Total
13459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-23400 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
|
A stack-based buffer overflow vulnerability exists in the IGXMPXMLParser::parseDelimiter functionality of Accusoft ImageGear 19.10. A specially-crafted PSD file can overflow a stack buffer, which could either lead to denial of service or, depending on the application, to an information leak. An attacker can provide a malicious file to trigger this vulnerability.
|
|||||
| CVE-2022-23399 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2024-11-21 | N/A | 9.8 CRITICAL |
|
A stack-based buffer overflow vulnerability exists in the confsrv set_port_fwd_rule functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.
|
|||||
| CVE-2022-23318 | 1 Pcf2bdf Project | 1 Pcf2bdf | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
|
A heap-buffer-overflow in pcf2bdf, versions >= 1.05 allows an attacker to trigger unsafe memory access via a specially crafted PCF font file. This out-of-bound read may lead to an application crash, information disclosure via program memory or other context-dependent impact.
|
|||||
| CVE-2022-23205 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
Adobe Photoshop versions 22.5.6 (and earlier)and 23.2.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2022-23200 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Adobe After Effects versions 22.1.1 (and earlier) and 18.4.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2022-23186 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2022-23103 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2024-11-21 | N/A | 9.8 CRITICAL |
|
A stack-based buffer overflow vulnerability exists in the confsrv confctl_set_app_language functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.
|
|||||
| CVE-2022-23006 | 1 Westerndigital | 6 My Cloud Home, My Cloud Home Duo, My Cloud Home Duo Firmware and 3 more | 2024-11-21 | N/A | 1.8 LOW |
|
A stack-based buffer overflow vulnerability was found on Western Digital My Cloud Home, My Cloud Home Duo, and SanDisk ibi that could allow an attacker accessing the system locally to read information from /etc/version file. This vulnerability can only be exploited by chaining it with another issue. If an attacker is able to carry out a remote code execution attack, they can gain access to the vulnerable file, due to the presence of insecure functions in code. User interaction is required for ex ...
Show More |
|||||
| CVE-2022-22899 | 1 Coreftp | 1 Core Ftp | 2024-11-21 | 2.6 LOW | 5.5 MEDIUM |
|
Core FTP / SFTP Server v2 Build 725 was discovered to allow unauthenticated attackers to cause a Denial of Service (DoS) via a crafted packet through the SSH service.
|
|||||
| CVE-2022-22895 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Jerryscript 3.0.0 was discovered to contain a heap-buffer-overflow via ecma_utf8_string_to_number_by_radix in /jerry-core/ecma/base/ecma-helpers-conversion.c.
|
|||||
| CVE-2022-22894 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_lcache_lookup in /jerry-core/ecma/base/ecma-lcache.c.
|
|||||
| CVE-2022-22893 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Jerryscript 3.0.0 was discovered to contain a stack overflow via vm_loop.lto_priv.304 in /jerry-core/vm/vm.c.
|
|||||
| CVE-2022-22888 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Jerryscript 3.0.0 was discovered to contain a stack overflow via ecma_op_object_find_own in /ecma/operations/ecma-objects.c.
|
|||||
| CVE-2022-22752 | 1 Mozilla | 1 Firefox | 2024-11-21 | N/A | 8.8 HIGH |
|
Mozilla developers Christian Holler and Jason Kratzer reported memory safety bugs present in Firefox 95. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 96.
|
|||||
| CVE-2022-22707 | 2 Debian, Lighttpd | 2 Debian Linux, Lighttpd | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
|
In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.
|
|||||
| CVE-2022-22672 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 15.4 and iPadOS 15.4, Security Update 2022-003 Catalina, macOS Monterey 12.3, macOS Big Sur 11.6.5. A malicious application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2022-22666 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, watchOS 8.5. Processing a maliciously crafted image may lead to heap corruption.
|
|||||
| CVE-2022-22651 | 1 Apple | 1 Macos | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.3. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.
|
|||||
| CVE-2022-22640 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Monterey 12.3, watchOS 8.5. An application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2022-22636 | 1 Apple | 3 Ipados, Iphone Os, Tvos | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. An application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2022-22635 | 1 Apple | 3 Ipados, Iphone Os, Tvos | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4. An application may be able to gain elevated privileges.
|
|||||
| CVE-2022-22633 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, macOS Monterey 12.3. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution.
|
|||||
| CVE-2022-22631 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to gain elevated privileges.
|
|||||
| CVE-2022-22613 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, macOS Big Sur 11.6.5, Security Update 2022-003 Catalina, watchOS 8.5, macOS Monterey 12.3. An application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2022-22612 | 1 Apple | 6 Ipados, Iphone Os, Itunes and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A memory consumption issue was addressed with improved memory handling. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to heap corruption.
|
|||||
| CVE-2022-22597 | 1 Apple | 2 Mac Os X, Macos | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted file may lead to arbitrary code execution.
|
|||||
| CVE-2022-22596 | 1 Apple | 3 Ipados, Iphone Os, Watchos | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4. An application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2022-22591 | 1 Apple | 1 Macos | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2022-22586 | 1 Apple | 1 Macos | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2022-22584 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4, macOS Monterey 12.2. Processing a maliciously crafted file may lead to arbitrary code execution.
|
|||||
| CVE-2022-22323 | 2 Ibm, Microsoft | 2 Security Verify Password Synchronization, Active Directory | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in. An authenticated attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 218379.
|
|||||
| CVE-2022-22312 | 2 Ibm, Microsoft | 2 Security Verify Password Synchronization, Active Directory | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
IBM Security Identity Manager (IBM Security Verify Password Synchronization Plug-in for Windows AD 10.x) is vulnerable to a denial of service, caused by a heap-based buffer overflow in the Password Synch Plug-in. An authenticated attacker could exploit this vulnerability to cause a denial of service. IBM X-Force ID: 217369.
|
|||||
| CVE-2022-22274 | 1 Sonicwall | 33 Nsa 2700, Nsa 3700, Nsa 4700 and 30 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
A Stack-based buffer overflow vulnerability in the SonicOS via HTTP request allows a remote unauthenticated attacker to cause Denial of Service (DoS) or potentially results in code execution in the firewall.
|
|||||
| CVE-2022-22100 | 1 Qualcomm | 34 Apq8096au, Apq8096au Firmware, Qam8295p and 31 more | 2024-11-21 | N/A | 8.4 HIGH |
|
Memory corruption in multimedia due to improper check on received export descriptors in Snapdragon Auto
|
|||||
| CVE-2022-22096 | 1 Qualcomm | 113 Aqt1000, Aqt1000 Firmware, Qca6390 and 110 more | 2024-11-21 | N/A | 9.8 CRITICAL |
|
Memory corruption in Bluetooth HOST due to stack-based buffer overflow when when extracting data using command length parameter in Snapdragon Connectivity, Snapdragon Mobile
|
|||||
| CVE-2022-22085 | 1 Qualcomm | 309 Apq8009, Apq8009 Firmware, Apq8009w and 306 more | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
|
Memory corruption in video due to buffer overflow while reading the dts file in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
|
|||||
| CVE-2022-22084 | 1 Qualcomm | 305 Apq8009, Apq8009 Firmware, Apq8009w and 302 more | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
|
Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
|
|||||
| CVE-2022-22080 | 1 Qualcomm | 224 Apq8053, Apq8053 Firmware, Apq8096au and 221 more | 2024-11-21 | N/A | 8.4 HIGH |
|
Improper validation of backend id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
|
|||||
| CVE-2022-22070 | 1 Qualcomm | 289 Aqt1000, Aqt1000 Firmware, Ar8031 and 286 more | 2024-11-21 | N/A | 7.8 HIGH |
|
Memory corruption in audio due to lack of check of invalid routing address into APR Routing table in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
|
|||||
| CVE-2022-22063 | 1 Qualcomm | 16 Apq8096au, Apq8096au Firmware, Mdm9640 and 13 more | 2024-11-21 | N/A | 8.4 HIGH |
|
Memory corruption in Core due to improper configuration in boot remapper.
|
|||||