pro v22.03.02.10 was discovered to contain a stack overflow via the list parameter at /goform/SetIpMacBind. | |||||
| CVE-2022-45332 | 1 Gnu | 1 Libredwg | 2024-11-21 | N/A | 7.8 HIGH |
| LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c. | |||||
| CVE-2022-45283 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 7.8 HIGH |
| GPAC MP4box v2.0.0 was discovered to contain a stack overflow in the smil_parse_time_list parameter at /scenegraph/svg_attributes.c. | |||||
| CVE-2022-45202 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 7.8 HIGH |
| GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a stack overflow via the function dimC_box_read at isomedia/box_code_3gpp.c. | |||||
| CVE-2022-45188 | 3 Debian, Fedoraproject, Netatalk | 3 Debian Linux, Fedora, Netatalk | 2024-11-21 | N/A | 7.8 HIGH |
| Netatalk through 3.1.13 has an afp_getappl heap-based buffer overflow resulting in code execution via a crafted .appl file. This provides remote root access on some platforms such as FreeBSD (used for TrueNAS). | |||||
| CVE-2022-45126 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-11-21 | N/A | 4.0 MEDIUM |
| Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked. | |||||
| CVE-2022-44931 | 1 Tenda | 2 A18, A18 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda A18 v15.13.07.09 was discovered to contain a stack overflow via the security_5g parameter at /goform/WifiBasicSet. | |||||
| CVE-2022-44910 | 1 Quarkslab | 1 Binbloom | 2024-11-21 | N/A | 7.8 HIGH |
| Binbloom 2.0 was discovered to contain a heap buffer overflow via the read_pointer function at /binbloom-master/src/helpers.c. | |||||