Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-45674 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2022-12-05 | N/A | 6.5 MEDIUM |
| Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot. | |||||
| CVE-2022-45673 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2022-12-05 | N/A | 6.5 MEDIUM |
| Tenda AC6V1.0 V15.03.05.19 is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet. | |||||
| CVE-2022-44367 | 1 Tenda | 2 I21, I21 Firmware | 2022-12-05 | N/A | 9.8 CRITICAL |
| Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setUplinkInfo. | |||||
| CVE-2022-45658 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2022-12-05 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedEndTime parameter in the setSchedWifi function. | |||||
| CVE-2022-45657 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2022-12-05 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function. | |||||
| CVE-2022-45656 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2022-12-05 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function. | |||||
| CVE-2022-45655 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2022-12-05 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the timeZone parameter in the form_fast_setting_wifi_set function. | |||||
| CVE-2022-45654 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2022-12-05 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the ssid parameter in the form_fast_setting_wifi_set function. | |||||
| CVE-2022-45664 | 1 Tenda | 2 I22, I22 Firmware | 2022-12-05 | N/A | 7.5 HIGH |
| Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDget function. | |||||
| CVE-2022-45663 | 1 Tenda | 2 I22, I22 Firmware | 2022-12-05 | N/A | 7.5 HIGH |
| Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function. | |||||
| CVE-2022-45653 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2022-12-05 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the page parameter in the fromNatStaticSetting function. | |||||
| CVE-2022-45661 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2022-12-05 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the setSmartPowerManagement function. | |||||
| CVE-2022-45660 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2022-12-05 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedStartTime parameter in the setSchedWifi function. | |||||
| CVE-2022-45659 | 1 Tendacn | 2 Ac6, Ac6 Firmware | 2022-12-05 | N/A | 7.5 HIGH |
| Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function. | |||||
| CVE-2022-45668 | 1 Tenda | 2 I22, I22 Firmware | 2022-12-05 | N/A | 6.5 MEDIUM |
| Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolReboot. | |||||
| CVE-2022-45667 | 1 Tenda | 2 I22, I22 Firmware | 2022-12-05 | N/A | 6.5 MEDIUM |
| Tenda i22 V1.0.0.3(4687) is vulnerable to Cross Site Request Forgery (CSRF) via function fromSysToolRestoreSet. | |||||
| CVE-2022-43995 | 1 Sudo Project | 1 Sudo | 2022-12-05 | N/A | 7.1 HIGH |
| Sudo 1.8.0 through 1.9.12, with the crypt() password backend, contains a plugins/sudoers/auth/passwd.c array-out-of-bounds error that can result in a heap-based buffer over-read. This can be triggered by arbitrary local users with access to Sudo by entering a password of seven characters or fewer. The impact could vary depending on the system libraries, compiler, and processor architecture. | |||||
| CVE-2022-4214 | 1 Kibokolabs | 1 Chained Quiz | 2022-12-05 | N/A | 6.1 MEDIUM |
| The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'ip' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | |||||
| CVE-2022-4216 | 1 Kibokolabs | 1 Chained Quiz | 2022-12-05 | N/A | 4.8 MEDIUM |
| The Chained Quiz plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'facebook_appid' parameter in versions up to, and including, 1.3.2.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with administrative privileges to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. | |||||
| CVE-2022-4215 | 1 Kibokolabs | 1 Chained Quiz | 2022-12-05 | N/A | 6.1 MEDIUM |
| The Chained Quiz plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'date' parameter on the 'chainedquiz_list' page in versions up to, and including, 1.3.2.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. | |||||