Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-35557 | 1 Tenda | 2 W6, W6 Firmware | 2022-08-16 | N/A | 7.5 HIGH |
| A stack overflow vulnerability exists in /goform/wifiSSIDget in Tenda W6 V1.0.0.9(4122) version, which can be exploited by attackers to cause a denial of service (DoS) via the index parameter. | |||||
| CVE-2022-35667 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2022-08-16 | N/A | 7.8 HIGH |
| Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2010-2089 | 1 Python | 1 Python | 2022-08-16 | 5.0 MEDIUM | N/A |
| The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments and byte string lengths, which allows context-dependent attackers to cause a denial of service (memory corruption and application crash) via crafted arguments, as demonstrated by a call to audioop.reverse with a one-byte string, a different vulnerability than CVE-2010-1634. | |||||
| CVE-2022-20313 | 1 Google | 1 Android | 2022-08-15 | N/A | 6.8 MEDIUM |
| In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-192206329 | |||||
| CVE-2022-2587 | 1 Google | 2 Chrome, Chrome Os | 2022-08-15 | N/A | 9.8 CRITICAL |
| Out of bounds write in Chrome OS Audio Server in Google Chrome on Chrome OS prior to 102.0.5005.125 allowed a remote attacker to potentially exploit heap corruption via crafted audio metadata. | |||||
| CVE-2021-46822 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2022-08-15 | 4.3 MEDIUM | 5.5 MEDIUM |
| The PPM reader in libjpeg-turbo through 2.0.90 mishandles use of tjLoadImage for loading a 16-bit binary PPM file into a grayscale buffer and loading a 16-bit binary PGM file into an RGB buffer. This is related to a heap-based buffer overflow in the get_word_rgb_row function in rdppm.c. | |||||
| CVE-2022-20247 | 1 Google | 1 Android | 2022-08-13 | N/A | 7.5 HIGH |
| In Media, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-229858836 | |||||
| CVE-2022-20244 | 1 Google | 1 Android | 2022-08-13 | N/A | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if more than 100 bluetooth devices have been connected with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-201083240 | |||||
| CVE-2022-20400 | 1 Google | 1 Android | 2022-08-13 | N/A | 9.8 CRITICAL |
| In cd_CodeMsg of cd_codec.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-225178325References: N/A | |||||
| CVE-2019-12263 | 5 Belden, Netapp, Siemens and 2 more | 50 Garrettcom Magnum Dx940e, Garrettcom Magnum Dx940e Firmware, Hirschmann Dragon Mach4000 and 47 more | 2022-08-12 | 6.8 MEDIUM | 8.1 HIGH |
| Wind River VxWorks 6.9.4 and vx7 has a Buffer Overflow in the TCP component (issue 4 of 4). There is an IPNET security vulnerability: TCP Urgent Pointer state confusion due to race condition. | |||||
| CVE-2022-35222 | 1 Hinet | 1 Hicos Natural Person Credential Component Client | 2022-08-12 | N/A | 6.8 MEDIUM |
| HiCOS Citizen verification component has a stack-based buffer overflow vulnerability due to insufficient parameter length validation. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system command or disrupt service. | |||||
| CVE-2022-20345 | 1 Google | 1 Android | 2022-08-12 | N/A | 8.8 HIGH |
| In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-230494481 | |||||
| CVE-2022-33730 | 1 Google | 1 Android | 2022-08-12 | N/A | 6.8 MEDIUM |
| Heap-based buffer overflow vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows arbitrary code execution by physical attackers. | |||||
| CVE-2022-37398 | 1 Asustor | 1 Adm | 2022-08-11 | N/A | 8.8 HIGH |
| A stack-based buffer overflow vulnerability was found inside ADM when using WebDAV due to the lack of data size validation. An attacker can exploit this vulnerability to run arbitrary code. Affected ADM versions include: 3.5.9.RUE3 and below, 4.0.5.RVI1 and below as well as 4.1.0.RJD1 and below. | |||||
| CVE-2022-35219 | 2 Microsoft, Nhi | 2 Windows, Health Insurance Web Service Component | 2022-08-10 | N/A | 5.5 MEDIUM |
| The NHI card’s web service component has a stack-based buffer overflow vulnerability due to insufficient validation for network packet key parameter. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service. | |||||
| CVE-2022-35218 | 2 Microsoft, Nhi | 2 Windows, Health Insurance Web Service Component | 2022-08-10 | N/A | 5.5 MEDIUM |
| The NHI card’s web service component has a heap-based buffer overflow vulnerability due to insufficient validation for packet origin parameter length. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service. | |||||
| CVE-2022-35217 | 2 Microsoft, Nhi | 2 Windows, Health Insurance Web Service Component | 2022-08-10 | N/A | 7.8 HIGH |
| The NHI card’s web service component has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. A local area network attacker with general user privilege can exploit this vulnerability to execute arbitrary code, manipulate system command or disrupt service. | |||||
| CVE-2022-25996 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2022-08-09 | N/A | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the confsrv addTimeGroup functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2022-26009 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2022-08-09 | N/A | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the confsrv ucloud_set_node_location functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2022-34927 | 1 Milkytracker Project | 1 Milkytracker | 2022-08-09 | N/A | 7.8 HIGH |
| MilkyTracker v1.03.00 was discovered to contain a stack overflow via the component LoaderXM::load. This vulnerability is triggered when the program is supplied a crafted XM module file. | |||||