Total
13459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-34819 | 1 Siemens | 30 Simatic Cp 1242-7 V2, Simatic Cp 1242-7 V2 Firmware, Simatic Cp 1243-1 and 27 more | 2024-11-21 | 9.3 HIGH | 10.0 CRITICAL |
|
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 LTE US (All versions < V3.3.46), SIMATIC CP 1243-8 IRC (All versions < V3.3.46), SIMATIC CP 1542SP-1 IRC (All versions >= V2.0 < V2.2.28), SIMATIC CP 1543-1 (All versions < V3.0.22), SIMATIC CP 1543SP-1 (All versions >= V2.0 < V2.2.28), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions >= V2.0 < ...
Show More |
|||||
| CVE-2022-34759 | 1 Schneider-electric | 4 Opc Ua Module For M580, Opc Ua Module For M580 Firmware, X80 Advanced Rtu Module and 1 more | 2024-11-21 | N/A | 7.5 HIGH |
|
A CWE-787: Out-of-bounds Write vulnerability exists that could cause a denial of service of the webserver due to improper parsing of the HTTP Headers. Affected Products: X80 advanced RTU Communication Module (BMENOR2200H) (V1.0), OPC UA Modicon Communication Module (BMENUA0100) (V1.10 and prior)
|
|||||
| CVE-2022-34748 | 1 Siemens | 1 Simcenter Femap | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A vulnerability has been identified in Simcenter Femap (All versions < V2022.2). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-17293)
|
|||||
| CVE-2022-34742 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The system module has a read/write vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.
|
|||||
| CVE-2022-34667 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2024-11-21 | N/A | 4.4 MEDIUM |
|
NVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow vulnerability in cuobjdump, where an unprivileged remote attacker could exploit this buffer overflow condition by persuading a local user to download a specially crafted corrupted file and execute cuobjdump against it locally, which may lead to a limited denial of service and some loss of data integrity for the local user.
|
|||||
| CVE-2022-34610 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the URL /ihomers/app.
|
|||||
| CVE-2022-34609 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /doping.asp.
|
|||||
| CVE-2022-34608 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ajaxmsg parameter at /AJAX/ajaxget.
|
|||||
| CVE-2022-34607 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /doping.asp.
|
|||||
| CVE-2022-34606 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditvsList parameter at /dotrace.asp.
|
|||||
| CVE-2022-34605 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the HOST parameter at /dotrace.asp.
|
|||||
| CVE-2022-34604 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the INTF parameter at /dotrace.asp.
|
|||||
| CVE-2022-34603 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the DelDNSHnList interface at /goform/aspForm.
|
|||||
| CVE-2022-34602 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the ipqos_lanip_editlist interface at /goform/aspForm.
|
|||||
| CVE-2022-34601 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the Delstlist interface at /goform/aspForm.
|
|||||
| CVE-2022-34600 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EditSTList interface at /goform/aspForm.
|
|||||
| CVE-2022-34599 | 1 H3c | 2 Magic R200, Magic R200 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
|
H3C Magic R200 R200V200R004L02 was discovered to contain a stack overflow via the EdittriggerList interface at /goform/aspForm.
|
|||||
| CVE-2022-34528 | 1 Dlink | 2 Dsl-3782, Dsl-3782 Firmware | 2024-11-21 | N/A | 8.8 HIGH |
|
D-Link DSL-3782 v1.03 and below was discovered to contain a stack overflow via the function getAttrValue.
|
|||||
| CVE-2022-34526 | 4 Debian, Fedoraproject, Libtiff and 1 more | 5 Debian Linux, Fedora, Libtiff and 2 more | 2024-11-21 | N/A | 6.5 MEDIUM |
|
A stack overflow was discovered in the _TIFFVGetField function of Tiffsplit v4.4.0. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted TIFF file parsed by the "tiffsplit" or "tiffcrop" utilities.
|
|||||
| CVE-2022-34503 | 1 Qpdf Project | 1 Qpdf | 2024-11-21 | N/A | 6.5 MEDIUM |
|
QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF::processXRefStream. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.
|
|||||
| CVE-2022-34502 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Radare2 v5.7.0 was discovered to contain a heap buffer overflow via the function consume_encoded_name_new at format/wasm/wasm.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted binary file.
|
|||||
| CVE-2022-34454 | 1 Dell | 1 Emc Powerscale Onefs | 2024-11-21 | N/A | 6.7 MEDIUM |
|
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a heap-based buffer overflow. A local privileged malicious user could potentially exploit this vulnerability, leading to system takeover. This impacts compliance mode clusters.
|
|||||
| CVE-2022-34424 | 1 Dell | 1 Smartfabric Os10 | 2024-11-21 | N/A | 7.5 HIGH |
|
Networking OS10, versions 10.5.1.x, 10.5.2.x, and 10.5.3.x contain a vulnerability that could allow an attacker to cause a system crash by running particular security scans.
|
|||||
| CVE-2022-34403 | 1 Dell | 166 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 163 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM.
|
|||||
| CVE-2022-34401 | 1 Dell | 6 Alienware M15 A6, Alienware M15 A6 Firmware, Alienware M17 R5 and 3 more | 2024-11-21 | N/A | 7.5 HIGH |
|
Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM.
|
|||||
| CVE-2022-34400 | 1 Dell | 166 Alienware M15 R6, Alienware M15 R6 Firmware, Alienware M15 R7 and 163 more | 2024-11-21 | N/A | 7.1 HIGH |
|
Dell BIOS contains a heap buffer overflow vulnerability. A local attacker with admin privileges could potentially exploit this vulnerability to perform an arbitrary write to SMRAM during SMM.
|
|||||
| CVE-2022-34291 | 1 Siemens | 1 Pads Viewer | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-057, FG-VD-22-058, FG-VD-22-060)
|
|||||
| CVE-2022-34290 | 1 Siemens | 1 Pads Viewer | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-055)
|
|||||
| CVE-2022-34289 | 1 Siemens | 1 Pads Viewer | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-054)
|
|||||
| CVE-2022-34287 | 1 Siemens | 1 Pads Viewer | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains a stack corruption vulnerability while parsing PCB files. An attacker could leverage this vulnerability to leak information in the context of the current process. (FG-VD-22-052, FG-VD-22-056)
|
|||||
| CVE-2022-34286 | 1 Siemens | 1 Pads Viewer | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-051)
|
|||||
| CVE-2022-34284 | 1 Siemens | 1 Pads Viewer | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-049)
|
|||||
| CVE-2022-34276 | 1 Siemens | 1 Pads Viewer | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-041)
|
|||||
| CVE-2022-34275 | 1 Siemens | 1 Pads Viewer | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-040)
|
|||||
| CVE-2022-34274 | 1 Siemens | 1 Pads Viewer | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-039)
|
|||||
| CVE-2022-34273 | 1 Siemens | 1 Pads Viewer | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A vulnerability has been identified in PADS Standard/Plus Viewer (All versions). The affected application contains an out of bounds write past the end of an allocated structure while parsing specially crafted PCB files. This could allow an attacker to execute code in the context of the current process. (FG-VD-22-038)
|
|||||
| CVE-2022-34260 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-11-21 | N/A | 7.8 HIGH |
|
Adobe Illustrator versions 26.3.1 (and earlier) and 25.4.6 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2022-34251 | 3 Adobe, Apple, Microsoft | 3 Incopy, Macos, Windows | 2024-11-21 | N/A | 7.8 HIGH |
|
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2022-34247 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-11-21 | N/A | 7.8 HIGH |
|
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2022-34245 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-11-21 | N/A | 7.8 HIGH |
|
Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||