Total
2385 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-45710 | 1 Ip-com | 2 M50, M50 Firmware | 2023-11-07 | N/A | 9.8 CRITICAL |
| IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function. | |||||
| CVE-2022-45708 | 1 Ip-com | 2 M50, M50 Firmware | 2023-11-07 | N/A | 9.8 CRITICAL |
| IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the sPortMapIndex parameter in the formDelPortMapping function. | |||||
| CVE-2022-45707 | 1 Ip-com | 2 M50, M50 Firmware | 2023-11-07 | N/A | 9.8 CRITICAL |
| IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsHijack function. | |||||
| CVE-2022-45706 | 1 Ip-com | 2 M50, M50 Firmware | 2023-11-07 | N/A | 9.8 CRITICAL |
| IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the hostname parameter in the formSetNetCheckTools function. | |||||
| CVE-2022-43507 | 1 Intel | 1 Quickassist Technology Engine | 2023-11-07 | N/A | 8.8 HIGH |
| Improper buffer restrictions in the Intel(R) QAT Engine for OpenSSL before version 0.6.16 may allow a privileged user to potentially enable escalation of privilege via network access. | |||||
| CVE-2022-42760 | 2 Google, Unisoc | 14 Android, S8018, Sc7731e and 11 more | 2023-11-07 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | |||||
| CVE-2022-42444 | 3 Ibm, Linux, Microsoft | 4 Aix, App Connect Enterprise, Linux Kernel and 1 more | 2023-11-07 | N/A | 6.5 MEDIUM |
| IBM App Connect Enterprise 11.0.0.8 through 11.0.0.19 and 12.0.1.0 through 12.0.5.0 is vulnerable to a buffer overflow. A remote privileged user could overflow a buffer and cause the application to crash. IBM X-Force ID: 238538. | |||||
| CVE-2022-40284 | 3 Debian, Fedoraproject, Tuxera | 3 Debian Linux, Fedora, Ntfs-3g | 2023-11-07 | N/A | 7.8 HIGH |
| A buffer overflow was discovered in NTFS-3G before 2022.10.3. Crafted metadata in an NTFS image can cause code execution. A local attacker can exploit this if the ntfs-3g binary is setuid root. A physically proximate attacker can exploit this if NTFS-3G software is configured to execute upon attachment of an external storage device. | |||||
| CVE-2022-3786 | 3 Fedoraproject, Nodejs, Openssl | 3 Fedora, Node.js, Openssl | 2023-11-07 | N/A | 7.5 HIGH |
| A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. | |||||
| CVE-2022-3550 | 3 Debian, Fedoraproject, X.org | 3 Debian Linux, Fedora, X Server | 2023-11-07 | N/A | 8.8 HIGH |
| A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211051. | |||||
| CVE-2022-39377 | 3 Debian, Fedoraproject, Sysstat Project | 3 Debian Linux, Fedora, Sysstat | 2023-11-07 | N/A | 7.8 HIGH |
| sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representing system activities. This issue may lead to Remote Code Execution (RCE). This issue has been patched in version 12.7.1. | |||||
| CVE-2022-39343 | 1 Microsoft | 1 Azure Rtos Filex | 2023-11-07 | N/A | 7.8 HIGH |
| Azure RTOS FileX is a FAT-compatible file system that’s fully integrated with Azure RTOS ThreadX. In versions before 6.2.0, the Fault Tolerant feature of Azure RTOS FileX includes integer under and overflows which may be exploited to achieve buffer overflow and modify memory contents. When a valid log file with correct ID and checksum is detected by the `_fx_fault_tolerant_enable` function an attempt to recover the previous failed write operation is taken by call of `_fx_fault_tolerant_apply_logs`. This function iterates through the log entries and performs required recovery operations. When properly crafted a log including entries of type `FX_FAULT_TOLERANT_DIR_LOG_TYPE` may be utilized to introduce unexpected behavior. This issue has been patched in version 6.2.0. A workaround to fix line 218 in fx_fault_tolerant_apply_logs.c is documented in the GHSA. | |||||
| CVE-2022-37910 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2023-11-07 | N/A | 6.5 MEDIUM |
| A buffer overflow vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in a denial of service on the affected system. | |||||
| CVE-2022-31626 | 2 Debian, Php | 2 Debian Linux, Php | 2023-11-07 | 6.0 MEDIUM | 8.8 HIGH |
| In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can lead to a remote code execution vulnerability. | |||||
| CVE-2022-30784 | 3 Debian, Fedoraproject, Tuxera | 3 Debian Linux, Fedora, Ntfs-3g | 2023-11-07 | 4.6 MEDIUM | 7.8 HIGH |
| A crafted NTFS image can cause heap exhaustion in ntfs_get_attribute_value in NTFS-3G through 2021.8.22. | |||||
| CVE-2022-30767 | 2 Denx, Fedoraproject | 2 U-boot, Fedora | 2023-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2019-14196. | |||||
| CVE-2022-26981 | 3 Apple, Fedoraproject, Liblouis | 7 Ipados, Iphone Os, Macos and 4 more | 2023-11-07 | 6.8 MEDIUM | 7.8 HIGH |
| Liblouis through 3.21.0 has a buffer overflow in compilePassOpcode in compileTranslationTable.c (called, indirectly, by tools/lou_checktable.c). | |||||
| CVE-2022-26490 | 4 Debian, Fedoraproject, Linux and 1 more | 19 Debian Linux, Fedora, Linux Kernel and 16 more | 2023-11-07 | 4.6 MEDIUM | 7.8 HIGH |
| st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters. | |||||
| CVE-2022-24949 | 1 Eternal Terminal Project | 1 Eternal Terminal | 2023-11-07 | N/A | 7.5 HIGH |
| A privilege escalation to root exists in Eternal Terminal prior to version 6.2.0. This is due to the combination of a race condition, buffer overflow, and logic bug all in PipeSocketHandler::listen(). | |||||
| CVE-2022-24903 | 4 Debian, Fedoraproject, Netapp and 1 more | 4 Debian Linux, Fedora, Active Iq Unified Manager and 1 more | 2023-11-07 | 6.8 MEDIUM | 8.1 HIGH |
| Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code execution. But there may still be a slight chance for experts to do that. The bug occurs when the octet count is read. While there is a check for the maximum number of octets, digits are written to a heap buffer even when the octet count is over the maximum, This can be used to overrun the memory buffer. However, once the sequence of digits stop, no additional characters can be added to the buffer. In our opinion, this makes remote exploits impossible or at least highly complex. Octet-counted framing is one of two potential framing modes. It is relatively uncommon, but enabled by default on receivers. Modules `imtcp`, `imptcp`, `imgssapi`, and `imhttp` are used for regular syslog message reception. It is best practice not to directly expose them to the public. When this practice is followed, the risk is considerably lower. Module `imdiag` is a diagnostics module primarily intended for testbench runs. We do not expect it to be present on any production installation. Octet-counted framing is not very common. Usually, it needs to be specifically enabled at senders. If users do not need it, they can turn it off for the most important modules. This will mitigate the vulnerability. | |||||