Search Results (21032 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-37808 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the index parameter in the function formWifiWpsOOB.
CVE-2022-37807 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function formSetClientState.
CVE-2022-37806 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromDhcpListClient.
CVE-2022-37805 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the function fromWizardHandle.
CVE-2022-37804 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter in the function saveParentControlInfo.
CVE-2022-37803 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromAddressNat.
CVE-2022-37802 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the page parameter in the function fromNatStaticSetting.
CVE-2022-37801 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetQosBand.
CVE-2022-37800 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function fromSetRouteStatic.
CVE-2022-37799 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the time parameter at the function setSmartPowerManagement.
CVE-2022-37798 1 Tenda 2 Ac1206, Ac1206 Firmware 2024-11-21 9.8 Critical
Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the list parameter at the function formSetVirtualSer.
CVE-2022-37781 1 Fdkaac Project 1 Fdkaac 2024-11-21 7.8 High
fdkaac v1.0.3 was discovered to contain a heap buffer overflow via __interceptor_memcpy.part.46 at /sanitizer_common/sanitizer_common_interceptors.inc.
CVE-2022-37452 2 Debian, Exim 2 Debian Linux, Exim 2024-11-21 9.8 Critical
Exim before 4.95 has a heap-based buffer overflow for the alias list in host_name_lookup in host.c when sender_host_name is set.
CVE-2022-37415 1 Uniwill 1 Sparkio.sys 2024-11-21 7.8 High
The Uniwill SparkIO.sys driver 1.0 is vulnerable to a stack-based buffer overflow via IOCTL 0x40002008.
CVE-2022-37331 1 Openbabel 1 Open Babel 2024-11-21 7.3 High
An out-of-bounds write vulnerability exists in the Gaussian format orientation functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2022-37292 1 Tenda 2 Ax12, Ax12 Firmware 2024-11-21 5.5 Medium
Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow. This overflow is triggered in the sub_42FDE4 function, which satisfies the request of the upper-level interface function sub_430124, that is, handles the post request under /goform/SetIpMacBind.
CVE-2022-37175 1 Tenda 2 Ac15, Ac15 Firmware 2024-11-21 9.8 Critical
Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet.
CVE-2022-37149 1 Wavlink 2 Wl-wn575a3, Wl-wn575a3 Firmware 2024-11-21 9.8 Critical
WAVLINK WL-WN575A3 RPT75A3.V4300.201217 was discovered to contain a command injection vulnerability when operating the file adm.cgi. This vulnerability allows attackers to execute arbitrary commands via the username parameter.
CVE-2022-37130 1 Dlink 2 Dir-816, Dir-816 Firmware 2024-11-21 9.8 Critical
In D-Link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img a command injection vulnerability occurs in /goform/Diagnosis, after the condition is met, setnum will be spliced into v10 by snprintf, and the system will be executed, resulting in a command injection vulnerability
CVE-2022-37129 1 Dlink 2 Dir-816, Dir-816 Firmware 2024-11-21 8.8 High
D-Link DIR-816 A2_v1.10CNB04.img is vulnerable to Command Injection via /goform/SystemCommand. After the user passes in the command parameter, it will be spliced into byte_4836B0 by snprintf, and finally doSystem(&byte_4836B0); will be executed, resulting in a command injection.