Search Results (364910 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-37814 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain multiple stack overflows via the deviceMac and the device_id parameters in the function addWifiMacFilter.
CVE-2022-37813 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function fromSetSysTime.
CVE-2022-37812 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the firewallEn parameter in the function formSetFirewallCfg.
CVE-2022-37811 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the startIp parameter in the function formSetPPTPServer.
CVE-2022-37810 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a command injection vulnerability via the mac parameter in the function formWriteFacMac.
CVE-2022-37809 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the speed_dir parameter in the function formSetSpeedWan.
CVE-2022-37808 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the index parameter in the function formWifiWpsOOB.
CVE-2022-37807 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function formSetClientState.
CVE-2022-37806 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromDhcpListClient.
CVE-2022-37805 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function fromWizardHandle.
CVE-2022-37804 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo.
CVE-2022-37803 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromAddressNat.
CVE-2022-37802 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromNatStaticSetting.
CVE-2022-37801 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetQosBand.
CVE-2022-37800 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function fromSetRouteStatic.
CVE-2022-37799 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter at the function setSmartPowerManagement.
CVE-2022-37798 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetVirtualSer.
CVE-2022-37797 2 Debian, Lighttpd 2 Debian Linux, Lighttpd 2024-11-21 7.5 High
In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition.
CVE-2022-37796 1 Oretnom23 1 Simple Online Book Store System 2024-11-21 5.4 Medium
In Simple Online Book Store System 1.0 in /admin_book.php the Title, Author, and Description parameters are vulnerable to Cross Site Scripting(XSS).
CVE-2022-37794 1 Library Management System Project 1 Library Management System 2024-11-21 9.8 Critical
In Library Management System 1.0 the /card/in-card.php file id_no parameters are vulnerable to SQL injection.