Total
10985 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-32034 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the items parameter in the function formdelMasteraclist. | |||||
| CVE-2022-32033 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the function formSetVirtualSer. | |||||
| CVE-2022-32032 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the deviceList parameter in the function formAddMacfilterRule. | |||||
| CVE-2022-32031 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetRouteStatic. | |||||
| CVE-2022-32030 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetQosBand. | |||||
| CVE-2022-31937 | 1 Netgear | 2 Wnr2000v4, Wnr2000v4 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Netgear N300 wireless router wnr2000v4-V1.0.0.70 was discovered to contain a stack overflow via strcpy in uhttpd. | |||||
| CVE-2022-31902 | 1 Notepad-plus-plus | 1 Notepad\+\+ | 2024-11-21 | N/A | 5.5 MEDIUM |
| Notepad++ v8.4.1 was discovered to contain a stack overflow via the component Finder::add(). | |||||
| CVE-2022-31901 | 1 Notepad-plus-plus | 1 Notepad\+\+ | 2024-11-21 | N/A | 6.5 MEDIUM |
| Buffer overflow in function Notepad_plus::addHotSpot in Notepad++ v8.4.3 and earlier allows attackers to crash the application via two crafted files. | |||||
| CVE-2022-31810 | 1 Siemens | 1 Sipass Integrated | 2024-11-21 | N/A | 7.5 HIGH |
| A vulnerability has been identified in SiPass integrated (All versions < V2.90.3.8). Affected server applications improperly check the size of data packets received for the configuration client login, causing a stack-based buffer overflow. This could allow an unauthenticated remote attacker to crash the server application, creating a denial of service condition. | |||||
| CVE-2022-31783 | 2 Fedoraproject, Liblouis | 2 Fedora, Liblouis | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Liblouis 3.21.0 has an out-of-bounds write in compileRule in compileTranslationTable.c, as demonstrated by lou_trace. | |||||
| CVE-2022-31782 | 1 Freedesktop | 1 Freetype Demo Programs | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow. | |||||
| CVE-2022-31747 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-11-21 | N/A | 9.8 CRITICAL |
| Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. | |||||
| CVE-2022-31737 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-11-21 | N/A | 9.8 CRITICAL |
| A malicious webpage could have caused an out-of-bounds write in WebGL, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. | |||||
| CVE-2022-31705 | 2 Apple, Vmware | 4 Mac Os X, Esxi, Fusion and 1 more | 2024-11-21 | N/A | 8.2 HIGH |
| VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed. | |||||
| CVE-2022-31699 | 1 Vmware | 2 Cloud Foundation, Esxi | 2024-11-21 | N/A | 3.3 LOW |
| VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure. | |||||
| CVE-2022-31696 | 1 Vmware | 2 Cloud Foundation, Esxi | 2024-11-21 | N/A | 8.8 HIGH |
| VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox. | |||||
| CVE-2022-31627 | 1 Php | 1 Php | 2024-11-21 | N/A | 7.7 HIGH |
| In PHP versions 8.1.x below 8.1.8, when fileinfo functions, such as finfo_buffer, due to incorrect patch applied to the third party code from libmagic, incorrect function may be used to free allocated memory, which may lead to heap corruption. | |||||
| CVE-2022-31610 | 2 Microsoft, Nvidia | 7 Windows, Cloud Gaming Guest, Geforce and 4 more | 2024-11-21 | N/A | 7.8 HIGH |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a local user with basic capabilities can cause an out-of-bounds write, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | |||||
| CVE-2022-31606 | 2 Microsoft, Nvidia | 7 Windows, Cloud Gaming Guest, Geforce and 4 more | 2024-11-21 | N/A | 7.8 HIGH |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape, where a failure to properly validate data might allow an attacker with basic user capabilities to cause an out-of-bounds access in kernel mode, which could lead to denial of service, information disclosure, escalation of privileges, or data tampering. | |||||
| CVE-2022-31602 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2024-11-21 | 4.4 MEDIUM | 6.4 MEDIUM |
| NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with elevated privileges and a preconditioned heap can exploit an out-of-bounds write vulnerability, which may lead to code execution, denial of service, data integrity impact, and information disclosure. | |||||