Total
7966 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-27923 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2023-01-09 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, watchOS 7.1, tvOS 14.2. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2022-32888 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2023-01-09 | N/A | 8.8 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, iOS 16, iOS 15.7 and iPadOS 15.7, watchOS 9, macOS Monterey 12.6, tvOS 16. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2014-125026 | 1 Cloudflare | 1 Golz4 | 2023-01-06 | N/A | 9.8 CRITICAL |
| LZ4 bindings use a deprecated C API that is vulnerable to memory corruption, which could lead to arbitrary code execution if called with untrusted user input. | |||||
| CVE-2022-32208 | 5 Apple, Debian, Fedoraproject and 2 more | 18 Macos, Debian Linux, Fedora and 15 more | 2023-01-05 | 4.3 MEDIUM | 5.9 MEDIUM |
| When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client. | |||||
| CVE-2022-43931 | 1 Synology | 2 Router Manager, Vpn Plus Server | 2023-01-05 | N/A | 10.0 CRITICAL |
| Out-of-bounds write vulnerability in Remote Desktop Functionality in Synology VPN Plus Server before 1.4.3-0534 and 1.4.4-0635 allows remote attackers to execute arbitrary commands via unspecified vectors. | |||||
| CVE-2022-46584 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2023-01-05 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the qcawifi.wifi%d_vap%d.maclist parameter in the kick_ban_wifi_mac_deny (sub_415D7C) function. | |||||
| CVE-2022-46581 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2023-01-04 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the cameo.cameo.nslookup_target parameter in the tools_nslookup function. | |||||
| CVE-2022-46583 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2023-01-04 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the reboot_type parameter in the wizard_ipv6 (sub_41C380) function. | |||||
| CVE-2022-46582 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2023-01-04 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the login_name parameter in the do_graph_auth (sub_4061E0) function. | |||||
| CVE-2022-46580 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2023-01-04 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the user_edit_page parameter in the wifi_captive_portal function. | |||||
| CVE-2022-46585 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2023-01-04 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the REMOTE_USER parameter in the get_access (sub_45AC2C) function. | |||||
| CVE-2022-46601 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2023-01-04 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the setbg_num parameter in the icp_setbg_img (sub_41DD68) function. | |||||
| CVE-2022-47116 | 1 Tenda | 2 A15, A15 Firmware | 2023-01-04 | N/A | 7.5 HIGH |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the SYSPS parameter at /goform/SysToolChangePwd. | |||||
| CVE-2022-47118 | 1 Tenda | 2 A15, A15 Firmware | 2023-01-04 | N/A | 9.8 CRITICAL |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wepkey1 parameter at /goform/WifiBasicSet. | |||||
| CVE-2022-47119 | 1 Tenda | 2 A15, A15 Firmware | 2023-01-04 | N/A | 9.8 CRITICAL |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the ssid parameter at /goform/WifiBasicSet. | |||||
| CVE-2022-47117 | 1 Tenda | 2 A15, A15 Firmware | 2023-01-04 | N/A | 9.8 CRITICAL |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the security parameter at /goform/WifiBasicSet. | |||||
| CVE-2022-47120 | 1 Tenda | 2 A15, A15 Firmware | 2023-01-04 | N/A | 9.8 CRITICAL |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the security_5g parameter at /goform/WifiBasicSet. | |||||
| CVE-2022-47122 | 1 Tenda | 2 A15, A15 Firmware | 2023-01-04 | N/A | 9.8 CRITICAL |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wrlPwd_5g parameter at /goform/WifiBasicSet. | |||||
| CVE-2022-47121 | 1 Tenda | 2 A15, A15 Firmware | 2023-01-04 | N/A | 9.8 CRITICAL |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wepkey parameter at /goform/WifiBasicSet. | |||||
| CVE-2022-47123 | 1 Tenda | 2 A15, A15 Firmware | 2023-01-04 | N/A | 9.8 CRITICAL |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wepkey3 parameter at /goform/WifiBasicSet. | |||||