Total
2385 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-45654 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2022-12-06 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the ssid parameter in the form_fast_setting_wifi_set function. | |||||
| CVE-2022-45653 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2022-12-06 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the page parameter in the fromNatStaticSetting function. | |||||
| CVE-2022-45664 | 1 Tenda | 2 I22, I22 Firmware | 2022-12-06 | N/A | 7.5 HIGH |
| Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDget function. | |||||
| CVE-2022-45663 | 1 Tenda | 2 I22, I22 Firmware | 2022-12-06 | N/A | 7.5 HIGH |
| Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function. | |||||
| CVE-2022-45661 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2022-12-06 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the setSmartPowerManagement function. | |||||
| CVE-2022-45660 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2022-12-06 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedStartTime parameter in the setSchedWifi function. | |||||
| CVE-2022-45659 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2022-12-06 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function. | |||||
| CVE-2022-45644 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2022-12-05 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the formSetClientState function. | |||||
| CVE-2022-45645 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2022-12-05 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceMac parameter in the addWifiMacFilter function. | |||||
| CVE-2019-4014 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2022-12-03 | 7.2 HIGH | 7.8 HIGH |
| IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-Force ID: 155892. | |||||
| CVE-2019-4016 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2022-12-03 | 7.2 HIGH | 7.8 HIGH |
| IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 155894. | |||||
| CVE-2019-4015 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2022-12-03 | 7.2 HIGH | 7.8 HIGH |
| IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-ForceID: 155893. | |||||
| CVE-2018-3894 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2022-12-02 | 9.0 HIGH | 8.8 HIGH |
| An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long "startTime" value in order to exploit this vulnerability. | |||||
| CVE-2018-3897 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2022-12-02 | 9.0 HIGH | 8.8 HIGH |
| An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long "callbackUrl" value in order to exploit this vulnerability. | |||||
| CVE-2018-3896 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2022-12-02 | 9.0 HIGH | 8.8 HIGH |
| An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long "correlationId" value in order to exploit this vulnerability. | |||||
| CVE-2018-3895 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2022-12-02 | 9.0 HIGH | 8.8 HIGH |
| An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long 'endTime' value in order to exploit this vulnerability. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2022-44283 | 1 Avs4you | 1 Avs Audio Converter | 2022-12-01 | N/A | 9.8 CRITICAL |
| AVS Audio Converter 10.3 is vulnerable to Buffer Overflow. | |||||
| CVE-2019-6557 | 1 Moxa | 8 Eds-405a, Eds-405a Firmware, Eds-408a and 5 more | 2022-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| Several buffer overflow vulnerabilities have been identified in Moxa IKS and EDS, which may allow remote code execution. | |||||
| CVE-2022-39067 | 1 Zte | 2 Mf286r, Mf286r Firmware | 2022-11-30 | N/A | 6.5 MEDIUM |
| There is a buffer overflow vulnerability in ZTE MF286R. Due to lack of input validation on parameters of the wifi interface, an authenticated attacker could use the vulnerability to perform a denial of service attack. | |||||
| CVE-2021-43042 | 1 Kaseya | 1 Unitrends Backup | 2022-11-28 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Kaseya Unitrends Backup Appliance before 10.5.5. A buffer overflow existed in the vaultServer component. This was exploitable by a remote unauthenticated attacker. | |||||