Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-43038 | 1 Axiosys | 1 Bento4 | 2022-10-21 | N/A | 6.5 MEDIUM |
| Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadCache() function in mp42ts. | |||||
| CVE-2022-32033 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2022-10-20 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the function formSetVirtualSer. | |||||
| CVE-2022-41415 | 1 Acer | 2 Altos W2000h-w570h F4, Altos W2000h-w570h F4 Firmware | 2022-10-20 | N/A | 9.8 CRITICAL |
| Acer Altos W2000h-W570h F4 R01.03.0018 was discovered to contain a stack overflow in the RevserveMem component. This vulnerability allows attackers to cause a Denial of Service (DoS) via injecting crafted shellcode into the NVRAM variable. | |||||
| CVE-2022-43024 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2022-10-20 | N/A | 9.8 CRITICAL |
| Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg. | |||||
| CVE-2022-43025 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2022-10-20 | N/A | 9.8 CRITICAL |
| Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the startIp parameter at /goform/SetPptpServerCfg. | |||||
| CVE-2022-43026 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2022-10-20 | N/A | 9.8 CRITICAL |
| Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the endIp parameter at /goform/SetPptpServerCfg. | |||||
| CVE-2022-43027 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2022-10-20 | N/A | 9.8 CRITICAL |
| Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the firewallEn parameter at /goform/SetFirewallCfg. | |||||
| CVE-2022-43028 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2022-10-20 | N/A | 9.8 CRITICAL |
| Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter at /goform/SetSysTimeCfg. | |||||
| CVE-2022-43029 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2022-10-20 | N/A | 9.8 CRITICAL |
| Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the time parameter at /goform/SetSysTimeCfg. | |||||
| CVE-2022-43259 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2022-10-20 | N/A | 7.5 HIGH |
| Tenda AC15 V15.03.05.18 was discovered to contain a stack overflow via the timeZone parameter in the form_fast_setting_wifi_set function. | |||||
| CVE-2022-43260 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-10-20 | N/A | 9.8 CRITICAL |
| Tenda AC18 V15.03.05.19(6318) was discovered to contain a stack overflow via the time parameter in the fromSetSysTime function. | |||||
| CVE-2017-20149 | 1 Mikrotik | 1 Routeros | 2022-10-20 | N/A | 9.8 CRITICAL |
| The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red. A remote and unauthenticated user can trigger the vulnerability by sending a crafted HTTP request. An attacker can use this vulnerability to execute arbitrary code on the affected system, as exploited in the wild in mid-2017 and later. | |||||
| CVE-2022-38980 | 1 Huawei | 1 Harmonyos | 2022-10-20 | N/A | 9.8 CRITICAL |
| The HwAirlink module has a heap overflow vulnerability in processing data packets of the proprietary protocol.Successful exploitation of this vulnerability may allow attackers to obtain process control permissions. | |||||
| CVE-2022-35710 | 1 Adobe | 1 Coldfusion | 2022-10-20 | N/A | 9.8 CRITICAL |
| Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is triggered when a crafted network packet is sent to the server. | |||||
| CVE-2022-35711 | 1 Adobe | 1 Coldfusion | 2022-10-20 | N/A | 9.8 CRITICAL |
| Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is triggered when a crafted network packet is sent to the server. | |||||
| CVE-2022-35712 | 1 Adobe | 1 Coldfusion | 2022-10-20 | N/A | 9.8 CRITICAL |
| Adobe ColdFusion versions Update 14 (and earlier) and Update 4 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction, the vulnerability is triggered when a crafted network packet is sent to the server. | |||||
| CVE-2021-25667 | 1 Siemens | 30 Ruggedcom Rm1224, Ruggedcom Rm1224 Firmware, Scalance M-800 and 27 more | 2022-10-19 | 5.8 MEDIUM | 8.8 HIGH |
| A vulnerability has been identified in RUGGEDCOM RM1224 (All versions >= V4.3 and < V6.4), SCALANCE M-800 (All versions >= V4.3 and < V6.4), SCALANCE S615 (All versions >= V4.3 and < V6.4), SCALANCE SC-600 Family (All versions >= V2.0 and < V2.1.3), SCALANCE XB-200 (All versions < V4.1), SCALANCE XC-200 (All versions < V4.1), SCALANCE XF-200BA (All versions < V4.1), SCALANCE XM400 (All versions < V6.2), SCALANCE XP-200 (All versions < V4.1), SCALANCE XR-300WG (All versions < V4.1), SCALANCE XR500 (All versions < V6.2). Affected devices contain a stack-based buffer overflow vulnerability in the handling of STP BPDU frames that could allow a remote attacker to trigger a denial-of-service condition or potentially remote code execution. Successful exploitation requires the passive listening feature of the device to be active. | |||||
| CVE-2022-42163 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2022-10-19 | N/A | 9.8 CRITICAL |
| Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/fromNatStaticSetting. | |||||
| CVE-2022-42164 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2022-10-19 | N/A | 9.8 CRITICAL |
| Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetClientState. | |||||
| CVE-2022-42165 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2022-10-19 | N/A | 9.8 CRITICAL |
| Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetDeviceName. | |||||