Total
7966 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-34927 | 1 Milkytracker Project | 1 Milkytracker | 2022-08-09 | N/A | 7.8 HIGH |
| MilkyTracker v1.03.00 was discovered to contain a stack overflow via the component LoaderXM::load. This vulnerability is triggered when the program is supplied a crafted XM module file. | |||||
| CVE-2022-34992 | 1 Luadec Project | 1 Luadec | 2022-08-09 | N/A | 7.8 HIGH |
| Luadec v0.9.9 was discovered to contain a heap-buffer overflow via the function UnsetPending. | |||||
| CVE-2022-36998 | 1 Veritas | 4 Flex Appliance, Flex Scale, Netbackup and 1 more | 2022-08-09 | N/A | 6.5 MEDIUM |
| An issue was discovered in Veritas NetBackup 8.1.x through 8.1.2, 8.2, 8.3.x through 8.3.0.2, 9.x through 9.0.0.1, and 9.1.x through 9.1.0.1 (and related NetBackup products). An attacker with authenticated access to a NetBackup Client could remotely trigger a stack-based buffer overflow on the NetBackup Primary server, resulting in a denial of service. | |||||
| CVE-2022-27865 | 1 Autodesk | 1 Design Review | 2022-08-09 | N/A | 7.8 HIGH |
| A maliciously crafted TGA or PCX file may be used to write beyond the allocated buffer through DesignReview.exe application while parsing TGA and PCX files. This vulnerability may be exploited to execute arbitrary code. | |||||
| CVE-2022-23918 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2022-08-08 | N/A | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the confsrv set_mf_rule functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability leverages the ethAddr field within the protobuf message to cause a buffer overflow. | |||||
| CVE-2022-23103 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2022-08-08 | N/A | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the confsrv confctl_set_app_language functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2022-23399 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2022-08-08 | N/A | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the confsrv set_port_fwd_rule functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2022-21201 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2022-08-08 | N/A | 8.8 HIGH |
| A stack-based buffer overflow vulnerability exists in the confers ucloud_add_node_new functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2022-23919 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2022-08-08 | N/A | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the confsrv set_mf_rule functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability leverages the name field within the protobuf message to cause a buffer overflow. | |||||
| CVE-2022-28668 | 1 Santesoft | 1 Dicom Viewer Pro | 2022-08-08 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante DICOM Viewer Pro 11.9.2. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated data structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16679. | |||||
| CVE-2020-17437 | 4 Contiki-os, Open-iscsi Project, Siemens and 1 more | 21 Contiki, Open-iscsi, Sentron 3va Com100 and 18 more | 2022-08-08 | 6.4 MEDIUM | 8.2 HIGH |
| An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured to ignore the urgent data, the stack attempts to use the value of the Urgent pointer bytes to separate the Urgent data from the normal data, by calculating the offset at which the normal data should be present in the global buffer. However, the length of this offset is not checked; therefore, for large values of the Urgent pointer bytes, the data pointer can point to memory that is way beyond the data buffer in uip_process in uip.c. | |||||
| CVE-2020-27828 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2022-08-05 | 6.8 MEDIUM | 7.8 HIGH |
| There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability. | |||||
| CVE-2020-35964 | 2 Ffmpeg, Linux | 2 Ffmpeg, Linux Kernel | 2022-08-05 | 4.3 MEDIUM | 6.5 MEDIUM |
| track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bounds write because of incorrect extradata packing. | |||||
| CVE-2021-21017 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2022-08-05 | 6.8 MEDIUM | 8.8 HIGH |
| Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-20285 | 1 Upx Project | 1 Upx | 2022-08-05 | 8.3 HIGH | 6.6 MEDIUM |
| A flaw was found in upx canPack in p_lx_elf.cpp in UPX 3.96. This flaw allows attackers to cause a denial of service (SEGV or buffer overflow and application crash) or possibly have unspecified other impacts via a crafted ELF. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2021-20235 | 1 Zeromq | 1 Libzmq | 2022-08-05 | 6.8 MEDIUM | 8.1 HIGH |
| There's a flaw in the zeromq server in versions before 4.3.3 in src/decoder_allocators.hpp. The decoder static allocator could have its sized changed, but the buffer would remain the same as it is a static buffer. A remote, unauthenticated attacker who sends a crafted request to the zeromq server could trigger a buffer overflow WRITE of arbitrary data if CURVE/ZAP authentication is not enabled. The greatest impact of this flaw is to application availability, data integrity, and confidentiality. | |||||
| CVE-2021-0254 | 1 Juniper | 1 Junos | 2022-08-05 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer size validation vulnerability in the overlayd service of Juniper Networks Junos OS may allow an unauthenticated remote attacker to send specially crafted packets to the device, triggering a partial Denial of Service (DoS) condition, or leading to remote code execution (RCE). Continued receipt and processing of these packets will sustain the partial DoS. The overlayd daemon handles Overlay OAM packets, such as ping and traceroute, sent to the overlay. The service runs as root by default and listens for UDP connections on port 4789. This issue results from improper buffer size validation, which can lead to a buffer overflow. Unauthenticated attackers can send specially crafted packets to trigger this vulnerability, resulting in possible remote code execution. overlayd runs by default in MX Series, ACX Series, and QFX Series platforms. The SRX Series does not support VXLAN and is therefore not vulnerable to this issue. Other platforms are also vulnerable if a Virtual Extensible LAN (VXLAN) overlay network is configured. This issue affects Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R2-S8, 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S7, 18.4R3-S7; 19.1 versions prior to 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R3-S1; 19.4 versions prior to 19.4R2-S4, 19.4R3-S1; 20.1 versions prior to 20.1R2-S1, 20.1R3; 20.2 versions prior to 20.2R2, 20.2R2-S1, 20.2R3; 20.3 versions prior to 20.3R1-S1. | |||||
| CVE-2020-27009 | 1 Siemens | 2 Nucleus Net, Nucleus Source Code | 2022-08-05 | 6.8 MEDIUM | 8.1 HIGH |
| A vulnerability has been identified in Nucleus NET (All versions < V5.2), Nucleus Source Code (Versions including affected DNS modules). The DNS domain name record decompression functionality does not properly validate the pointer offset values. The parsing of malformed responses could result in a write past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to execute code in the context of the current process or cause a denial-of-service condition. | |||||
| CVE-2021-20277 | 3 Debian, Fedoraproject, Samba | 3 Debian Linux, Fedora, Samba | 2022-08-05 | 5.0 MEDIUM | 7.5 HIGH |
| A flaw was found in Samba's libldb. Multiple, consecutive leading spaces in an LDAP attribute can lead to an out-of-bounds memory write, leading to a crash of the LDAP server process handling the request. The highest threat from this vulnerability is to system availability. | |||||
| CVE-2022-26430 | 3 Google, Mediatek, Yoctoproject | 25 Android, Mt6833, Mt6853 and 22 more | 2022-08-05 | N/A | 6.7 MEDIUM |
| In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032521; Issue ID: ALPS07032521. | |||||