Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-40105 | 1 Tenda | 2 I9, I9 Firmware | 2022-09-27 | N/A | 7.5 HIGH |
| Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formWifiMacFilterGet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string. | |||||
| CVE-2022-37234 | 1 Netgear | 2 R7000, R7000 Firmware | 2022-09-27 | N/A | 7.8 HIGH |
| Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. There is a stack overflow vulnerability caused by strncpy. | |||||
| CVE-2022-22629 | 1 Apple | 7 Ipados, Iphone Os, Itunes and 4 more | 2022-09-27 | N/A | 8.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2022-40106 | 1 Tenda | 2 I9, I9 Firmware | 2022-09-27 | N/A | 7.5 HIGH |
| Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the set_local_time function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string. | |||||
| CVE-2022-40102 | 1 Tenda | 2 I9, I9 Firmware | 2022-09-27 | N/A | 7.5 HIGH |
| Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formwrlSSIDset function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string. | |||||
| CVE-2022-40104 | 1 Tenda | 2 I9, I9 Firmware | 2022-09-27 | N/A | 7.5 HIGH |
| Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formwrlSSIDget function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string. | |||||
| CVE-2022-40103 | 1 Tenda | 2 I9, I9 Firmware | 2022-09-27 | N/A | 5.5 MEDIUM |
| Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formSetAutoPing function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string. | |||||
| CVE-2022-35094 | 1 Swftools | 1 Swftools | 2022-09-27 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc. | |||||
| CVE-2022-35093 | 1 Swftools | 1 Swftools | 2022-09-27 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a global buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc. | |||||
| CVE-2022-40107 | 1 Tenda | 2 I9, I9 Firmware | 2022-09-27 | N/A | 7.5 HIGH |
| Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formexeCommand function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string. | |||||
| CVE-2022-35099 | 1 Swftools | 1 Swftools | 2022-09-27 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a stack overflow via ImageStream::getPixel(unsigned char*) at /xpdf/Stream.cc. | |||||
| CVE-2022-35095 | 1 Swftools | 1 Swftools | 2022-09-27 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a segmentation violation via InfoOutputDev::type3D1 at /pdf/InfoOutputDev.cc. | |||||
| CVE-2022-35097 | 1 Swftools | 1 Swftools | 2022-09-27 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a segmentation violation via FoFiTrueType::writeTTF at /xpdf/FoFiTrueType.cc. | |||||
| CVE-2022-35092 | 1 Swftools | 1 Swftools | 2022-09-27 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a segmentation violation via convert_gfxline at /gfxpoly/convert.c. | |||||
| CVE-2022-35098 | 1 Swftools | 1 Swftools | 2022-09-27 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via GfxICCBasedColorSpace::getDefaultColor(GfxColor*) at /xpdf/GfxState.cc. | |||||
| CVE-2022-35096 | 1 Swftools | 1 Swftools | 2022-09-27 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at /gfxpoly/stroke.c. | |||||
| CVE-2022-2970 | 1 Mz-automation | 1 Libiec61850 | 2022-09-26 | N/A | 9.8 CRITICAL |
| MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) does not sanitize input before memcpy is used, which could allow an attacker to crash the device or remotely execute arbitrary code. | |||||
| CVE-2022-2972 | 1 Mz-automation | 1 Libiec61850 | 2022-09-26 | N/A | 9.8 CRITICAL |
| MZ Automation's libIEC61850 (versions 1.4 and prior; version 1.5 prior to commit a3b04b7bc4872a5a39e5de3fdc5fbde52c09e10e) is vulnerable to a stack-based buffer overflow, which could allow an attacker to crash the device or remotely execute arbitrary code. | |||||
| CVE-2022-2070 | 1 Grandstream | 2 Gds3710, Gds3710 Firmware | 2022-09-26 | N/A | 9.8 CRITICAL |
| In Grandstream GSD3710 in its 1.0.11.13 version, it's possible to overflow the stack since it doesn't check the param length before using the sscanf instruction. Because of that, an attacker could create a socket and connect with a remote IP:port by opening a shell and getting full access to the system. The exploit affects daemons dbmng and logsrv that are running on ports 8000 and 8001 by default. | |||||
| CVE-2022-2025 | 1 Grandstream | 2 Gds3710, Gds3710 Firmware | 2022-09-26 | N/A | 9.8 CRITICAL |
| an attacker with knowledge of user/pass of Grandstream GSD3710 in its 1.0.11.13 version, could overflow the stack since it doesn't check the param length before use the strcopy instruction. The explotation of this vulnerability may lead an attacker to execute a shell with full access. | |||||