Export limit exceeded: 349000 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43744 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-38830 | 1 Tenda | 2 Rx9 Pro, Rx9 Pro Firmware | 2024-11-21 | 9.8 Critical |
| Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/setIPv6Status. | ||||
| CVE-2022-38829 | 1 Tenda | 2 Rx9 Pro, Rx9 Pro Firmware | 2024-11-21 | 9.8 Critical |
| Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/setMacFilterCfg. | ||||
| CVE-2022-38827 | 1 Totolink | 2 T6, T6 Firmware | 2024-11-21 | 9.8 Critical |
| TOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to Buffer Overflow via cstecgi.cgi | ||||
| CVE-2022-38784 | 4 Debian, Fedoraproject, Freedesktop and 1 more | 4 Debian Linux, Fedora, Poppler and 1 more | 2024-11-21 | 7.8 High |
| Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf. | ||||
| CVE-2022-38752 | 2 Redhat, Snakeyaml Project | 9 Amq Streams, Camel Spring Boot, Jboss Data Grid and 6 more | 2024-11-21 | 6.5 Medium |
| Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stack-overflow. | ||||
| CVE-2022-38750 | 3 Debian, Redhat, Snakeyaml Project | 9 Debian Linux, Amq Broker, Camel Spring Boot and 6 more | 2024-11-21 | 6.5 Medium |
| Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. | ||||
| CVE-2022-38749 | 3 Debian, Redhat, Snakeyaml Project | 11 Debian Linux, Amq Broker, Amq Clients and 8 more | 2024-11-21 | 6.5 Medium |
| Using snakeYAML to parse untrusted YAML files may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. | ||||
| CVE-2022-38701 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-11-21 | 6.2 Medium |
| OpenHarmony-v3.1.2 and prior versions have a heap overflow vulnerability. Local attackers can trigger a heap overflow and get network sensitive information. | ||||
| CVE-2022-38671 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | 5.5 Medium |
| In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | ||||
| CVE-2022-38533 | 2 Fedoraproject, Gnu | 2 Fedora, Binutils | 2024-11-21 | 5.5 Medium |
| In GNU Binutils before 2.40, there is a heap-buffer-overflow in the error function bfd_getl32 when called from the strip_main function in strip-new via a crafted file. | ||||
| CVE-2022-38528 | 1 Assimp | 1 Assimp | 2024-11-21 | 6.5 Medium |
| Open Asset Import Library (assimp) commit 3c253ca was discovered to contain a segmentation violation via the component Assimp::XFileImporter::CreateMeshes. | ||||
| CVE-2022-38510 | 1 Tenda | 2 Tx9 Pro, Tx9 Pro Firmware | 2024-11-21 | 7.8 High |
| Tenda_TX9pro V22.03.02.10 was discovered to contain a buffer overflow via the component httpd/SetNetControlList. | ||||
| CVE-2022-38393 | 1 Asus | 2 Rt-ax82u, Rt-ax82u Firmware | 2024-11-21 | 7.5 High |
| A denial of service vulnerability exists in the cfg_server cm_processConnDiagPktList opcode of Asus RT-AX82U 3.0.0.4.386_49674-ge182230 router's configuration service. A specially-crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability. | ||||
| CVE-2022-38333 | 1 Openwrt | 1 Openwrt | 2024-11-21 | 7.5 High |
| Openwrt before v21.02.3 and Openwrt v22.03.0-rc6 were discovered to contain two skip loops in the function header_value(). This vulnerability allows attackers to access sensitive information via a crafted HTTP request. | ||||
| CVE-2022-38326 | 1 Tendacn | 4 Ac15, Ac15 Firmware, Ac18 and 1 more | 2024-11-21 | 9.8 Critical |
| Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting. | ||||
| CVE-2022-38325 | 1 Tendacn | 4 Ac15, Ac15 Firmware, Ac18 and 1 more | 2024-11-21 | 9.8 Critical |
| Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the filePath parameter at /goform/expandDlnaFile. | ||||
| CVE-2022-38236 | 1 Xpdf Project | 1 Xpdf | 2024-11-21 | 7.8 High |
| XPDF commit ffaf11c was discovered to contain a global-buffer overflow via Lexer::getObj(Object*) at /xpdf/Lexer.cc. | ||||
| CVE-2022-38221 | 3 Linux, Microsoft, The Isle Evrima Project | 3 Linux Kernel, Windows, The Isle Evrima | 2024-11-21 | 9.8 Critical |
| A buffer overflow in the FTcpListener thread in The Isle Evrima (the dedicated server on Windows and Linux) 0.9.88.07 before 2022-08-12 allows a remote attacker to crash any server with an accessible RCON port, or possibly execute arbitrary code. | ||||
| CVE-2022-38216 | 1 Mapbox | 1 Maps Software Development Kit | 2024-11-21 | 7.5 High |
| An integer overflow exists in Mapbox's closed source gl-native library prior to version 10.6.1, which is bundled with multiple Mapbox products including open source libraries. The overflow is caused by large image height and width values when creating a new Image and allows for out of bounds writes, potentially crashing the Mapbox process. | ||||
| CVE-2022-38179 | 1 Jetbrains | 1 Ktor | 2024-11-21 | 4.7 Medium |
| JetBrains Ktor before 2.1.0 was vulnerable to the Reflect File Download attack | ||||