Total
3900 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-32529 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | N/A | 9.8 CRITICAL |
|
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted log data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)
|
|||||
| CVE-2022-32527 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | N/A | 9.8 CRITICAL |
|
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm cache data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)
|
|||||
| CVE-2022-32526 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | N/A | 9.8 CRITICAL |
|
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted setting value messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)
|
|||||
| CVE-2022-32525 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | N/A | 9.8 CRITICAL |
|
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)
|
|||||
| CVE-2022-32524 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | N/A | 9.8 CRITICAL |
|
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted time reduced data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)
|
|||||
| CVE-2022-32523 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | N/A | 9.8 CRITICAL |
|
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted online data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)
|
|||||
| CVE-2022-32522 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | N/A | 9.8 CRITICAL |
|
A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted mathematically reduced data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170)
|
|||||
| CVE-2022-32504 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
|
An issue was discovered on certain Nuki Home Solutions devices. The code used to parse the JSON objects received from the WebSocket service provided by the device leads to a stack buffer overflow. An attacker would be able to exploit this to gain arbitrary code execution on a KeyTurner device. This affects Nuki Smart Lock 3.0 before 3.3.5 and 2.0 before 2.12.4, as well as Nuki Bridge v1 before 1.22.0 and v2 before 2.13.2.
|
|||||
| CVE-2022-32491 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2024-11-21 | N/A | 4.1 MEDIUM |
|
Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during SMM.
|
|||||
| CVE-2022-32406 | 1 Gtkradiant Project | 1 Gtkradiant | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
GtkRadiant v1.6.6 was discovered to contain a buffer overflow via the component q3map2. This vulnerability can cause a Denial of Service (DoS) via a crafted MAP file.
|
|||||
| CVE-2022-32140 | 1 Codesys | 2 Plcwinnt, Runtime Toolkit | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Multiple CODESYS products are affected to a buffer overflow.A low privileged remote attacker may craft a request, which can cause a buffer copy without checking the size of the service, resulting in a denial-of-service condition. User Interaction is not required.
|
|||||
| CVE-2022-32096 | 1 Rhonabwy Project | 1 Rhonabwy | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Rhonabwy before v1.1.5 was discovered to contain a buffer overflow via the component r_jwe_aesgcm_key_unwrap. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted JWE token.
|
|||||
| CVE-2022-31784 | 1 Mitel | 2 Mivoice Business, Mivoice Business Express | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
|
A vulnerability in the management interface of MiVoice Business through 9.3 PR1 and MiVoice Business Express through 8.0 SP3 PR3 could allow an unauthenticated attacker (that has network access to the management interface) to conduct a buffer overflow attack due to insufficient validation of URL parameters. A successful exploit could allow arbitrary code execution.
|
|||||
| CVE-2022-31626 | 2 Debian, Php | 2 Debian Linux, Php | 2024-11-21 | 6.0 MEDIUM | 7.5 HIGH |
|
In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdo_mysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can lead to a remote code execution vulnerability.
|
|||||
| CVE-2022-31482 | 2 Carrier, Hidglobal | 28 Lenels2 Lnl-4420, Lenels2 Lnl-4420 Firmware, Lenels2 Lnl-x2210 and 25 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
An unauthenticated attacker can send a specially crafted unauthenticated HTTP request to the device that can overflow a buffer. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.29. The overflowed data leads to segmentation fault and ultimately a denial-of-service condition, causing the device to reboot. The impact of this vulnerability is that an unauthenticated attacker could le ...
Show More |
|||||
| CVE-2022-31481 | 2 Carrier, Hidglobal | 28 Lenels2 Lnl-4420, Lenels2 Lnl-4420 Firmware, Lenels2 Lnl-x2210 and 25 more | 2024-11-21 | 7.5 HIGH | 10.0 CRITICAL |
|
An unauthenticated attacker can send a specially crafted update file to the device that can overflow a buffer. This vulnerability impacts products based on HID Mercury Intelligent Controllers LP1501, LP1502, LP2500, LP4502, and EP4502 which contain firmware versions prior to 1.302 for the LP series and 1.296 for the EP series. The overflowed data can allow the attacker to manipulate the “normal” code execution to that of their choosing. An attacker with this level of access on the device can mon ...
Show More |
|||||
| CVE-2022-31209 | 1 Infiray | 2 Iray-a8z3, Iray-a8z3 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
An issue was discovered in Infiray IRAY-A8Z3 1.0.957. The firmware contains a potential buffer overflow by calling strcpy() without checking the string length beforehand.
|
|||||
| CVE-2022-31019 | 1 Vapor | 1 Vapor | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Vapor is a server-side Swift HTTP web framework. When using automatic content decoding an attacker can craft a request body that can make the server crash with the following request: `curl -d "array[_0][0][array][_0][0][array]$(for f in $(seq 1100); do echo -n '[_0][0][array]'; done)[string][_0]=hello%20world" http://localhost:8080/foo`. The issue is unbounded, attacker controlled stack growth which will at some point lead to a stack overflow and a process crash. This issue has been fixed in ver ...
Show More |
|||||
| CVE-2022-30984 | 3 Linux, Opengroup, Rubrik | 3 Linux Kernel, Unix, Cdm | 2024-11-21 | N/A | 7.8 HIGH |
|
A buffer overflow vulnerability in the Rubrik Backup Service (RBS) Agent for Linux or Unix-based systems in Rubrik CDM 7.0.1, 7.0.1-p1, 7.0.1-p2 or 7.0.1-p3 before CDM 7.0.2-p2 could allow a local attacker to obtain root privileges by sending a crafted message to the RBS agent.
|
|||||
| CVE-2022-30950 | 1 Jenkins | 1 Wmi Windows Agents | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Jenkins WMI Windows Agents Plugin 1.8 and earlier includes the Windows Remote Command library which has a buffer overflow vulnerability that may allow users able to connect to a named pipe to execute commands on the Windows agent machine.
|
|||||
| CVE-2022-30067 | 1 Gimp | 1 Gimp | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
GIMP 2.10.30 and 2.99.10 are vulnerable to Buffer Overflow. Through a crafted XCF file, the program will allocate for a huge amount of memory, resulting in insufficient memory or program crash.
|
|||||
| CVE-2022-30055 | 2 Mersenne, Microsoft | 2 Prime95, Windows | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Prime95 30.7 build 9 suffers from a Buffer Overflow vulnerability that could lead to Remote Code Execution.
|
|||||
| CVE-2022-30033 | 1 Tenda | 2 Tx9 Pro, Tx9 Pro Firmware | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
Tenda TX9 Pro V22.03.02.10 is vulnerable to Buffer Overflow via the functtion setIPv6Status() in httpd module.
|
|||||
| CVE-2022-30024 | 1 Tp-link | 6 Tl-wr841, Tl-wr841 Firmware, Tl-wr841n and 3 more | 2024-11-21 | N/A | 8.8 HIGH |
|
A buffer overflow in the httpd daemon on TP-Link TL-WR841N V12 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for the System Tools of the Wi-Fi network. This affects TL-WR841 V12 TL-WR841N(EU)_V12_160624 and TL-WR841 V11 TL-WR841N(EU)_V11_160325 , TL-WR841N_V11_150616 and TL-WR841 V10 TL-WR841N_V10_150310 are also affected.
|
|||||
| CVE-2022-2211 | 2 Libguestfs, Redhat | 2 Libguestfs, Enterprise Linux | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
A vulnerability was found in libguestfs. This issue occurs while calculating the greatest possible number of matching keys in the get_keys() function. This flaw leads to a denial of service, either by mistake or malicious actor.
|
|||||
| CVE-2022-2078 | 3 Debian, Linux, Redhat | 4 Debian Linux, Linux Kernel, Enterprise Linux and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
A vulnerability was found in the Linux kernel's nft_set_desc_concat_parse() function .This flaw allows an attacker to trigger a buffer overflow via nft_set_desc_concat_parse() , causing a denial of service and possibly to run code.
|
|||||
| CVE-2022-29797 | 1 Huawei | 2 Cv81-wdm, Cv81-wdm Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
There is a buffer overflow vulnerability in CV81-WDM FW 01.70.49.29.46. Successful exploitation of this vulnerability may lead to privilege escalation.
|
|||||
| CVE-2022-29654 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Buffer overflow vulnerability in quote_for_pmake in asm/nasm.c in nasm before 2.15.05 allows attackers to cause a denial of service via crafted file.
|
|||||
| CVE-2022-29591 | 1 Tenda | 2 Tx9 Pro, Tx9 Pro Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
Tenda TX9 Pro 22.03.02.10 devices have a SetNetControlList buffer overflow.
|
|||||
| CVE-2022-29242 | 1 Gost Engine Project | 1 Gost Engine | 2024-11-21 | 5.0 MEDIUM | 5.9 MEDIUM |
|
GOST engine is a reference implementation of the Russian GOST crypto algorithms for OpenSSL. TLS clients using GOST engine when ciphersuite `TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC` is agreed and the server uses 512 bit GOST secret keys are vulnerable to buffer overflow. GOST engine version 3.0.1 contains a patch for this issue. Disabling ciphersuite `TLS_GOSTR341112_256_WITH_KUZNYECHIK_CTR_OMAC` is a possible workaround.
|
|||||
| CVE-2022-29210 | 1 Google | 1 Tensorflow | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
TensorFlow is an open source platform for machine learning. In version 2.8.0, the `TensorKey` hash function used total estimated `AllocatedBytes()`, which (a) is an estimate per tensor, and (b) is a very poor hash function for constants (e.g. `int32_t`). It also tried to access individual tensor bytes through `tensor.data()` of size `AllocatedBytes()`. This led to ASAN failures because the `AllocatedBytes()` is an estimate of total bytes allocated by a tensor, including any pointed-to constructs ...
Show More |
|||||
| CVE-2022-29189 | 1 Pion | 1 Dtls | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Prior to version 2.1.4, a buffer that was used for inbound network traffic had no upper limit. Pion DTLS would buffer all network traffic from the remote user until the handshake completes or timed out. An attacker could exploit this to cause excessive memory usage. Version 2.1.4 contains a patch for this issue. There are currently no known workarounds available.
|
|||||
| CVE-2022-28994 | 1 Smallsrv | 1 Small Http Server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Small HTTP Server version 3.06 suffers from a remote buffer overflow vulnerability via long GET request.
|
|||||
| CVE-2022-28480 | 1 Allmediaserver | 1 Allmediaserver | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
ALLMediaServer 1.6 is vulnerable to Buffer Overflow via MediaServer.exe.
|
|||||
| CVE-2022-27881 | 1 Openbsd | 1 Openbsd | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
engine.c in slaacd in OpenBSD 6.9 and 7.0 before 2022-02-21 has a buffer overflow triggerable by an IPv6 router advertisement with more than seven nameservers. NOTE: privilege separation and pledge can prevent exploitation.
|
|||||
| CVE-2022-27643 | 1 Netgear | 54 D6220, D6220 Firmware, D6400 and 51 more | 2024-11-21 | N/A | 8.8 HIGH |
|
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700v3 1.0.4.120_10.0.91 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SOAP requests. When parsing the SOAPAction header, the process does not properly validate the length of user-supplied data prior to copying it to a buffer. An attacker can leverage this vulnerability to execute code in the context of root. ...
Show More |
|||||
| CVE-2022-27612 | 1 Synology | 1 Audio Station | 2024-11-21 | N/A | 7.3 HIGH |
|
Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in cgi component in Synology Audio Station before 6.5.4-3367 allows remote attackers to execute arbitrary commands via unspecified vectors.
|
|||||
| CVE-2022-27387 | 2 Debian, Mariadb | 2 Debian Linux, Mariadb | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements.
|
|||||
| CVE-2022-27242 | 1 Siemens | 1 Openv2g | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
A vulnerability has been identified in OpenV2G (V0.9.4). The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a buffer overflow that leads to memory corruption.
|
|||||
| CVE-2022-27240 | 1 Glewlwyd Sso Server Project | 1 Glewlwyd Sso Server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
scheme/webauthn.c in Glewlwyd SSO server 2.x before 2.6.2 has a buffer overflow associated with a webauthn assertion.
|
|||||