Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-26988 | 3 Fastcom, Mercusys, Tp-link | 12 Fac1900r, Fac1900r Firmware, Mercury D196g and 9 more | 2022-05-16 | 7.2 HIGH | 7.8 HIGH |
| TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MntAte` function. Local users could get remote code execution. | |||||
| CVE-2022-26987 | 3 Fastcom, Mercusys, Tp-link | 12 Fac1900r, Fac1900r Firmware, Mercury D196g and 9 more | 2022-05-16 | 7.2 HIGH | 7.8 HIGH |
| TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MmtAtePrase` function. Local users could get remote code execution. | |||||
| CVE-2022-29329 | 1 Dlink | 2 Dap-1330, Dap-1330 Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a heap overflow via the devicename parameter in /goform/setDeviceSettings. | |||||
| CVE-2022-29328 | 1 Dlink | 2 Dap-1330, Dap-1330 Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DAP-1330_OSS-firmware_1.00b21 was discovered to contain a stack overflow via the function checkvalidupgrade. | |||||
| CVE-2022-29327 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the urladd parameter in /goform/websURLFilterAddDel. | |||||
| CVE-2022-29326 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addhostfilter parameter in /goform/websHostFilter. | |||||
| CVE-2022-29325 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the addurlfilter parameter in /goform/websURLFilter. | |||||
| CVE-2022-29324 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the proto parameter in /goform/form2IPQoSTcAdd. | |||||
| CVE-2022-29323 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the MAC parameter in /goform/editassignment. | |||||
| CVE-2022-29322 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the IPADDR and nvmacaddr parameters in /goform/form2Dhcpip. | |||||
| CVE-2022-29321 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2022-05-16 | 10.0 HIGH | 9.8 CRITICAL |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the lanip parameter in /goform/setNetworkLan. | |||||
| CVE-2022-20009 | 1 Google | 1 Android | 2022-05-16 | 7.2 HIGH | 6.8 MEDIUM |
| In various functions of the USB gadget subsystem, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-213172319References: Upstream kernel | |||||
| CVE-2020-6156 | 1 Pixar | 1 Openusd | 2022-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance USDC file format path element token index. | |||||
| CVE-2020-6155 | 1 Pixar | 1 Openusd | 2022-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 while parsing compressed value rep arrays in binary USD files. A specially crafted malformed file can trigger a heap overflow, which can result in remote code execution. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file. | |||||
| CVE-2020-6150 | 1 Pixar | 1 Openusd | 2022-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software USDC file format SPECS section decompression heap overflow. | |||||
| CVE-2020-6149 | 1 Pixar | 1 Openusd | 2022-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance in USDC file format PATHS section. | |||||
| CVE-2020-6148 | 1 Pixar | 1 Openusd | 2022-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. An instance exists in USDC file format FIELDSETS section decompression heap overflow. | |||||
| CVE-2020-6147 | 2 Apple, Pixar | 3 Ipados, Iphone Os, Openusd | 2022-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. This instance exists in the USDC file format FIELDS section decompression heap overflow. | |||||
| CVE-2020-28600 | 1 Openscad | 1 Openscad | 2022-05-13 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-3501 | 4 Fedoraproject, Linux, Netapp and 1 more | 27 Fedora, Linux Kernel, Cloud Backup and 24 more | 2022-05-13 | 3.6 LOW | 7.1 HIGH |
| A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability. | |||||