Total
10481 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-24097 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2022-03-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-24096 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2022-03-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by an Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-24095 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2022-03-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-24094 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2022-03-21 | 9.3 HIGH | 7.8 HIGH |
| Adobe After Effects versions 22.2 (and earlier) and 18.4.4 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-24575 | 1 Gpac | 1 Gpac | 2022-03-20 | 6.8 MEDIUM | 7.8 HIGH |
| GPAC 1.0.1 is affected by a stack-based buffer overflow through MP4Box. | |||||
| CVE-2022-25561 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2022-03-18 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42DE00. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter. | |||||
| CVE-2022-25560 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2022-03-18 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_4327CC. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter. | |||||
| CVE-2022-25556 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2022-03-18 | 7.8 HIGH | 7.5 HIGH |
| Tenda AX12 v22.03.01.21 was discovered to contain a stack overflow in the function sub_42E328. This vulnerability allows attackers to cause a Denial of Service (DoS) via the list parameter. | |||||
| CVE-2022-20058 | 2 Google, Mediatek | 33 Android, Mt6761, Mt6762 and 30 more | 2022-03-18 | 4.4 MEDIUM | 6.6 MEDIUM |
| In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160485. | |||||
| CVE-2022-20059 | 2 Google, Mediatek | 35 Android, Mt6761, Mt6762 and 32 more | 2022-03-18 | 4.4 MEDIUM | 6.6 MEDIUM |
| In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160781. | |||||
| CVE-2022-20056 | 2 Google, Mediatek | 33 Android, Mt6761, Mt6762 and 30 more | 2022-03-18 | 4.4 MEDIUM | 6.6 MEDIUM |
| In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160820. | |||||
| CVE-2021-43534 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2022-03-17 | 6.8 MEDIUM | 8.8 HIGH |
| Mozilla developers and community members reported memory safety bugs present in Firefox 93 and Firefox ESR 91.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 94, Thunderbird < 91.3, and Firefox ESR < 91.3. | |||||
| CVE-2022-20055 | 2 Google, Mediatek | 33 Android, Mt6761, Mt6762 and 30 more | 2022-03-17 | 7.2 HIGH | 6.8 MEDIUM |
| In preloader (usb), there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS06160806; Issue ID: ALPS06160830. | |||||
| CVE-2022-20048 | 2 Google, Mediatek | 11 Android, Mt5816, Mt5835 and 8 more | 2022-03-17 | 7.2 HIGH | 7.8 HIGH |
| In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917502; Issue ID: ALPS05917502. | |||||
| CVE-2022-21137 | 1 Omron | 1 Cx-one | 2022-03-17 | 6.8 MEDIUM | 7.8 HIGH |
| Omron CX-One Versions 4.60 and prior are vulnerable to a stack-based buffer overflow while processing specific project files, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2022-24995 | 1 Tenda | 2 Ax3, Ax3 Firmware | 2022-03-16 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AX3 v16.03.12.10_CN was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter. | |||||
| CVE-2021-29977 | 1 Mozilla | 1 Firefox | 2022-03-16 | 6.8 MEDIUM | 8.8 HIGH |
| Mozilla developers reported memory safety bugs present in Firefox 89. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 90. | |||||
| CVE-2022-20047 | 2 Google, Mediatek | 11 Android, Mt5816, Mt5835 and 8 more | 2022-03-15 | 7.2 HIGH | 7.8 HIGH |
| In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05917489; Issue ID: ALPS05917489. | |||||
| CVE-2022-0904 | 1 Mattermost | 1 Mattermost Server | 2022-03-15 | 4.0 MEDIUM | 6.5 MEDIUM |
| A stack overflow bug in the document extractor in Mattermost Server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted Apple Pages document. | |||||
| CVE-2022-0903 | 1 Mattermost | 1 Mattermost Server | 2022-03-15 | 5.0 MEDIUM | 7.5 HIGH |
| A call stack overflow bug in the SAML login feature in Mattermost server in versions up to and including 6.3.2 allows an attacker to crash the server via submitting a maliciously crafted POST body. | |||||