Total
7966 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-30919 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Edit_BasicSSID_5G parameter at /goform/aspForm. | |||||
| CVE-2022-30917 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the AddWlanMacList parameter at /goform/aspForm. | |||||
| CVE-2022-30915 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateSnat parameter at /goform/aspForm. | |||||
| CVE-2022-30920 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Edit_BasicSSID parameter at /goform/aspForm. | |||||
| CVE-2022-30921 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the SetMobileAPInfoById parameter at /goform/aspForm. | |||||
| CVE-2022-30922 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the EditWlanMacList parameter at /goform/aspForm. | |||||
| CVE-2022-30923 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Asp_SetTimingtimeWifiAndLed parameter at /goform/aspForm. | |||||
| CVE-2022-30924 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the SetAPWifiorLedInfoById parameter at /goform/aspForm. | |||||
| CVE-2022-30925 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the AddMacList parameter at /goform/aspForm. | |||||
| CVE-2022-30926 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2022-06-14 | 10.0 HIGH | 9.8 CRITICAL |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the EditMacList parameter at /goform/aspForm. | |||||
| CVE-2021-44000 | 1 Siemens | 3 Jt2go, Solid Edge, Teamcenter Visualization | 2022-06-14 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All versions < SE2021MP9), Solid Edge SE2022 (All versions < SE2022MP1), Teamcenter Visualization V13.1 (All versions < V13.1.0.9), Teamcenter Visualization V13.2 (All versions < V13.2.0.7), Teamcenter Visualization V13.3 (All versions < V13.3.0.1). The plmxmlAdapterSE70.dll contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-15053) | |||||
| CVE-2019-5187 | 1 Accusoft | 1 Imagegear | 2022-06-13 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable out-of-bounds write vulnerability exists in the TIFreadstripdata function of the igcore19d.dll library of Accusoft ImageGear 19.5.0. A specially crafted TIFF file file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | |||||
| CVE-2019-5153 | 1 Moxa | 2 Awk-3131a, Awk-3131a Firmware | 2022-06-13 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable remote code execution vulnerability exists in the iw_webs configuration parsing functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted user name entry can cause an overflow of an error message buffer, resulting in remote code execution. An attacker can send commands while authenticated as a low privilege user to trigger this vulnerability. | |||||
| CVE-2017-2897 | 1 Libxls Project | 1 Libxls | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable out-of-bounds write vulnerability exists in the read_MSAT function of libxls 1.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. | |||||
| CVE-2017-2924 | 2 Debian, Freexl Project | 2 Debian Linux, Freexl | 2022-06-13 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable heap-based buffer overflow vulnerability exists in the read_legacy_biff function of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. | |||||
| CVE-2017-2919 | 2 Debian, Libxls Project | 2 Debian Linux, Libxls | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable stack based buffer overflow vulnerability exists in the xls_getfcell function of libxls 1.3.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability | |||||
| CVE-2017-2923 | 2 Debian, Freexl Project | 2 Debian Linux, Freexl | 2022-06-13 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable heap based buffer overflow vulnerability exists in the 'read_biff_next_record function' of FreeXL 1.0.3. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. | |||||
| CVE-2022-21759 | 2 Google, Mediatek | 42 Android, Mt6580, Mt6735 and 39 more | 2022-06-13 | 4.6 MEDIUM | 6.7 MEDIUM |
| In power service, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06419106; Issue ID: ALPS06419077. | |||||
| CVE-2019-5019 | 1 Rainbowpdf | 1 Office Server Document Converter | 2022-06-13 | 7.5 HIGH | 9.8 CRITICAL |
| A heap-based overflow vulnerability exists in the PowerPoint document conversion function of Rainbow PDF Office Server Document Converter V7.0 Pro R1 (7,0,2018,1113). While parsing Document Summary Property Set stream, the getSummaryInformation function is incorrectly checking the correlation between size and the number of properties in PropertySet packets, causing an out-of-bounds write that leads to heap corruption and consequent code execution. | |||||
| CVE-2022-21754 | 2 Google, Mediatek | 39 Android, Mt6761, Mt6762 and 36 more | 2022-06-13 | 4.6 MEDIUM | 6.7 MEDIUM |
| In WLAN driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06535953; Issue ID: ALPS06535953. | |||||