Total
2385 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-23850 | 1 Bosch | 136 Autodome 7000, Autodome 7000 Firmware, Autodome Ip 4000 Hd and 133 more | 2022-04-08 | 6.5 MEDIUM | 7.2 HIGH |
| A specially crafted TCP/IP packet may cause a camera recovery image telnet interface to crash. It may also cause a buffer overflow which could enable remote code execution. The recovery image can only be booted with administrative rights or with physical access to the camera and allows the upload of a new firmware in case of a damaged firmware. | |||||
| CVE-2018-25020 | 2 Linux, Netapp | 18 Linux Kernel, Cloud Backup, H300e and 15 more | 2022-04-05 | 4.6 MEDIUM | 7.8 HIGH |
| The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c. | |||||
| CVE-2022-26642 | 1 Tp-link | 2 Tl-wr840n, Tl-wr840n Firmware | 2022-04-04 | 6.5 MEDIUM | 7.2 HIGH |
| TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the X_TP_ClonedMACAddress parameter. | |||||
| CVE-2022-26641 | 1 Tp-link | 2 Tl-wr840n, Tl-wr840n Firmware | 2022-04-04 | 6.5 MEDIUM | 7.2 HIGH |
| TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter. | |||||
| CVE-2022-26259 | 1 Xiongmaitech | 20 Ahb80n16t-gs, Ahb80n16t-gs Firmware, Ahb80n32f4-lme and 17 more | 2022-04-04 | 4.6 MEDIUM | 7.8 HIGH |
| A buffer over flow in Xiongmai DVR devices NBD80X16S-KL, NBD80X09S-KL, NBD80X08S-KL, NBD80X09RA-KL, AHB80X04R-MH, AHB80X04R-MH-V2, AHB80X04-R-MH-V3, AHB80N16T-GS, AHB80N32F4-LME, and NBD90S0VT-QW allows attackers to cause a Denial of Service (DoS) via a crafted RSTP request. | |||||
| CVE-2020-18976 | 1 Broadcom | 1 Tcpreplay | 2022-04-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| Buffer Overflow in Tcpreplay v4.3.2 allows attackers to cause a Denial of Service via the 'do_checksum' function in 'checksum.c'. It can be triggered by sending a crafted pcap file to the 'tcpreplay-edit' binary. This issue is different than CVE-2019-8381. | |||||
| CVE-2020-9760 | 2 Debian, Weechat | 2 Debian Linux, Weechat | 2022-04-01 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in WeeChat before 2.7.1 (0.3.4 to 2.7 are affected). When a new IRC message 005 is received with longer nick prefixes, a buffer overflow and possibly a crash can happen when a new mode is set for a nick. | |||||
| CVE-2021-43636 | 1 Totolink | 2 T10 V2, T10 V2 Firmware | 2022-03-31 | 7.5 HIGH | 9.8 CRITICAL |
| Two Buffer Overflow vulnerabilities exists in T10 V2_Firmware V4.1.8cu.5207_B20210320 in the http_request_parse function when processing host data in the HTTP request process. | |||||
| CVE-2021-26621 | 1 Netu | 2 Mex01, Mex01 Firmware | 2022-03-31 | 7.5 HIGH | 9.8 CRITICAL |
| An Buffer Overflow vulnerability leading to remote code execution was discovered in MEX01. Remote attackers can use this vulnerability by using the property that the target program copies parameter values to memory through the strcpy() function. | |||||
| CVE-2022-22687 | 1 Synology | 2 Diskstation Manager, Diskstation Manager Unified Controller | 2022-03-30 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in Authentication functionality in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2021-38772 | 1 Tendacn | 2 Ac10, Ac10 Firmware | 2022-03-29 | 7.8 HIGH | 7.5 HIGH |
| Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function. | |||||
| CVE-2022-26243 | 1 Tendacn | 2 Ac10, Ac10 Firmware | 2022-03-29 | 7.8 HIGH | 7.5 HIGH |
| Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow in the setSmartPowerManagement function. | |||||
| CVE-2020-27745 | 2 Debian, Schedmd | 2 Debian Linux, Slurm | 2022-03-29 | 6.8 MEDIUM | 9.8 CRITICAL |
| Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin. | |||||
| CVE-2020-16232 | 1 Yokogawa | 1 Widefield3 | 2022-03-28 | 7.5 HIGH | 9.8 CRITICAL |
| In Yokogawa WideField3 R1.01 - R4.03, a buffer overflow could be caused when a user loads a maliciously crafted project file. | |||||
| CVE-2022-22593 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2022-03-26 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.3 and iPadOS 15.3, watchOS 8.4, tvOS 15.3, Security Update 2022-001 Catalina, macOS Monterey 12.2, macOS Big Sur 11.6.3. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-27240 | 1 Glewlwyd Sso Server Project | 1 Glewlwyd Sso Server | 2022-03-25 | 7.5 HIGH | 9.8 CRITICAL |
| scheme/webauthn.c in Glewlwyd SSO server 2.x before 2.6.2 has a buffer overflow associated with a webauthn assertion. | |||||
| CVE-2022-22634 | 1 Apple | 3 Ipados, Iphone Os, Tvos | 2022-03-24 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2021-42728 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2022-03-22 | 6.8 MEDIUM | 7.8 HIGH |
| Adobe Bridge 11.1.1 (and earlier) is affected by a stack overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in Bridge. | |||||
| CVE-2022-23187 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2022-03-18 | 9.3 HIGH | 7.8 HIGH |
| Adobe Illustrator version 26.0.3 (and earlier) is affected by a buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file in Illustrator. | |||||
| CVE-2021-44343 | 1 Ok-file-formats Project | 1 Ok-file-formats | 2022-03-14 | 6.8 MEDIUM | 7.8 HIGH |
| David Brackeen ok-file-formats 203defd is vulnerable to Buffer Overflow. When the function of the ok-file-formats project is used, a heap-buffer-overflow occurred in function ok_png_read_data() in "/ok_png.c". | |||||