Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-40757 | 1 Samsung | 1 Mtower | 2022-09-21 | N/A | 7.5 HIGH |
| A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACComputeFinal function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACComputeFinal with an excessive size value of messageLen. | |||||
| CVE-2022-40760 | 1 Samsung | 1 Mtower | 2022-09-21 | N/A | 7.5 HIGH |
| A Buffer Access with Incorrect Length Value vulnerablity in the TEE_MACUpdate function in Samsung mTower through 0.3.0 allows a trusted application to trigger a Denial of Service (DoS) by invoking the function TEE_MACUpdate with an excessive size value of chunkSize. | |||||
| CVE-2022-37302 | 1 Schneider-electric | 1 Ecostruxure Control Expert | 2022-09-15 | N/A | 5.5 MEDIUM |
| A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause a crash of the Control Expert software when an incorrect project file is opened. Affected Products: EcoStruxure Control Expert(V15.1 HF001 and prior). | |||||
| CVE-2022-38161 | 1 Gumstix | 1 Overo Sbc | 2022-09-15 | N/A | 7.5 HIGH |
| The Gumstix Overo SBC on the VSKS board through 2022-08-09, as used on the Orlan-10 and other platforms, allows unrestricted remapping of the NOR flash memory containing the bitstream for the FPGA. | |||||
| CVE-2021-40142 | 2 Opcfoundation, Siemens | 8 Local Discover Server, Simatic Net Pc, Simatic Process Historian Opc Ua Server and 5 more | 2022-09-03 | 5.0 MEDIUM | 7.5 HIGH |
| In OPC Foundation Local Discovery Server (LDS) before 1.04.402.463, remote attackers can cause a denial of service (DoS) by sending carefully crafted messages that lead to Access of a Memory Location After the End of a Buffer. | |||||
| CVE-2022-22558 | 1 Dell | 40 C4130, C4130 Firmware, C6320 and 37 more | 2022-09-01 | 3.6 LOW | 6.0 MEDIUM |
| Dell PowerEdge Server BIOS and Dell Precision Workstation 7910 and 7920 Rack BIOS contain an Improper SMM communication buffer verification vulnerability. A Local High Privileged attacker could potentially exploit this vulnerability leading to arbitrary writes or denial of service. | |||||
| CVE-2017-15275 | 4 Canonical, Debian, Redhat and 1 more | 6 Ubuntu Linux, Debian Linux, Enterprise Linux Desktop and 3 more | 2022-08-29 | 5.0 MEDIUM | 7.5 HIGH |
| Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory. | |||||
| CVE-2018-7167 | 1 Nodejs | 1 Node.js | 2022-08-29 | 5.0 MEDIUM | 7.5 HIGH |
| Calling Buffer.fill() or Buffer.alloc() with some parameters can lead to a hang which could result in a Denial of Service. In order to address this vulnerability, the implementations of Buffer.alloc() and Buffer.fill() were updated so that they zero fill instead of hanging in these cases. All versions of Node.js 6.x (LTS "Boron"), 8.x (LTS "Carbon"), and 9.x are vulnerable. All versions of Node.js 10.x (Current) are NOT vulnerable. | |||||
| CVE-2008-1105 | 3 Canonical, Debian, Samba | 3 Ubuntu Linux, Debian Linux, Samba | 2022-08-29 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the receive_smb_raw function in util/sock.c in Samba 3.0.0 through 3.0.29 allows remote attackers to execute arbitrary code via a crafted SMB response. | |||||
| CVE-2014-4049 | 3 Debian, Opensuse, Php | 3 Debian Linux, Opensuse, Php | 2022-08-29 | 5.1 MEDIUM | N/A |
| Heap-based buffer overflow in the php_parserr function in ext/standard/dns.c in PHP 5.6.0beta4 and earlier allows remote servers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted DNS TXT record, related to the dns_get_record function. | |||||
| CVE-2016-6207 | 4 Debian, Libgd, Opensuse and 1 more | 4 Debian Linux, Libgd, Leap and 1 more | 2022-08-29 | 4.3 MEDIUM | 6.5 MEDIUM |
| Integer overflow in the _gdContributionsAlloc function in gd_interpolation.c in GD Graphics Library (aka libgd) before 2.2.3 allows remote attackers to cause a denial of service (out-of-bounds memory write or memory consumption) via unspecified vectors. | |||||
| CVE-2022-35486 | 1 Otfcc Project | 1 Otfcc | 2022-08-17 | N/A | 6.5 MEDIUM |
| OTFCC v0.10.4 was discovered to contain a segmentation violation via /release-x64/otfccdump+0x6badae. | |||||
| CVE-1999-0027 | 1 Sgi | 1 Irix | 2022-08-17 | 7.2 HIGH | N/A |
| root privileges via buffer overflow in eject command on SGI IRIX systems. | |||||
| CVE-2010-3832 | 1 Apple | 2 Ipad, Iphone Os | 2022-08-09 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS before 4.2 on the iPhone and iPad allows remote attackers to execute arbitrary code on the baseband processor via a crafted Temporary Mobile Subscriber Identity (TMSI) field. | |||||
| CVE-2009-2206 | 1 Apple | 2 Iphone Os, Ipod Touch | 2022-08-09 | 6.8 MEDIUM | N/A |
| Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted (1) AAC or (2) MP3 file, as demonstrated by a ringtone with malformed entries in the sample size table. | |||||
| CVE-2010-1817 | 1 Apple | 2 Iphone Os, Ipod Touch | 2022-08-09 | 6.8 MEDIUM | N/A |
| Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file. | |||||
| CVE-2010-1753 | 1 Apple | 2 Iphone Os, Ipod Touch | 2022-08-09 | 6.8 MEDIUM | N/A |
| ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image. | |||||
| CVE-2010-1752 | 1 Apple | 2 Iphone Os, Ipod Touch | 2022-08-09 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling. | |||||
| CVE-2010-1813 | 1 Apple | 2 Iphone Os, Ipod Touch | 2022-08-09 | 6.8 MEDIUM | N/A |
| WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving HTML object outlines. | |||||
| CVE-2010-1814 | 3 Apple, Canonical, Webkitgtk | 4 Iphone Os, Ipod Touch, Ubuntu Linux and 1 more | 2022-08-09 | 6.8 MEDIUM | N/A |
| WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus. | |||||