Export limit exceeded: 21457 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21457 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-27823 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Improper size check in sapefd_parse_meta_HEADER_old function of libsapeextractor library prior to SMR Apr-2022 Release 1 allows out of bounds read via a crafted media file. | ||||
| CVE-2022-27821 | 1 Google | 1 Android | 2024-11-21 | 4 Medium |
| Improper boundary check in Quram Agif library prior to SMR Apr-2022 Release 1 allows attackers to cause denial of service via crafted image file. | ||||
| CVE-2022-27813 | 1 Motorola | 4 Mtm5400, Mtm5400 Firmware, Mtm5500 and 1 more | 2024-11-21 | 8.1 High |
| Motorola MTM5000 series firmwares lack properly configured memory protection of pages shared between the OMAP-L138 ARM and DSP cores. The SoC provides two memory protection units, MPU1 and MPU2, to enforce the trust boundary between the two cores. Since both units are left unconfigured by the firmwares, an adversary with control over either core can trivially gain code execution on the other, by overwriting code located in shared RAM or DDR2 memory regions. | ||||
| CVE-2022-27791 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | N/A |
| Acrobat Reader DC versions 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) is affected by a stack-based buffer overflow vulnerability due to insecure processing of a font, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted .pdf file | ||||
| CVE-2022-27666 | 5 Debian, Fedoraproject, Linux and 2 more | 24 Debian Linux, Fedora, Linux Kernel and 21 more | 2024-11-21 | 7.8 High |
| A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat. | ||||
| CVE-2022-27612 | 1 Synology | 1 Audio Station | 2024-11-21 | 7.3 High |
| Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology Audio Station before 6.5.4-3367 allows remote attackers to execute arbitrary commands via unspecified vectors. | ||||
| CVE-2022-27607 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 8.1 High |
| Bento4 1.6.0-639 has a heap-based buffer over-read in the AP4_HvccAtom class, a different issue than CVE-2018-14531. | ||||
| CVE-2022-27572 | 1 Google | 1 Android | 2024-11-21 | 8.1 High |
| Heap-based buffer overflow vulnerability in parser_ipma function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers. | ||||
| CVE-2022-27571 | 1 Google | 1 Android | 2024-11-21 | 8.1 High |
| Heap-based buffer overflow vulnerability in sheifd_get_info_image function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker. | ||||
| CVE-2022-27570 | 1 Google | 1 Android | 2024-11-21 | 8.1 High |
| Heap-based buffer overflow vulnerability in parser_single_iref function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker. | ||||
| CVE-2022-27569 | 1 Google | 1 Android | 2024-11-21 | 8.1 High |
| Heap-based buffer overflow vulnerability in parser_infe function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker. | ||||
| CVE-2022-27568 | 1 Google | 1 Android | 2024-11-21 | 8.1 High |
| Heap-based buffer overflow vulnerability in parser_iloc function in libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attacker. | ||||
| CVE-2022-27531 | 1 Autodesk | 1 3ds Max | 2024-11-21 | 7.8 High |
| A maliciously crafted TIF file can be forced to read beyond allocated boundaries in Autodesk 3ds Max 2022, and 2021 when parsing the TIF files. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | ||||
| CVE-2022-27524 | 1 Autodesk | 1 Dwg Trueview | 2024-11-21 | 7.1 High |
| An out-of-bounds read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | ||||
| CVE-2022-27523 | 1 Autodesk | 1 Dwg Trueview | 2024-11-21 | 7.1 High |
| A buffer over-read can be exploited in Autodesk TrueView 2022 may lead to an exposure of sensitive information or a crash through using a maliciously crafted DWG file as an Input. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | ||||
| CVE-2022-27406 | 3 Fedoraproject, Freetype, Redhat | 4 Fedora, Freetype, Enterprise Linux and 1 more | 2024-11-21 | 7.5 High |
| FreeType commit 22a0cccb4d9d002f33c1ba7a4b36812c7d4f46b5 was discovered to contain a segmentation violation via the function FT_Request_Size. | ||||
| CVE-2022-27405 | 3 Fedoraproject, Freetype, Redhat | 4 Fedora, Freetype, Enterprise Linux and 1 more | 2024-11-21 | 7.5 High |
| FreeType commit 53dfdcd8198d2b3201a23c4bad9190519ba918db was discovered to contain a segmentation violation via the function FNT_Size_Request. | ||||
| CVE-2022-27387 | 3 Debian, Mariadb, Redhat | 4 Debian Linux, Mariadb, Enterprise Linux and 1 more | 2024-11-21 | 7.5 High |
| MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements. | ||||
| CVE-2022-27242 | 1 Siemens | 1 Openv2g | 2024-11-21 | 5.5 Medium |
| A vulnerability has been identified in OpenV2G (V0.9.4). The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a buffer overflow that leads to memory corruption. | ||||
| CVE-2022-27240 | 1 Glewlwyd Sso Server Project | 1 Glewlwyd Sso Server | 2024-11-21 | 9.8 Critical |
| scheme/webauthn.c in Glewlwyd SSO server 2.x before 2.6.2 has a buffer overflow associated with a webauthn assertion. | ||||