Total
7966 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-38555 | 1 Linksys | 2 E1200, E1200 Firmware | 2022-09-01 | N/A | 9.8 CRITICAL |
| Linksys E1200 v1.0.04 is vulnerable to Buffer Overflow via ej_get_web_page_name. | |||||
| CVE-2022-38562 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the lan parameter. | |||||
| CVE-2022-38563 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the MACAddr parameter. | |||||
| CVE-2022-38565 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service (DoS) via the mailpwd parameter. | |||||
| CVE-2022-38564 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow vulnerability in the function formSetPicListItem. This vulnerability allows attackers to cause a Denial of Service (DoS) via the adItemUID parameter. | |||||
| CVE-2022-38566 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service (DoS) via the mailname parameter. | |||||
| CVE-2022-38568 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the hostname parameter. | |||||
| CVE-2022-38567 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow vulnerability in the function formSetAdConfigInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the authIPs parameter. | |||||
| CVE-2022-38571 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow in the function formSetGuideListItem. | |||||
| CVE-2022-38570 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelPushedAd. This vulnerability allows attackers to cause a Denial of Service (DoS) via the adPushUID parameter. | |||||
| CVE-2022-38569 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelAd. | |||||
| CVE-2022-2288 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2022-09-01 | 6.8 MEDIUM | 7.8 HIGH |
| Out-of-bounds Write in GitHub repository vim/vim prior to 9.0. | |||||
| CVE-2022-1489 | 1 Google | 2 Chrome, Chrome Os | 2022-09-01 | N/A | 8.8 HIGH |
| Out of bounds memory access in UI Shelf in Google Chrome on Chrome OS, Lacros prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific user interactions. | |||||
| CVE-2022-1142 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 8.8 HIGH |
| Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. | |||||
| CVE-2022-1143 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 8.8 HIGH |
| Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. | |||||
| CVE-2021-21898 | 3 Debian, Fedoraproject, Librecad | 3 Debian Linux, Fedora, Libdxfrw | 2022-08-31 | 6.8 MEDIUM | 8.8 HIGH |
| A code execution vulnerability exists in the dwgCompressor::decompress18() functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-21899 | 3 Debian, Fedoraproject, Librecad | 3 Debian Linux, Fedora, Libdxfrw | 2022-08-31 | 6.8 MEDIUM | 8.8 HIGH |
| A code execution vulnerability exists in the dwgCompressor::copyCompBytes21 functionality of LibreCad libdxfrw 2.2.0-rc2-19-ge02f3580. A specially-crafted .dwg file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2021-21901 | 1 Garrett | 1 Ic Module Cma | 2022-08-31 | 9.0 HIGH | 8.8 HIGH |
| A stack-based buffer overflow vulnerability exists in the CMA check_udp_crc function of Garrett Metal Detectors’ iC Module CMA Version 5.0. A specially-crafted packet can lead to a stack-based buffer overflow during a call to memcpy. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2021-21903 | 1 Garrett | 1 Ic Module Cma | 2022-08-31 | 10.0 HIGH | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the CMA check_udp_crc function of Garrett Metal Detectors’ iC Module CMA Version 5.0. A specially-crafted packet can lead to a stack-based buffer overflow during a call to strcpy. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2021-21906 | 1 Garrett | 1 Ic Module Cma | 2022-08-31 | 9.0 HIGH | 7.2 HIGH |
| Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is used by a secondary GUI client, called “CMA Connect”, to interact with the iC Module on behalf of the user. Every time a user submits a password to the CLI password prompt, the buffer containing their input is passed as the password parameter to the checkPassword function. | |||||