Total
7966 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-21969 | 1 Sealevel | 2 Seaconnect 370w, Seaconnect 370w Firmware | 2022-09-30 | 6.8 MEDIUM | 8.1 HIGH |
| An out-of-bounds write vulnerability exists in the HandleSeaCloudMessage functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. The HandleIncomingSeaCloudMessage function uses at [4] the json_object_get_string to populate the p_payload global variable. The p_payload is only 0x100 bytes long, and the total MQTT message could be up to 0x201 bytes. Because the function json_object_get_string will fill str based on the length of the json’s value and not the actual str size, this would result in a possible out-of-bounds write. | |||||
| CVE-2021-21970 | 1 Sealevel | 2 Seaconnect 370w, Seaconnect 370w Firmware | 2022-09-30 | 6.8 MEDIUM | 8.1 HIGH |
| An out-of-bounds write vulnerability exists in the HandleSeaCloudMessage functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. The HandleIncomingSeaCloudMessage function uses at [3] the json_object_get_string to populate the p_name global variable. The p_name is only 0x80 bytes long, and the total MQTT message could be up to 0x201 bytes. Because the function json_object_get_string will fill str based on the length of the json’s value and not the actual str size, this would result in a possible out-of-bounds write. | |||||
| CVE-2020-27247 | 1 Softmaker | 1 Planmaker 2021 | 2022-09-30 | 6.8 MEDIUM | 7.8 HIGH |
| A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. In version/Instance 0x0002, an attacker can entice the victim to open a document to trigger this vulnerability. This affects SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014). | |||||
| CVE-2022-3349 | 1 Sony | 4 Playstation 4, Playstation 4 Firmware, Playstation 5 and 1 more | 2022-09-30 | N/A | 6.8 MEDIUM |
| A vulnerability was found in Sony PS4 and PS5. It has been classified as critical. This affects the function UVFAT_readupcasetable of the component exFAT Handler. The manipulation of the argument dataLength leads to heap-based buffer overflow. It is possible to launch the attack on the physical device. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-209679. | |||||
| CVE-2022-0367 | 3 Debian, Fedoraproject, Libmodbus | 4 Debian Linux, Extra Packages For Enterprise Linux, Fedora and 1 more | 2022-09-30 | N/A | 7.8 HIGH |
| A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c. | |||||
| CVE-2020-27821 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2022-09-30 | 2.1 LOW | 6.0 MEDIUM |
| A flaw was found in the memory management API of QEMU during the initialization of a memory region cache. This issue could lead to an out-of-bounds write access to the MSI-X table while performing MMIO operations. A guest user may abuse this flaw to crash the QEMU process on the host, resulting in a denial of service. This flaw affects QEMU versions prior to 5.2.0. | |||||
| CVE-2022-2962 | 1 Qemu | 1 Qemu | 2022-09-30 | N/A | 7.8 HIGH |
| A DMA reentrancy issue was found in the Tulip device emulation in QEMU. When Tulip reads or writes to the rx/tx descriptor or copies the rx/tx frame, it doesn't check whether the destination address is its own MMIO address. This can cause the device to trigger MMIO handlers multiple times, possibly leading to a stack or heap overflow. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition. | |||||
| CVE-2021-33060 | 1 Intel | 106 Xeon Gold 5315y, Xeon Gold 5315y Firmware, Xeon Gold 5317 and 103 more | 2022-09-30 | N/A | 7.8 HIGH |
| Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2021-29672 | 1 Ibm | 2 Spectrum Protect Client, Spectrum Protect For Space Management | 2022-09-30 | 7.2 HIGH | 7.8 HIGH |
| IBM Spectrum Protect Client 8.1.0.0-8 through 1.11.0 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking when processing the current locale settings. A local attacker could overflow a buffer and execute arbitrary code on the system with elevated privileges or cause the application to crash. IBM X-Force ID: 199479 | |||||
| CVE-2021-0561 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Android | 2022-09-30 | 2.1 LOW | 5.5 MEDIUM |
| In append_to_verify_fifo_interleaved_ of stream_encoder.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-174302683 | |||||
| CVE-2022-0529 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2022-09-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution. | |||||
| CVE-2020-1027 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2022-09-30 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0913, CVE-2020-1000, CVE-2020-1003. | |||||
| CVE-2020-15863 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2022-09-30 | 4.4 MEDIUM | 5.3 MEDIUM |
| hw/net/xgmac.c in the XGMAC Ethernet controller in QEMU before 07-20-2020 has a buffer overflow. This occurs during packet transmission and affects the highbank and midway emulated machines. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service or potential privileged code execution. This was fixed in commit 5519724a13664b43e225ca05351c60b4468e4555. | |||||
| CVE-2021-40010 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2022-09-30 | 7.5 HIGH | 9.8 CRITICAL |
| The bone voice ID TA has a heap overflow vulnerability.Successful exploitation of this vulnerability may result in malicious code execution. | |||||
| CVE-2020-27248 | 1 Softmaker | 1 Planmaker 2021 | 2022-09-30 | 6.8 MEDIUM | 7.8 HIGH |
| A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. In version/Instance 0x0003 and 0x0014, an attacker can entice the victim to open a document to trigger this vulnerability. This affects SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014). | |||||
| CVE-2021-3405 | 3 Debian, Fedoraproject, Matroska | 3 Debian Linux, Fedora, Libebml | 2022-09-30 | 4.3 MEDIUM | 6.5 MEDIUM |
| A flaw was found in libebml before 1.4.2. A heap overflow bug exists in the implementation of EbmlString::ReadData and EbmlUnicodeString::ReadData in libebml. | |||||
| CVE-2021-3185 | 1 Freedesktop | 1 Gst-plugins-bad | 2022-09-30 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in the gstreamer h264 component of gst-plugins-bad before v1.18.1 where when parsing a h264 header, an attacker could cause the stack to be smashed, memory corruption and possibly code execution. | |||||
| CVE-2020-16221 | 1 Deltaww | 1 Tpeditor | 2022-09-29 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics TPEditor Versions 1.97 and prior. A stack-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | |||||
| CVE-2020-16223 | 1 Deltaww | 1 Tpeditor | 2022-09-29 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics TPEditor Versions 1.97 and prior. A heap-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | |||||
| CVE-2020-16225 | 1 Deltaww | 1 Tpeditor | 2022-09-29 | 6.8 MEDIUM | 7.8 HIGH |
| Delta Electronics TPEditor Versions 1.97 and prior. A write-what-where condition may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | |||||