Total
7966 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-36862 | 1 Google | 1 Android | 2022-09-09 | N/A | 7.8 HIGH |
| A heap-based overflow vulnerability in HWR::EngineCJK::Impl::Construct() in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault. | |||||
| CVE-2022-38313 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-09-09 | N/A | 9.8 CRITICAL |
| Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the time parameter at /goform/saveParentControlInfo. | |||||
| CVE-2022-38314 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-09-09 | N/A | 9.8 CRITICAL |
| Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the urls parameter at /goform/saveParentControlInfo. | |||||
| CVE-2022-38311 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-09-09 | N/A | 9.8 CRITICAL |
| Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the time parameter at /goform/PowerSaveSet. | |||||
| CVE-2022-38312 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-09-09 | N/A | 9.8 CRITICAL |
| Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetIpMacBind. | |||||
| CVE-2022-38310 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-09-09 | N/A | 9.8 CRITICAL |
| Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetStaticRouteCfg. | |||||
| CVE-2022-38309 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-09-09 | N/A | 9.8 CRITICAL |
| Tenda AC18 router v15.03.05.19 and v15.03.05.05 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg. | |||||
| CVE-2022-38530 | 1 Gpac | 1 Gpac | 2022-09-09 | N/A | 7.8 HIGH |
| GPAC v2.1-DEV-rev232-gfcaa01ebb-master was discovered to contain a stack overflow when processing ISOM_IOD. | |||||
| CVE-2021-45958 | 3 Debian, Fedoraproject, Ultrajson Project | 3 Debian Linux, Fedora, Ultrajson | 2022-09-09 | 4.3 MEDIUM | 5.5 MEDIUM |
| UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for example, use a large amount of indentation. | |||||
| CVE-2022-38529 | 1 Tinyexr Project | 1 Tinyexr | 2022-09-09 | N/A | 7.8 HIGH |
| tinyexr commit 0647fb3 was discovered to contain a heap-buffer overflow via the component rleUncompress. | |||||
| CVE-2022-39843 | 2 Linux, Lotus 1-2-3 Project | 2 Linux Kernel, Lotus 1-2-3 | 2022-09-09 | N/A | 7.8 HIGH |
| 123elf Lotus 1-2-3 before 1.0.0rc3 for Linux, and Lotus 1-2-3 R3 for UNIX and other platforms through 9.8.2, allow attackers to execute arbitrary code via a crafted worksheet. This occurs because of a stack-based buffer overflow in the cell format processing routines, as demonstrated by a certain function call from process_fmt() that can be reached via a w3r_format element in a wk3 document. | |||||
| CVE-2022-26449 | 2 Google, Mediatek | 4 Android, Mt6879, Mt6895 and 1 more | 2022-09-08 | N/A | 6.7 MEDIUM |
| In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07177810; Issue ID: ALPS07177810. | |||||
| CVE-2022-26448 | 2 Google, Mediatek | 10 Android, Mt6853t, Mt6873 and 7 more | 2022-09-08 | N/A | 6.7 MEDIUM |
| In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07063849; Issue ID: ALPS07063849. | |||||
| CVE-2022-26455 | 2 Google, Mediatek | 6 Android, Mt6789, Mt6855 and 3 more | 2022-09-08 | N/A | 6.7 MEDIUM |
| In gz, there is a possible memory corruption due to incorrect error handling. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07177858; Issue ID: ALPS07177858. | |||||
| CVE-2022-26458 | 2 Google, Mediatek | 12 Android, Mt6853, Mt6855 and 9 more | 2022-09-08 | N/A | 6.7 MEDIUM |
| In vow, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032678; Issue ID: ALPS07032678. | |||||
| CVE-2022-26457 | 2 Google, Mediatek | 12 Android, Mt6769, Mt6781 and 9 more | 2022-09-08 | N/A | 6.7 MEDIUM |
| In vow, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138490; Issue ID: ALPS07138490. | |||||
| CVE-2022-26460 | 2 Google, Mediatek | 15 Android, Mt6833, Mt6853 and 12 more | 2022-09-08 | N/A | 6.7 MEDIUM |
| In vow, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032590; Issue ID: ALPS07032590. | |||||
| CVE-2022-26465 | 3 Google, Mediatek, Yoctoproject | 22 Android, Mt6779, Mt6781 and 19 more | 2022-09-08 | N/A | 6.7 MEDIUM |
| In audio ipi, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558799; Issue ID: ALPS06558799. | |||||
| CVE-2022-26464 | 2 Google, Mediatek | 15 Android, Mt6833, Mt6853 and 12 more | 2022-09-08 | N/A | 6.7 MEDIUM |
| In vow, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032699; Issue ID: ALPS07032699. | |||||
| CVE-2022-2402 | 1 Eset | 2 Endpoint Encryption, Full Disk Encryption | 2022-09-08 | N/A | 6.5 MEDIUM |
| The vulnerability in the driver dlpfde.sys enables a user logged into the system to perform system calls leading to kernel stack overflow, resulting in a system crash, for instance, a BSOD. | |||||