Total
3021 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-36587 | 1 Tenda | 2 G3, G3 Firmware | 2024-08-03 | 9.8 Critical |
| In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary. | ||||
| CVE-2022-36586 | 1 Tenda | 2 G3, G3 Firmware | 2024-08-03 | 9.8 Critical |
| In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by strcpy in function 0x869f4 in the httpd binary. | ||||
| CVE-2022-36584 | 1 Tenda | 2 G3, G3 Firmware | 2024-08-03 | 9.8 Critical |
| In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, the getsinglepppuser function has a buffer overflow caused by sscanf. | ||||
| CVE-2022-36525 | 1 Dlink | 2 Go-rt-ac750, Go-rt-ac750 Firmware | 2024-08-03 | 9.8 Critical |
| D-Link Go-RT-AC750 GORTAC750_revA_v101b03 & GO-RT-AC750_revB_FWv200b02 is vulnerable to Buffer Overflow via authenticationcgi_main. | ||||
| CVE-2022-36330 | 1 Westerndigital | 6 My Cloud Home, My Cloud Home Duo, My Cloud Home Duo Firmware and 3 more | 2024-08-03 | 1.9 Low |
| A buffer overflow vulnerability was discovered on firmware version validation that could lead to an unauthenticated remote code execution in Western Digital My Cloud Home, My Cloud Home Duo and SanDisk ibi devices. An attacker would require exploitation of another vulnerability to raise their privileges in order to exploit this buffer overflow vulnerability. This issue affects My Cloud Home and My Cloud Home Duo: before 9.4.0-191; ibi: before 9.4.0-191. | ||||
| CVE-2022-36279 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2024-08-03 | 8.8 High |
| A stack-based buffer overflow vulnerability exists in the httpd delfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability. | ||||
| CVE-2022-36293 | 1 Nintendo | 2 Wi-fi Network Adaptor Wap 001, Wi-fi Network Adaptor Wap 001 Firmware | 2024-08-03 | 7.2 High |
| Buffer overflow vulnerability in Nintendo Wi-Fi Network Adaptor WAP-001 All versions allows an attacker with an administrative privilege to execute arbitrary code via unspecified vectors. | ||||
| CVE-2022-35928 | 1 Aescrypt | 1 Aes Crypt | 2024-08-03 | 8.4 High |
| AES Crypt is a file encryption software for multiple platforms. AES Crypt for Linux built using the source on GitHub and having the version number 3.11 has a vulnerability with respect to reading user-provided passwords and confirmations via command-line prompts. Passwords lengths were not checked before being read. This vulnerability may lead to buffer overruns. This does _not_ affect source code found on aescrypt.com, nor is the vulnerability present when providing a password or a key via the `-p` or `-k` command-line options. The problem was fixed via in commit 68761851b and will be included in release 3.16. Users are advised to upgrade. Users unable to upgrade should us the `-p` or `-k` options to provide a password or key. | ||||
| CVE-2022-35927 | 1 Contiki-ng | 1 Contiki-ng | 2024-08-03 | 8.1 High |
| Contiki-NG is an open-source, cross-platform operating system for IoT devices. In the RPL-Classic routing protocol implementation in the Contiki-NG operating system, an incoming DODAG Information Option (DIO) control message can contain a prefix information option with a length parameter. The value of the length parameter is not validated, however, and it is possible to cause a buffer overflow when copying the prefix in the set_ip_from_prefix function. This vulnerability affects anyone running a Contiki-NG version prior to 4.7 that can receive RPL DIO messages from external parties. To obtain a patched version, users should upgrade to Contiki-NG 4.7 or later. There are no workarounds for this issue. | ||||
| CVE-2022-35161 | 1 Generalized Electric Vehicle Reverse Engineering Tool Project | 1 Generalized Electric Vehicle Reverse Engineering Tool | 2024-08-03 | 9.8 Critical |
| GVRET Stable Release as of Aug 15, 2015 was discovered to contain a buffer overflow via the handleConfigCmd function at SerialConsole.cpp. | ||||
| CVE-2022-35192 | 1 Dlink | 2 Dsl-3782, Dsl-3782 Firmware | 2024-08-03 | 7.5 High |
| D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service (DoS) via the User parameter or Pwd parameter to Login.asp. | ||||
| CVE-2022-35011 | 1 Pngdec Project | 1 Pngdec | 2024-08-03 | 8.8 High |
| PNGDec commit 8abf6be was discovered to contain a global buffer overflow via inflate_fast at /src/inffast.c. | ||||
| CVE-2022-35021 | 1 Otfcc Project | 1 Otfcc | 2024-08-03 | 6.5 Medium |
| OTFCC commit 617837b was discovered to contain a global buffer overflow via /release-x64/otfccdump+0x718693. | ||||
| CVE-2022-34998 | 1 Bitbanksoftware | 1 Jpegdec | 2024-08-03 | 7.8 High |
| JPEGDEC commit be4843c was discovered to contain a global buffer overflow via JPEGDecodeMCU at /src/jpeg.inl. | ||||
| CVE-2022-35003 | 1 Bitbanksoftware | 1 Jpegdec | 2024-08-03 | 7.8 High |
| JPEGDEC commit be4843c was discovered to contain a global buffer overflow via ucDitherBuffer at /src/jpeg.inl. | ||||
| CVE-2022-34973 | 1 Dlink | 2 Dir820la1, Dir820la1 Firmware | 2024-08-03 | 7.5 High |
| D-Link DIR820LA1_FW106B02 was discovered to contain a buffer overflow via the nextPage parameter at ping.ccp. | ||||
| CVE-2022-34823 | 1 Nec | 2 Expresscluster X, Expresscluster X Singleserversafe | 2024-08-03 | 9.8 Critical |
| Buffer overflow vulnerability in CLUSTERPRO X 5.0 for Windows and earlier, EXPRESSCLUSTER X 5.0 for Windows and earlier, CLUSTERPRO X 5.0 SingleServerSafe for Windows and earlier, EXPRESSCLUSTER X 5.0 SingleServerSafe for Windows and earlier allows a remote unauthenticated attacker to overwrite existing files on the file system and to potentially execute arbitrary code. | ||||
| CVE-2022-34740 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-08-03 | 6.5 Medium |
| The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation. | ||||
| CVE-2022-34741 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-08-03 | 6.5 Medium |
| The NFC module has a buffer overflow vulnerability. Successful exploitation of this vulnerability may cause exceptions in NFC card registration, deletion, and activation. | ||||
| CVE-2022-34484 | 2 Mozilla, Redhat | 6 Firefox, Firefox Esr, Thunderbird and 3 more | 2024-08-03 | 8.8 High |
| The Mozilla Fuzzing Team reported potential vulnerabilities present in Thunderbird 91.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 102, Firefox ESR < 91.11, Thunderbird < 102, and Thunderbird < 91.11. | ||||