Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-44367 | 1 Tenda | 2 I21, I21 Firmware | 2022-12-06 | N/A | 9.8 CRITICAL |
| Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setUplinkInfo. | |||||
| CVE-2022-45640 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2022-12-05 | N/A | 7.5 HIGH |
| Tenda Tenda AC6V1.0 V15.03.05.19 is affected by buffer overflow. Causes a denial of service (local). | |||||
| CVE-2022-44362 | 1 Tenda | 2 I21, I21 Firmware | 2022-12-05 | N/A | 9.8 CRITICAL |
| Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/AddSysLogRule. | |||||
| CVE-2022-44363 | 1 Tenda | 2 I21, I21 Firmware | 2022-12-05 | N/A | 9.8 CRITICAL |
| Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setSnmpInfo. | |||||
| CVE-2022-44365 | 1 Tenda | 2 I21, I21 Firmware | 2022-12-05 | N/A | 9.8 CRITICAL |
| Tenda i21 V1.0.0.14(4656) has a stack overflow vulnerability via /goform/setSysPwd. | |||||
| CVE-2022-44366 | 1 Tenda | 2 I21, I21 Firmware | 2022-12-05 | N/A | 9.8 CRITICAL |
| Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setDiagnoseInfo. | |||||
| CVE-2021-26730 | 1 Lannerinc | 2 Iac-ast2500a, Iac-ast2500a Firmware | 2022-12-03 | N/A | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability in a subfunction of the Login_handler_func function of spx_restservice allows an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. | |||||
| CVE-2021-26729 | 1 Lannerinc | 2 Iac-ast2500a, Iac-ast2500a Firmware | 2022-12-03 | N/A | 9.8 CRITICAL |
| Command injection and multiple stack-based buffer overflows vulnerabilities in the Login_handler_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. | |||||
| CVE-2021-26728 | 1 Lannerinc | 2 Iac-ast2500a, Iac-ast2500a Firmware | 2022-12-03 | N/A | 9.8 CRITICAL |
| Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsr_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. | |||||
| CVE-2021-26727 | 1 Lannerinc | 2 Iac-ast2500a, Iac-ast2500a Firmware | 2022-12-03 | N/A | 9.8 CRITICAL |
| Multiple command injections and stack-based buffer overflows vulnerabilities in the SubNet_handler_func function of spx_restservice allow an attacker to execute arbitrary code with the same privileges as the server user (root). This issue affects: Lanner Inc IAC-AST2500A standard firmware version 1.10.0. | |||||
| CVE-2022-3373 | 1 Google | 1 Chrome | 2022-12-03 | N/A | 8.8 HIGH |
| Out of bounds write in V8 in Google Chrome prior to 106.0.5249.91 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2022-33890 | 1 Autodesk | 11 Autocad, Autocad Advance Steel, Autocad Architecture and 8 more | 2022-12-03 | N/A | 7.8 HIGH |
| A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2018-3893 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2022-12-02 | 9.0 HIGH | 8.8 HIGH |
| An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2022-27631 | 1 Dd-wrt | 1 Dd-wrt | 2022-12-02 | N/A | 9.8 CRITICAL |
| A memory corruption vulnerability exists in the httpd unescape functionality of DD-WRT Revision 32270 - Revision 48599. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability. | |||||
| CVE-2022-26376 | 2 Asus, Asuswrt-merlin | 36 Asuswrt, Et12, Et12 Firmware and 33 more | 2022-12-02 | N/A | 9.8 CRITICAL |
| A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability. | |||||
| CVE-2021-26252 | 3 Fedoraproject, Htmldoc Project, Redhat | 3 Fedora, Htmldoc, Enterprise Linux | 2022-12-02 | 6.8 MEDIUM | 7.8 HIGH |
| A flaw was found in htmldoc in v1.9.12. Heap buffer overflow in pspdf_prepare_page(),in ps-pdf.cxx may lead to execute arbitrary code and denial of service. | |||||
| CVE-2022-45337 | 1 Tenda | 2 Tx9 Pro, Tx9 Pro Firmware | 2022-12-02 | N/A | 7.5 HIGH |
| Tenda TX9 Pro v22.03.02.10 was discovered to contain a stack overflow via the list parameter at /goform/SetIpMacBind. | |||||
| CVE-2022-45332 | 1 Gnu | 1 Libredwg | 2022-12-02 | N/A | 7.8 HIGH |
| LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c. | |||||
| CVE-2019-6957 | 1 Bosch | 18 Access Easy Controller, Access Easy Controller Firmware, Access Professional Edition and 15 more | 2022-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| A recently discovered security vulnerability affects all Bosch Video Management System (BVMS) versions 9.0 and below, DIVAR IP 2000, 3000, 5000 and 7000, Video Recording Manager (VRM), Video Streaming Gateway (VSG), Configuration Manager, Building Integration System (BIS) with Video Engine, Access Professional Edition (APE), Access Easy Controller (AEC), Bosch Video Client (BVC) and Video SDK (VSDK). The vulnerability potentially allows the unauthorized execution of code in the system via the network interface. | |||||
| CVE-2019-7232 | 1 Abb | 2 Pb610 Panel Builder 600, Pb610 Panel Builder 600 Firmware | 2022-11-30 | 5.8 MEDIUM | 8.8 HIGH |
| The ABB IDAL HTTP server is vulnerable to a buffer overflow when a long Host header is sent in a web request. The Host header value overflows a buffer and overwrites a Structured Exception Handler (SEH) address. An unauthenticated attacker can submit a Host header value of 2047 bytes or more to overflow the buffer and overwrite the SEH address, which can then be leveraged to execute attacker-controlled code on the server. | |||||