Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-27418 | 1 Broadcom | 1 Tcpreplay | 2022-10-28 | 5.1 MEDIUM | 7.8 HIGH |
| Tcpreplay v4.4.1 has a heap-based buffer overflow in do_checksum_math at /tcpedit/checksum.c. | |||||
| CVE-2021-45948 | 1 Assimp | 1 Assimp | 2022-10-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| Open Asset Import Library (aka assimp) 5.1.0 and 5.1.1 has a heap-based buffer overflow in _m3d_safestr (called from m3d_load and Assimp::M3DWrapper::M3DWrapper). | |||||
| CVE-2018-16530 | 1 Forcepoint | 1 Email Security | 2022-10-28 | 7.5 HIGH | 9.8 CRITICAL |
| A stack-based buffer overflow in Forcepoint Email Security version 8.5 allows an attacker to craft malicious input and potentially crash a process creating a denial-of-service. While no known Remote Code Execution (RCE) vulnerabilities exist, as with all buffer overflows, the possibility of RCE cannot be completely ruled out. Data Execution Protection (DEP) is already enabled on the Email appliance as a risk mitigation. | |||||
| CVE-2022-40875 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2022-10-28 | N/A | 7.5 HIGH |
| Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow in the function GetParentControlInfo. | |||||
| CVE-2022-40874 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2022-10-28 | N/A | 7.5 HIGH |
| Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow vulnerability in the GetParentControlInfo function, which can cause a denial of service attack through a carefully constructed http request. | |||||
| CVE-2021-45707 | 1 Nix Project | 1 Nix | 2022-10-28 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the nix crate 0.16.0 and later before 0.20.2, 0.21.x before 0.21.2, and 0.22.x before 0.22.2 for Rust. unistd::getgrouplist has an out-of-bounds write if a user is in more than 16 /etc/groups groups. | |||||
| CVE-2022-36423 | 1 Openharmony | 1 Openharmony | 2022-10-28 | N/A | 7.4 HIGH |
| OpenHarmony-v3.1.2 and prior versions have an incorrect configuration of the cJSON library, which leads a Stack overflow vulnerability during recursive parsing. LAN attackers can lead a DoS attack to all network devices. | |||||
| CVE-2022-43003 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-10-28 | N/A | 9.8 CRITICAL |
| D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setRepeaterSecurity function. | |||||
| CVE-2022-43002 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-10-28 | N/A | 9.8 CRITICAL |
| D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep54_pskpwd parameter at /goform/form2WizardStep54. | |||||
| CVE-2022-43001 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-10-28 | N/A | 9.8 CRITICAL |
| D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the pskValue parameter in the setSecurity function. | |||||
| CVE-2022-43000 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-10-28 | N/A | 9.8 CRITICAL |
| D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the wizardstep4_pskpwd parameter at /goform/form2WizardStep4. | |||||
| CVE-2022-42998 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-10-28 | N/A | 9.8 CRITICAL |
| D-Link DIR-816 A2 1.10 B05 was discovered to contain a stack overflow via the srcip parameter at /goform/form2IPQoSTcAdd. | |||||
| CVE-2022-37452 | 2 Debian, Exim | 2 Debian Linux, Exim | 2022-10-28 | N/A | 9.8 CRITICAL |
| Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set. | |||||
| CVE-2022-0976 | 1 Google | 1 Chrome | 2022-10-27 | N/A | 8.8 HIGH |
| Heap buffer overflow in GPU in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-0789 | 1 Google | 1 Chrome | 2022-10-27 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in ANGLE in Google Chrome prior to 99.0.4844.51 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2021-34326 | 1 Siemens | 3 Jt2go, Solid Edge, Teamcenter Visualization | 2022-10-27 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Solid Edge SE2021 (All Versions < SE2021MP5), Teamcenter Visualization (All versions < V13.2). The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write past the fixed-length heap-based buffer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13422) | |||||
| CVE-2021-38427 | 1 Rti | 2 Connext Dds Professional, Connext Dds Secure | 2022-10-27 | 4.6 MEDIUM | 7.8 HIGH |
| RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code. | |||||
| CVE-2021-33124 | 1 Intel | 1346 Core I3-1000g1, Core I3-1000g1 Firmware, Core I3-1000g4 and 1343 more | 2022-10-26 | 7.2 HIGH | 6.7 MEDIUM |
| Out-of-bounds write in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. | |||||
| CVE-2020-23060 | 1 Tonec | 1 Internet Download Manager | 2022-10-26 | 6.6 MEDIUM | 7.1 HIGH |
| Internet Download Manager 6.37.11.1 was discovered to contain a stack buffer overflow in the Export/Import function. This vulnerability allows attackers to escalate local process privileges via a crafted ef2 file. | |||||
| CVE-2020-23332 | 1 Axiosys | 1 Bento4 | 2022-10-26 | 5.0 MEDIUM | 7.5 HIGH |
| A heap-based buffer overflow exists in the AP4_StdcFileByteStream::ReadPartial component located in /StdC/Ap4StdCFileByteStream.cpp of Bento4 version 06c39d9. This issue can lead to a denial of service (DOS). | |||||