Total
13459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-45332 | 1 Gnu | 1 Libredwg | 2025-04-24 | N/A | 7.8 HIGH |
|
LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c.
|
|||||
| CVE-2022-44367 | 1 Tenda | 2 I21, I21 Firmware | 2025-04-24 | N/A | 9.8 CRITICAL |
|
Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setUplinkInfo.
|
|||||
| CVE-2022-44362 | 1 Tenda | 2 I21, I21 Firmware | 2025-04-24 | N/A | 9.8 CRITICAL |
|
Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/AddSysLogRule.
|
|||||
| CVE-2022-44366 | 1 Tenda | 2 I21, I21 Firmware | 2025-04-24 | N/A | 9.8 CRITICAL |
|
Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setDiagnoseInfo.
|
|||||
| CVE-2022-44365 | 1 Tenda | 2 I21, I21 Firmware | 2025-04-24 | N/A | 9.8 CRITICAL |
|
Tenda i21 V1.0.0.14(4656) has a stack overflow vulnerability via /goform/setSysPwd.
|
|||||
| CVE-2022-44363 | 1 Tenda | 2 I21, I21 Firmware | 2025-04-24 | N/A | 9.8 CRITICAL |
|
Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setSnmpInfo.
|
|||||
| CVE-2022-40918 | 1 Force1rc | 2 Discovery Wifi U818a Hd\+ Fpv, Discovery Wifi U818a Hd\+ Fpv Firmware | 2025-04-24 | N/A | 9.8 CRITICAL |
|
Buffer overflow in firmware lewei_cam binary version 2.0.10 in Force 1 Discovery Wifi U818A HD+ FPV Drone allows attacker to gain remote code execution as root user via a specially crafted UDP packet. Please update the Reference section to these links > http://thiscomputer.com/ > https://www.bostoncyber.org/ > https://medium.com/@meekworth/exploiting-the-lw9621-drone-camera-module-773f00081368
|
|||||
| CVE-2022-37325 | 1 Sangoma | 1 Asterisk | 2025-04-24 | N/A | 7.5 HIGH |
|
In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x through 19.6.0, an incoming Setup message to addons/ooh323c/src/ooq931.c with a malformed Calling or Called Party IE can cause a crash.
|
|||||
| CVE-2022-32634 | 2 Google, Mediatek | 31 Android, Mt6761, Mt6765 and 28 more | 2025-04-24 | N/A | 6.7 MEDIUM |
|
In ccci, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138646; Issue ID: ALPS07138646.
|
|||||
| CVE-2022-32632 | 3 Google, Mediatek, Yoctoproject | 35 Android, Mt6580, Mt6735 and 32 more | 2025-04-24 | N/A | 6.7 MEDIUM |
|
In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441630; Issue ID: ALPS07441630.
|
|||||
| CVE-2022-32631 | 3 Google, Mediatek, Yoctoproject | 34 Android, Mt6580, Mt6739 and 31 more | 2025-04-24 | N/A | 6.7 MEDIUM |
|
In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453613; Issue ID: ALPS07453613.
|
|||||
| CVE-2022-32629 | 2 Google, Mediatek | 8 Android, Mt6833, Mt6853 and 5 more | 2025-04-24 | N/A | 6.7 MEDIUM |
|
In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310774; Issue ID: ALPS07310774.
|
|||||
| CVE-2022-32628 | 2 Google, Mediatek | 8 Android, Mt6833, Mt6853 and 5 more | 2025-04-24 | N/A | 6.7 MEDIUM |
|
In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310780; Issue ID: ALPS07310780.
|
|||||
| CVE-2022-32626 | 2 Google, Mediatek | 25 Android, Mt6761, Mt6765 and 22 more | 2025-04-24 | N/A | 6.7 MEDIUM |
|
In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326239; Issue ID: ALPS07326239.
|
|||||
| CVE-2022-32625 | 2 Google, Mediatek | 26 Android, Mt6761, Mt6765 and 23 more | 2025-04-24 | N/A | 6.7 MEDIUM |
|
In display, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326216; Issue ID: ALPS07326216.
|
|||||
| CVE-2022-32622 | 2 Google, Mediatek | 7 Android, Mt6789, Mt6855 and 4 more | 2025-04-24 | N/A | 6.7 MEDIUM |
|
In gz, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363786; Issue ID: ALPS07363786.
|
|||||
| CVE-2022-32621 | 2 Google, Mediatek | 3 Android, Mt6895, Mt6983 | 2025-04-24 | N/A | 6.4 MEDIUM |
|
In isp, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310829; Issue ID: ALPS07310829.
|
|||||
| CVE-2022-32620 | 2 Google, Mediatek | 9 Android, Mt6781, Mt6789 and 6 more | 2025-04-24 | N/A | 6.7 MEDIUM |
|
In mpu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07541753; Issue ID: ALPS07541753.
|
|||||
| CVE-2022-32619 | 2 Google, Mediatek | 52 Android, Mt6580, Mt6731 and 49 more | 2025-04-24 | N/A | 6.7 MEDIUM |
|
In keyinstall, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07439659; Issue ID: ALPS07439659.
|
|||||
| CVE-2022-32598 | 2 Google, Mediatek | 33 Android, Mt6762, Mt6765 and 30 more | 2025-04-24 | N/A | 6.7 MEDIUM |
|
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228.
|
|||||
| CVE-2022-32597 | 2 Google, Mediatek | 33 Android, Mt6762, Mt6765 and 30 more | 2025-04-24 | N/A | 6.7 MEDIUM |
|
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446228; Issue ID: ALPS07446228.
|
|||||
| CVE-2022-32596 | 2 Google, Mediatek | 33 Android, Mt6762, Mt6765 and 30 more | 2025-04-24 | N/A | 6.7 MEDIUM |
|
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446213; Issue ID: ALPS07446213.
|
|||||
| CVE-2022-32594 | 2 Google, Mediatek | 33 Android, Mt6762, Mt6765 and 30 more | 2025-04-24 | N/A | 6.7 MEDIUM |
|
In widevine, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07446207; Issue ID: ALPS07446207.
|
|||||
| CVE-2024-20101 | 2 Google, Mediatek | 17 Android, Mt3605, Mt6985 and 14 more | 2025-04-24 | N/A | 9.8 CRITICAL |
|
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998901; Issue ID: MSV-1602.
|
|||||
| CVE-2024-20103 | 2 Google, Mediatek | 14 Android, Mt3605, Mt6985 and 11 more | 2025-04-24 | N/A | 9.8 CRITICAL |
|
In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09001358; Issue ID: MSV-1599.
|
|||||
| CVE-2024-20104 | 5 Google, Linuxfoundation, Mediatek and 2 more | 24 Android, Yocto, Mt6781 and 21 more | 2025-04-24 | N/A | 8.4 HIGH |
|
In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09073261; Issue ID: MSV-1772.
|
|||||
| CVE-2022-45283 | 1 Gpac | 1 Gpac | 2025-04-24 | N/A | 7.8 HIGH |
|
GPAC MP4box v2.0.0 was discovered to contain a stack overflow in the smil_parse_time_list parameter at /scenegraph/svg_attributes.c.
|
|||||
| CVE-2022-39133 | 2 Google, Unisoc | 14 Android, S8022, Sc7731e and 11 more | 2025-04-24 | N/A | 5.5 MEDIUM |
|
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
|
|||||
| CVE-2022-39132 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-24 | N/A | 5.5 MEDIUM |
|
In camera driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
|
|||||
| CVE-2022-39129 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-24 | N/A | 5.5 MEDIUM |
|
In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
|
|||||
| CVE-2022-39106 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-04-24 | N/A | 5.5 MEDIUM |
|
In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel.
|
|||||
| CVE-2022-42772 | 2 Google, Unisoc | 14 Android, S8021, Sc7731e and 11 more | 2025-04-23 | N/A | 5.5 MEDIUM |
|
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
|
|||||
| CVE-2022-42755 | 2 Google, Unisoc | 14 Android, S8023, Sc7731e and 11 more | 2025-04-23 | N/A | 5.5 MEDIUM |
|
In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services.
|
|||||
| CVE-2022-1304 | 3 E2fsprogs Project, Fedoraproject, Redhat | 3 E2fsprogs, Fedora, Enterprise Linux | 2025-04-23 | 6.8 MEDIUM | 7.8 HIGH |
|
An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem.
|
|||||
| CVE-2021-44142 | 6 Canonical, Debian, Fedoraproject and 3 more | 23 Ubuntu Linux, Debian Linux, Fedora and 20 more | 2025-04-23 | 9.0 HIGH | 8.8 HIGH |
|
The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root.
|
|||||
| CVE-2022-2380 | 1 Linux | 1 Linux Kernel | 2025-04-23 | N/A | 5.5 MEDIUM |
|
The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel.
|
|||||
| CVE-2022-40657 | 1 Nikon | 1 Nis-elements Viewer | 2025-04-23 | N/A | 7.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD files. Crafted data in a PSD file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the curre ...
Show More |
|||||
| CVE-2023-49356 | 1 Glensawyer | 1 Mp3gain | 2025-04-23 | N/A | 7.5 HIGH |
|
A stack buffer overflow vulnerability in MP3Gain v1.6.2 allows an attacker to cause a denial of service via the WriteMP3GainAPETag function at apetag.c:592.
|
|||||
| CVE-2023-2598 | 2 Linux, Netapp | 2 Linux Kernel, Hci Baseboard Management Controller | 2025-04-23 | N/A | 7.8 HIGH |
|
A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.
|
|||||
| CVE-2023-2194 | 3 Fedoraproject, Linux, Redhat | 3 Fedora, Linux Kernel, Enterprise Linux | 2025-04-23 | N/A | 6.7 MEDIUM |
|
An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.
|
|||||