Total
7966 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-34603 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm. | |||||
| CVE-2022-34602 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm. | |||||
| CVE-2022-34604 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /dotrace.asp. | |||||
| CVE-2022-34605 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /dotrace.asp. | |||||
| CVE-2022-34606 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditvsList parameter at /dotrace.asp. | |||||
| CVE-2022-34608 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ajaxmsg parameter at /AJAX/ajaxget. | |||||
| CVE-2022-34607 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /doping.asp. | |||||
| CVE-2022-34610 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the URL /ihomers/app. | |||||
| CVE-2022-34609 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2022-07-26 | N/A | 9.8 CRITICAL |
| H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /doping.asp. | |||||
| CVE-2022-20229 | 1 Google | 1 Android | 2022-07-26 | 10.0 HIGH | 9.8 CRITICAL |
| In bta_hf_client_handle_cind_list_item of bta_hf_client_at.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12LAndroid ID: A-224536184 | |||||
| CVE-2021-31684 | 2 Json-smart Project, Oracle | 3 Json-smart-v1, Json-smart-v2, Utilities Framework | 2022-07-25 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability was discovered in the indexOf function of JSONParserByteArray in JSON Smart versions 1.3 and 2.4 which causes a denial of service (DOS) via a crafted web request. | |||||
| CVE-2022-23745 | 1 Checkpoint | 1 Capsule Workspace | 2022-07-25 | N/A | 7.5 HIGH |
| A potential memory corruption issue was found in Capsule Workspace Android app (running on GrapheneOS). This could result in application crashing but could not be used to gather any sensitive information. | |||||
| CVE-2021-44170 | 1 Fortinet | 2 Fortios, Fortiproxy | 2022-07-25 | N/A | 6.7 MEDIUM |
| A stack-based buffer overflow vulnerability [CWE-121] in the command line interpreter of FortiOS before 7.0.4 and FortiProxy before 2.0.8 may allow an authenticated attacker to execute unauthorized code or commands via specially crafted command line arguments. | |||||
| CVE-2022-20222 | 1 Google | 1 Android | 2022-07-25 | 10.0 HIGH | 9.8 CRITICAL |
| In read_attr_value of gatt_db.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12 Android-12LAndroid ID: A-228078096 | |||||
| CVE-2020-13581 | 1 Softmaker | 1 Planmaker 2021 | 2022-07-23 | 6.8 MEDIUM | 7.8 HIGH |
| In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014), a specially crafted document can cause the document parser to copy data from a particular record type into a buffer that is smaller than the size used for the copy which will cause a heap-based buffer overflow. An attacker can entice the victim to open a document to trigger this vulnerability. | |||||
| CVE-2020-13586 | 1 Softmaker | 1 Planmaker 2021 | 2022-07-23 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption vulnerability exists in the Excel Document SST Record 0x00fc functionality of SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014). A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-1737 | 1 Pyramidsolutions | 4 Netstax Ethernet\/ip Adapter Development Kit, Netstax Ethernet\/ip Adapter Dll Kit, Netstax Ethernet\/ip Scanner Development Kit and 1 more | 2022-07-22 | 5.0 MEDIUM | 7.5 HIGH |
| Pyramid Solutions' affected products, the Developer and DLL kits for EtherNet/IP Adapter and EtherNet/IP Scanner, are vulnerable to an out-of-bounds write, which may allow an unauthorized attacker to send a specially crafted packet that may result in a denial-of-service condition. | |||||
| CVE-2021-40391 | 3 Debian, Fedoraproject, Gerbv Project | 3 Debian Linux, Fedora, Gerbv | 2022-07-22 | 7.5 HIGH | 9.8 CRITICAL |
| An out-of-bounds write vulnerability exists in the drill format T-code tool number functionality of Gerbv 2.7.0, dev (commit b5f1eacd), and the forked version of Gerbv (commit 71493260). A specially-crafted drill file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-28044 | 2 Debian, Irzip Project | 2 Debian Linux, Irzip | 2022-07-22 | 7.5 HIGH | 9.8 CRITICAL |
| Irzip v0.640 was discovered to contain a heap memory corruption via the component lrzip.c:initialise_control. | |||||
| CVE-2022-34251 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2022-07-21 | N/A | 7.8 HIGH |
| Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||