Total
13459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-34217 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2022-34038 | 1 Etcd | 1 Etcd | 2024-11-21 | N/A | 7.5 HIGH |
|
Etcd v3.5.4 allows remote attackers to cause a denial of service via function PageWriter.write in pagewriter.go. NOTE: the vendor's position is that this is not a vulnerability.
|
|||||
| CVE-2022-34035 | 1 Htmldoc Project | 1 Htmldoc | 2024-11-21 | N/A | 7.5 HIGH |
|
HTMLDoc v1.9.12 and below was discovered to contain a heap overflow via e_node htmldoc/htmldoc/html.cxx:588.
|
|||||
| CVE-2022-34033 | 1 Htmldoc Project | 1 Htmldoc | 2024-11-21 | N/A | 7.5 HIGH |
|
HTMLDoc v1.9.15 was discovered to contain a heap overflow via (write_header) /htmldoc/htmldoc/html.cxx:273.
|
|||||
| CVE-2022-33890 | 1 Autodesk | 11 Autocad, Autocad Advance Steel, Autocad Architecture and 8 more | 2024-11-21 | N/A | 7.8 HIGH |
|
A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
|
|||||
| CVE-2022-33889 | 1 Autodesk | 11 Autocad, Autocad Advance Steel, Autocad Architecture and 8 more | 2024-11-21 | N/A | 7.8 HIGH |
|
A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD 2023 and 2022 could be used to write beyond the allocated heap buffer. This vulnerability could lead to arbitrary code execution.
|
|||||
| CVE-2022-33885 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2024-11-21 | N/A | 7.8 HIGH |
|
A maliciously crafted X_B, CATIA, and PDF file when parsed through Autodesk AutoCAD 2023 and 2022 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution.
|
|||||
| CVE-2022-33883 | 1 Autodesk | 4 Advanced Material Exchange, Moldflow Adviser, Moldflow Communicator and 1 more | 2024-11-21 | N/A | 7.8 HIGH |
|
A malicious crafted file consumed through Moldflow Synergy, Moldflow Adviser, Moldflow Communicator, and Advanced Material Exchange applications could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
|
|||||
| CVE-2022-33871 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | N/A | 6.6 MEDIUM |
|
A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and earlier, 6.4 all versions, version 6.3.19 and earlier may allow a privileged attacker to execute arbitrary code or commands via specifically crafted CLI `execute backup-local rename` and `execute backup-local show` operations.
|
|||||
| CVE-2022-33730 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.8 MEDIUM |
|
Heap-based buffer overflow vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows arbitrary code execution by physical attackers.
|
|||||
| CVE-2022-33279 | 1 Qualcomm | 148 Ar9380, Ar9380 Firmware, Csr8811 and 145 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length.
|
|||||
| CVE-2022-33267 | 1 Qualcomm | 106 Aqt1000, Aqt1000 Firmware, Qca6390 and 103 more | 2024-11-21 | N/A | 6.7 MEDIUM |
|
Memory corruption in Linux while sending DRM request.
|
|||||
| CVE-2022-33264 | 1 Qualcomm | 484 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8953pro and 481 more | 2024-11-21 | N/A | 7.9 HIGH |
|
Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.
|
|||||
| CVE-2022-33260 | 1 Qualcomm | 92 Aqt1000, Aqt1000 Firmware, Qam8295p and 89 more | 2024-11-21 | N/A | 5.9 MEDIUM |
|
Memory corruption due to stack based buffer overflow in core while sending command from USB of large size.
|
|||||
| CVE-2022-33233 | 1 Qualcomm | 402 Apq8009, Apq8009 Firmware, Apq8009w and 399 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Memory corruption due to configuration weakness in modem wile sending command to write protected files.
|
|||||
| CVE-2022-33108 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
XPDF v4.04 was discovered to contain a stack overflow vulnerability via the Object::Copy class of object.cc files.
|
|||||
| CVE-2022-33099 | 2 Fedoraproject, Lua | 2 Fedora, Lua | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs.
|
|||||
| CVE-2022-33087 | 1 Tp-link | 4 Archer A5, Archer A5 Firmware, Archer C50 and 1 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
A stack overflow in the function DM_ In fillobjbystr() of TP-Link Archer C50&A5(US)_V5_200407 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.
|
|||||
| CVE-2022-33047 | 1 Otfcc Project | 1 Otfcc | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
OTFCC v0.10.4 was discovered to contain a heap buffer overflow after free via otfccbuild.c.
|
|||||
| CVE-2022-33034 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c.
|
|||||
| CVE-2022-33032 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
LibreDWG v0.12.4.4608 was discovered to contain a heap-buffer-overflow via the function decode_preR13_section_hdr at decode_r11.c.
|
|||||
| CVE-2022-33028 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function dwg_add_object at decode.c.
|
|||||
| CVE-2022-33026 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
LibreDWG v0.12.4.4608 was discovered to contain a heap buffer overflow via the function bit_calc_CRC at bits.c.
|
|||||
| CVE-2022-33007 | 1 Trendnet | 4 Tew-751dr, Tew-751dr Firmware, Tew-752dru and 1 more | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
|
TRENDnet Wi-Fi routers TEW751DR v1.03 and TEW-752DRU v1.03 were discovered to contain a stack overflow via the function genacgi_main.
|
|||||
| CVE-2022-32961 | 1 Hinet | 1 Hicos Natural Person Credential Component Client | 2024-11-21 | N/A | 6.8 MEDIUM |
|
HICOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for token information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system data or terminate service.
|
|||||
| CVE-2022-32960 | 1 Hinet | 1 Hicos Natural Person Credential Component Client | 2024-11-21 | N/A | 6.8 MEDIUM |
|
HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for card number. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system data or terminate service.
|
|||||
| CVE-2022-32959 | 1 Hinet | 1 Hicos Natural Person Credential Component Client | 2024-11-21 | N/A | 6.8 MEDIUM |
|
HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for OS information. An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system data or terminate service.
|
|||||
| CVE-2022-32897 | 1 Apple | 1 Macos | 2024-11-21 | N/A | 7.8 HIGH |
|
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.5. Processing a maliciously crafted tiff file may lead to arbitrary code execution.
|
|||||
| CVE-2022-32863 | 1 Apple | 2 Macos, Safari | 2024-11-21 | N/A | 9.8 CRITICAL |
|
A memory corruption issue was addressed with improved state management. This issue is fixed in Safari 15.6, macOS Monterey 12.5. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2022-32593 | 2 Google, Mediatek | 2 Android, Mt6983 | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In vowe, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138493; Issue ID: ALPS07138493.
|
|||||
| CVE-2022-32592 | 3 Google, Linuxfoundation, Mediatek | 17 Android, Yocto, Mt6855 and 14 more | 2024-11-21 | N/A | 6.7 MEDIUM |
|
In cpu dvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07139405; Issue ID: ALPS07139405.
|
|||||
| CVE-2022-32588 | 1 Accusoft | 1 Imagegear | 2024-11-21 | N/A | 7.8 HIGH |
|
An out-of-bounds write vulnerability exists in the PICT parsing pctwread_14841 functionality of Accusoft ImageGear 20.0. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability.
|
|||||
| CVE-2022-32575 | 1 Intel | 1 Trace Analyzer And Collector | 2024-11-21 | N/A | 4.8 MEDIUM |
|
Out-of-bounds write in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2022-32493 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2024-11-21 | N/A | 6.0 MEDIUM |
|
Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.
|
|||||
| CVE-2022-32441 | 1 Hex-rays | 1 Ida | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service (DoS) via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at msvcrt!memcpy+0x0000000000000056.
|
|||||
| CVE-2022-32434 | 1 Opener Project | 1 Opener | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
EIPStackGroup OpENer v2.3.0 was discovered to contain a stack overflow via /bin/posix/src/ports/POSIX/OpENer+0x56073d.
|
|||||
| CVE-2022-32386 | 1 Tendacn | 2 Ac23 Ac2100, Ac23 Ac2100 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Tenda AC23 v16.03.07.44 was discovered to contain a buffer overflow via fromAdvSetMacMtuWan.
|
|||||
| CVE-2022-32385 | 1 Tendacn | 2 Ac23 Ac2100, Ac23 Ac2100 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Tenda AC23 v16.03.07.44 is vulnerable to Stack Overflow that will allow for the execution of arbitrary code (remote).
|
|||||
| CVE-2022-32384 | 1 Tendacn | 2 Ac23 Ac2100, Ac23 Ac2100 Firmware | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
|
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the security_5g parameter in the function formWifiBasicSet.
|
|||||
| CVE-2022-32383 | 1 Tendacn | 2 Ac23 Ac2100, Ac23 Ac2100 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Tenda AC23 v16.03.07.44 was discovered to contain a stack overflow via the AdvSetMacMtuWan function.
|
|||||