Export limit exceeded: 18781 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20105 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-29324 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the proto parameter in /goform/form2IPQoSTcAdd. | ||||
| CVE-2022-29323 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the MAC parameter in /goform/editassignment. | ||||
| CVE-2022-29322 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the IPADDR and nvmacaddr parameters in /goform/form2Dhcpip. | ||||
| CVE-2022-29321 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a stack overflow via the lanip parameter in /goform/setNetworkLan. | ||||
| CVE-2022-29080 | 1 Npm-dependency-versions Project | 1 Npm-dependency-versions | 2024-11-21 | 9.8 Critical |
| The npm-dependency-versions package through 0.3.0 for Node.js allows command injection if an attacker is able to call dependencyVersions with a JSON object in which pkgs is a key, and there are shell metacharacters in a value. | ||||
| CVE-2022-29077 | 1 Ripple | 1 Rippled | 2024-11-21 | 9.8 Critical |
| A heap-based buffer overflow exists in rippled before 1.8.5. The vulnerability allows attackers to cause a crash or execute commands remotely on a rippled node, which may lead to XRPL mainnet DoS or compromise. This exposes all digital assets on the XRPL to a security threat. | ||||
| CVE-2022-29061 | 1 Fortinet | 1 Fortisoar | 2024-11-21 | 7.2 High |
| An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSOAR before 7.2.1 allows an authenticated attacker to execute unauthorized code or commands via crafted HTTP GET requests. | ||||
| CVE-2022-29013 | 1 Razer | 2 Sila, Sila Firmware | 2024-11-21 | 9.8 Critical |
| A command injection in the command parameter of Razer Sila Gaming Router v2.0.441_api-2.0.418 allows attackers to execute arbitrary commands via a crafted POST request. | ||||
| CVE-2022-28998 | 1 Xlightftpd | 1 Xlight Ftp | 2024-11-21 | 8.1 High |
| Xlight FTP v3.9.3.2 was discovered to contain a stack-based buffer overflow which allows attackers to leak sensitive information via crafted code. | ||||
| CVE-2022-28990 | 1 Wasm3 Project | 1 Wasm3 | 2024-11-21 | 7.8 High |
| WASM3 v0.5.0 was discovered to contain a heap overflow via the component /wabt/bin/poc.wasm. | ||||
| CVE-2022-28973 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the wanMTU parameter in the function fromAdvSetMacMtuWan. This vulnerability allows attackers to cause a Denial of Service (DoS). | ||||
| CVE-2022-28972 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS). | ||||
| CVE-2022-28971 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetIpMacBind. This vulnerability allows attackers to cause a Denial of Service (DoS). | ||||
| CVE-2022-28970 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a heap overflow via the mac parameter in the function GetParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS). | ||||
| CVE-2022-28969 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the shareSpeed parameter in the function fromSetWifiGusetBasic. This vulnerability allows attackers to cause a Denial of Service (DoS). | ||||
| CVE-2022-28966 | 1 Wasm3 Project | 1 Wasm3 | 2024-11-21 | 5.5 Medium |
| Wasm3 0.5.0 has a heap-based buffer overflow in NewCodePage in m3_code.c (called indirectly from Compile_BranchTable in m3_compile.c). | ||||
| CVE-2022-28917 | 1 Tenda | 2 Ax12, Ax12 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX12 v22.03.01.21_cn was discovered to contain a stack overflow via the lanIp parameter in /goform/AdvSetLanIp. | ||||
| CVE-2022-28915 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DIR-816 A2_v1.10CNB04 was discovered to contain a command injection vulnerability via the admuser and admpass parameters in /goform/setSysAdm. | ||||
| CVE-2022-28913 | 1 Totolink | 2 N600r, N600r Firmware | 2024-11-21 | 9.8 Critical |
| TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUploadSetting. | ||||
| CVE-2022-28912 | 1 Totolink | 2 N600r, N600r Firmware | 2024-11-21 | 9.8 Critical |
| TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability via the filename parameter in /setting/setUpgradeFW. | ||||