Search Results (362454 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-40140 2 Microsoft, Trendmicro 2 Windows, Apex One 2024-11-21 5.5 Medium
An origin validation error vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to cause a denial-of-service on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
CVE-2022-40138 1 Facebook 1 Hermes 2024-11-21 9.8 Critical
An integer conversion error in Hermes bytecode generation, prior to commit 6aa825e480d48127b480b08d13adf70033237097, could have been used to perform Out-Of-Bounds operations and subsequently execute arbitrary code. Note that this is only exploitable in cases where Hermes is used to execute untrusted JavaScript. Hence, most React Native applications are not affected.
CVE-2022-40133 2 Linux, Redhat 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more 2024-11-21 6.3 Medium
A use-after-free(UAF) vulnerability was found in function 'vmw_execbuf_tie_context' in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in Linux kernel's vmwgfx driver with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).
CVE-2022-40123 1 Mojoportal 1 Mojoportal 2024-11-21 6.5 Medium
mojoPortal v2.7 was discovered to contain a path traversal vulnerability via the "f" parameter at /DesignTools/CssEditor.aspx. This vulnerability allows authenticated attackers to read arbitrary files in the system.
CVE-2022-40112 1 Totolink 2 A3002r, A3002r Firmware 2024-11-21 7.5 High
TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable Buffer Overflow via the hostname parameter in binary /bin/boa.
CVE-2022-40111 1 Totolink 2 A3002r, A3002r Firmware 2024-11-21 9.8 Critical
In TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 in the shadow.sample file, root is hardcoded in the firmware.
CVE-2022-40110 1 Totolink 2 A3002r, A3002r Firmware 2024-11-21 7.5 High
TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Buffer Overflow via /bin/boa.
CVE-2022-40109 1 Totolink 2 A3002r, A3002r Firmware 2024-11-21 9.8 Critical
TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Insecure Permissions via binary /bin/boa.
CVE-2022-40090 2 Libtiff, Redhat 2 Libtiff, Enterprise Linux 2024-11-21 6.5 Medium
An issue was discovered in function TIFFReadDirectory libtiff before 4.4.0 allows attackers to cause a denial of service via crafted TIFF file.
CVE-2022-40076 1 Tenda 2 Ac21, Ac21 Firmware 2024-11-21 7.5 High
Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: fromSetWifiGusetBasic.
CVE-2022-40075 1 Tenda 2 Ac21, Ac21 Firmware 2024-11-21 7.5 High
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, form_fast_setting_wifi_set.
CVE-2022-40074 1 Tenda 2 Ac21, Ac21 Firmware 2024-11-21 7.5 High
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, setSchedWifi.
CVE-2022-40073 1 Tenda 2 Ac21, Ac21 Firmware 2024-11-21 7.5 High
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, saveParentControlInfo.
CVE-2022-40072 1 Tenda 2 Ac21, Ac21 Firmware 2024-11-21 7.5 High
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: setSmartPowerManagement.
CVE-2022-40071 1 Tenda 2 Ac21, Ac21 Firmware 2024-11-21 7.5 High
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, formSetDeviceName.
CVE-2022-40070 1 Tenda 2 Ac21, Ac21 Firmware 2024-11-21 7.5 High
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via bin/httpd, function: formSetFirewallCfg.
CVE-2022-40069 1 Tenda 2 Ac21, Ac21 Firmware 2024-11-21 7.5 High
]Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: fromSetSysTime.
CVE-2022-40068 1 Tenda 2 Ac21, Ac21 Firmware 2024-11-21 7.5 High
Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: formSetQosBand.
CVE-2022-40067 1 Tenda 2 Ac21, Ac21 Firmware 2024-11-21 7.5 High
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: formSetVirtualSer.
CVE-2022-40047 1 Flatpress 1 Flatpress 2024-11-21 5.4 Medium
Flatpress v1.2.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the page parameter at /flatpress/admin.php.