Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-21228 | 1 Fujielectric | 2 Alpha5 Smart Loader, Alpha5 Smart Loader Firmware | 2022-04-21 | 6.8 MEDIUM | 7.8 HIGH |
| The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2022-27419 | 1 Rtl 433 Project | 1 Rtl 433 | 2022-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
| rtl_433 21.12 was discovered to contain a stack overflow in the function acurite_00275rm_decode at /devices/acurite.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted file. | |||||
| CVE-2021-39814 | 1 Google | 1 Android | 2022-04-20 | 7.2 HIGH | 6.7 MEDIUM |
| In ppmp_validate_wsm of drm_fw.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-216792660References: N/A | |||||
| CVE-2022-28772 | 1 Sap | 2 Netweaver, Web Dispatcher | 2022-04-20 | 5.0 MEDIUM | 7.5 HIGH |
| By overlong input values an attacker may force overwrite of the internal program stack in SAP Web Dispatcher - versions 7.53, 7.77, 7.81, 7.85, 7.86, or Internet Communication Manager - versions KRNL64NUC 7.22, 7.22EXT, 7.49, KRNL64UC 7.22, 7.22EXT, 7.49, 7.53, KERNEL 7.22, 7.49, 7.53, 7.77, 7.81, 7.85, 7.86, which makes these programs unavailable, leading to denial of service. | |||||
| CVE-2017-2812 | 1 Kakadusoftware | 1 Kakadu Sdk | 2022-04-19 | 6.8 MEDIUM | 7.8 HIGH |
| A code execution vulnerability exists in the kdu_buffered_expand function of the Kakadu SDK 7.9. A specially crafted JPEG 2000 file can be read by the program and can lead to an out of bounds write causing an exploitable condition to arise. | |||||
| CVE-2017-2811 | 1 Kakadusoftware | 1 Kakadu Sdk | 2022-04-19 | 6.8 MEDIUM | 7.8 HIGH |
| A code execution vulnerability exists in the Kakadu SDK 7.9's parsing of compressed JPEG 2000 images. A specially crafted JPEG 2000 file can be read by the program, and can lead to an out of bounds write causing an exploitable condition to arise. | |||||
| CVE-2017-2804 | 1 Corel | 1 Coreldraw Photo Paint X8 | 2022-04-19 | 6.8 MEDIUM | 7.8 HIGH |
| A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger this vulnerability. | |||||
| CVE-2017-2803 | 1 Corel | 1 Coreldraw Photo Paint X8 | 2022-04-19 | 6.8 MEDIUM | 7.8 HIGH |
| A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 version 18.1.0.661. A specially crafted TIFF file can cause a vulnerability resulting in potential memory corruption. An attacker can send the victim a specific TIFF file to trigger this vulnerability. This vulnerability only exists in the 64-bit version. | |||||
| CVE-2017-2779 | 1 Ni | 1 Labview | 2022-04-19 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable memory corruption vulnerability exists in the RSRC segment parsing functionality of LabVIEW 2017, LabVIEW 2016, LabVIEW 2015, and LabVIEW 2014. A specially crafted Virtual Instrument (VI) file can cause an attacker controlled looping condition resulting in an arbitrary null write. An attacker controlled VI file can be used to trigger this vulnerability and can potentially result in code execution. | |||||
| CVE-2017-12111 | 1 Libxls Project | 1 Libxls | 2022-04-19 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable out-of-bounds vulnerability exists in the xls_addCell function of libxls 1.4. A specially crafted XLS file with a formula record can cause memory corruption resulting in remote code execution. An attacker can send a malicious XLS file to trigger this vulnerability. | |||||
| CVE-2022-27295 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2022-04-19 | 5.0 MEDIUM | 7.5 HIGH |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formAdvanceSetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the webpage parameter. | |||||
| CVE-2022-27291 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2022-04-19 | 5.0 MEDIUM | 7.5 HIGH |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formdumpeasysetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the config.save_network_enabled parameter. | |||||
| CVE-2022-27292 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2022-04-19 | 5.0 MEDIUM | 7.5 HIGH |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formLanguageChange. This vulnerability allows attackers to cause a Denial of Service (DoS) via the nextPage parameter. | |||||
| CVE-2022-27290 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2022-04-19 | 5.0 MEDIUM | 7.5 HIGH |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanDhcpplus. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter. | |||||
| CVE-2022-27289 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2022-04-19 | 5.0 MEDIUM | 7.5 HIGH |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanL2TP. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter. | |||||
| CVE-2022-27288 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2022-04-19 | 5.0 MEDIUM | 7.5 HIGH |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formSetWanPPTP. This vulnerability allows attackers to cause a Denial of Service (DoS) via the curTime parameter. | |||||
| CVE-2022-27293 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2022-04-19 | 5.0 MEDIUM | 7.5 HIGH |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formWlanSetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the webpage parameter. | |||||
| CVE-2022-27294 | 1 Dlink | 2 Dir-619, Dir-619 Firmware | 2022-04-19 | 5.0 MEDIUM | 7.5 HIGH |
| D-Link DIR-619 Ax v1.00 was discovered to contain a stack overflow in the function formWlanWizardSetup. This vulnerability allows attackers to cause a Denial of Service (DoS) via the webpage parameter. | |||||
| CVE-2022-28663 | 1 Siemens | 1 Simcenter Femap | 2022-04-19 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.2). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted .NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15592) | |||||
| CVE-2022-28662 | 1 Siemens | 1 Simcenter Femap | 2022-04-19 | 4.3 MEDIUM | 6.5 MEDIUM |
| A vulnerability has been identified in Simcenter Femap (All versions < V2022.1.2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing specially crafted .NEU files. This could allow an attacker to leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-15307) | |||||