Export limit exceeded: 45735 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 43717 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43717 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-26718 | 1 Apple | 1 Macos | 2024-11-21 | 7.8 High |
| An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An application may be able to gain elevated privileges. | ||||
| CVE-2022-26711 | 1 Apple | 6 Ipados, Iphone Os, Itunes and 3 more | 2024-11-21 | 9.8 Critical |
| An integer overflow issue was addressed with improved input validation. This issue is fixed in tvOS 15.5, iTunes 12.12.4 for Windows, iOS 15.5 and iPadOS 15.5, watchOS 8.6, macOS Monterey 12.4. A remote attacker may be able to cause unexpected application termination or arbitrary code execution. | ||||
| CVE-2022-26698 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 7.1 High |
| An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. | ||||
| CVE-2022-26697 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 7.1 High |
| An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory. | ||||
| CVE-2022-26674 | 1 Asus | 2 Rt-ax88u, Rt-ax88u Firmware | 2024-11-21 | 9.8 Critical |
| ASUS RT-AX88U has a Format String vulnerability, which allows an unauthenticated remote attacker to write to arbitrary memory address and perform remote arbitrary code execution, arbitrary system operation or disrupt service. | ||||
| CVE-2022-26650 | 1 Apache | 1 Shenyu | 2024-11-21 | 7.5 High |
| In Apache ShenYui, ShenYu-Bootstrap, RegexPredicateJudge.java uses Pattern.matches(conditionData.getParamValue(), realData) to make judgments, where both parameters are controllable by the user. This can cause an attacker pass in malicious regular expressions and characters causing a resource exhaustion. This issue affects Apache ShenYu (incubating) 2.4.0, 2.4.1 and 2.4.2 and is fixed in 2.4.3. | ||||
| CVE-2022-26642 | 1 Tp-link | 2 Tl-wr840n, Tl-wr840n Firmware | 2024-11-21 | 7.2 High |
| TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the X_TP_ClonedMACAddress parameter. | ||||
| CVE-2022-26641 | 1 Tp-link | 2 Tl-wr840n, Tl-wr840n Firmware | 2024-11-21 | 7.2 High |
| TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the httpRemotePort parameter. | ||||
| CVE-2022-26640 | 1 Tp-link | 2 Tl-wr840n, Tl-wr840n Firmware | 2024-11-21 | 7.2 High |
| TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the minAddress parameter. | ||||
| CVE-2022-26639 | 1 Tp-link | 2 Tl-wr840n, Tl-wr840n Firmware | 2024-11-21 | 7.2 High |
| TP-LINK TL-WR840N(ES)_V6.20 was discovered to contain a buffer overflow via the DNSServers parameter. | ||||
| CVE-2022-26529 | 3 Google, Linux, Realtek | 3 Android, Linux Kernel, Bluetooth Mesh Software Development Kit | 2024-11-21 | 6.5 Medium |
| Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for segmented packets’ link parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service. | ||||
| CVE-2022-26528 | 3 Google, Linux, Realtek | 3 Android, Linux Kernel, Bluetooth Mesh Software Development Kit | 2024-11-21 | 6.5 Medium |
| Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the length of segmented packets’ shift parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service. | ||||
| CVE-2022-26527 | 3 Google, Linux, Realtek | 3 Android, Linux Kernel, Bluetooth Mesh Software Development Kit | 2024-11-21 | 6.5 Medium |
| Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the size of segmented packets’ reference parameter. An unauthenticated attacker in the adjacent network can exploit this vulnerability to cause buffer overflow and disrupt service. | ||||
| CVE-2022-26495 | 3 Debian, Fedoraproject, Network Block Device Project | 3 Debian Linux, Fedora, Network Block Device | 2024-11-21 | 9.8 Critical |
| In nbd-server in nbd before 3.24, there is an integer overflow with a resultant heap-based buffer overflow. A value of 0xffffffff in the name length field will cause a zero-sized buffer to be allocated for the name, resulting in a write to a dangling pointer. This issue exists for the NBD_OPT_INFO, NBD_OPT_GO, and NBD_OPT_EXPORT_NAME messages. | ||||
| CVE-2022-26474 | 2 Google, Mediatek | 6 Android, Mt6789, Mt6855 and 3 more | 2024-11-21 | 6.7 Medium |
| In sensorhub, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07129717; Issue ID: ALPS07129717. | ||||
| CVE-2022-26466 | 3 Google, Mediatek, Yoctoproject | 24 Android, Mt6779, Mt6781 and 21 more | 2024-11-21 | 6.7 Medium |
| In audio ipi, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558777; Issue ID: ALPS06558777. | ||||
| CVE-2022-26463 | 2 Google, Mediatek | 15 Android, Mt6833, Mt6853 and 12 more | 2024-11-21 | 4.4 Medium |
| In vow, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032686; Issue ID: ALPS07032686. | ||||
| CVE-2022-26462 | 2 Google, Mediatek | 15 Android, Mt6833, Mt6853 and 12 more | 2024-11-21 | 4.4 Medium |
| In vow, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032660; Issue ID: ALPS07032660. | ||||
| CVE-2022-26459 | 2 Google, Mediatek | 15 Android, Mt6833, Mt6853 and 12 more | 2024-11-21 | 4.4 Medium |
| In vow, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032634; Issue ID: ALPS07032634. | ||||
| CVE-2022-26454 | 2 Google, Mediatek | 17 Android, Mt6761, Mt6765 and 14 more | 2024-11-21 | 6.7 Medium |
| In teei, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06664701; Issue ID: ALPS06664701. | ||||