Total
11965 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-7480 | 2 Netapp, Php | 2 Clustered Data Ontap, Php | 2022-07-20 | 7.5 HIGH | 9.8 CRITICAL |
| The SplObjectStorage unserialize implementation in ext/spl/spl_observer.c in PHP before 7.0.12 does not verify that a key is an object, which allows remote attackers to execute arbitrary code or cause a denial of service (uninitialized memory access) via crafted serialized data. | |||||
| CVE-2021-44975 | 1 Radare | 1 Radare2 | 2022-07-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| radareorg radare2 5.5.2 is vulnerable to Buffer Overflow via /libr/core/anal_objc.c mach-o parser. | |||||
| CVE-2021-42659 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2022-07-12 | 6.1 MEDIUM | 6.5 MEDIUM |
| There is a buffer overflow vulnerability in the Web server httpd of the router in Tenda router devices such as Tenda AC9 V1.0 V15.03.02.19(6318) and Tenda AC9 V3.0 V15.03.06.42_multi. When setting the virtual service, the httpd program will crash and exit when the super-long list parameter occurs. | |||||
| CVE-2020-6867 | 1 Zte | 1 Zenic One R22b | 2022-07-12 | 2.1 LOW | 5.5 MEDIUM |
| ZTE's SDON controller is impacted by the resource management error vulnerability. When RPC is frequently called by other applications in the case of mass traffic data in the system, it will result in no response for a long time and memory overflow risk. This affects: ZENIC ONE R22b versions V16.19.10P02SP002 and V16.19.10P02SP005. | |||||
| CVE-2020-7452 | 1 Freebsd | 1 Freebsd | 2022-07-12 | 9.0 HIGH | 9.1 CRITICAL |
| In FreeBSD 12.1-STABLE before r357490, 12.1-RELEASE before 12.1-RELEASE-p3, 11.3-STABLE before r357489, and 11.3-RELEASE before 11.3-RELEASE-p7, incorrect use of a user-controlled pointer in the epair virtual network module allowed vnet jailed privileged users to panic the host system and potentially execute arbitrary code in the kernel. | |||||
| CVE-2021-35098 | 1 Qualcomm | 172 Apq8053, Apq8053 Firmware, Apq8096au and 169 more | 2022-06-24 | 4.6 MEDIUM | 6.7 MEDIUM |
| Improper validation of session id in PCM routing process can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-40157 | 1 Autodesk | 1 Fbx Review | 2022-06-16 | 9.3 HIGH | 7.8 HIGH |
| A user may be tricked into opening a malicious FBX file which may exploit an Untrusted Pointer Dereference vulnerability in FBX’s Review version 1.5.0 and prior causing it to run arbitrary code on the system. | |||||
| CVE-2021-44018 | 1 Siemens | 3 Jt2go, Solid Edge, Teamcenter Visualization | 2022-06-14 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V13.2.0.7), Solid Edge SE2021 (All versions < SE2021MP9), Solid Edge SE2022 (All versions < SE2022MP1), Teamcenter Visualization V13.1 (All versions < V13.1.0.9), Teamcenter Visualization V13.2 (All versions < V13.2.0.7), Teamcenter Visualization V13.3 (All versions < V13.3.0.1). The plmxmlAdapterSE70.dll library is vulnerable to memory corruption condition while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-15112) | |||||
| CVE-2017-2920 | 1 Pl32 | 1 Photoline | 2022-06-13 | 6.8 MEDIUM | 7.8 HIGH |
| An memory corruption vulnerability exists in the .SVG parsing functionality of Computerinsel Photoline 20.02. A specially crafted .SVG file can cause a vulnerability resulting in memory corruption, which can potentially lead to arbitrary code execution. An attacker can send a specific .SVG file to trigger this vulnerability. | |||||
| CVE-2017-17740 | 4 Mcafee, Openldap, Opensuse and 1 more | 4 Policy Auditor, Openldap, Leap and 1 more | 2022-06-13 | 5.0 MEDIUM | 7.5 HIGH |
| contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation. | |||||
| CVE-2020-13573 | 1 Rockwellautomation | 1 Rslinx | 2022-06-07 | 5.0 MEDIUM | 7.5 HIGH |
| A denial-of-service vulnerability exists in the Ethernet/IP server functionality of Rockwell Automation RSLinx Classic 2.57.00.14 CPR 9 SR 3. A specially crafted network request can lead to a denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability. | |||||
| CVE-2017-2880 | 1 Pl32 | 1 Photoline | 2022-06-07 | 6.8 MEDIUM | 7.8 HIGH |
| An memory corruption vulnerability exists in the .GIF parsing functionality of Computerinsel Photoline 20.02. A specially crafted .GIF file can cause a vulnerability resulting in potential code execution. An attacker can send specific .GIF file to trigger this vulnerability. | |||||
| CVE-2018-4025 | 1 Anker-in | 2 Roav Dashcam A1, Roav Dashcam A1 Firmware | 2022-06-07 | 7.8 HIGH | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the XML_GetRawEncJpg Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an invalid memory dereference, resulting in a device reboot. | |||||
| CVE-2016-1453 | 1 Cisco | 1 Nx-os | 2022-06-05 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow in the Overlay Transport Virtualization (OTV) GRE feature in Cisco NX-OS 5.0 through 7.3 on Nexus 7000 and 7700 devices allows remote attackers to execute arbitrary code via long parameters in a packet header, aka Bug ID CSCuy95701. | |||||
| CVE-2017-6429 | 1 Broadcom | 1 Tcpreplay | 2022-06-03 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow in the tcpcapinfo utility in Tcpreplay before 4.2.0 Beta 1 allows remote attackers to have unspecified impact via a pcap file with an over-size packet. | |||||
| CVE-2013-6691 | 1 Cisco | 1 Adaptive Security Appliance Software | 2022-06-02 | 6.8 MEDIUM | N/A |
| The WebVPN CIFS implementation in Cisco Adaptive Security Appliance (ASA) Software 9.0(.4.1) and earlier allows remote CIFS servers to cause a denial of service (device reload) via a long share list, aka Bug ID CSCuj83344. | |||||
| CVE-2021-26369 | 1 Amd | 99 Athlon 3050ge, Athlon 3050ge Firmware, Athlon 3150g and 96 more | 2022-06-01 | 4.6 MEDIUM | 7.8 HIGH |
| A malicious or compromised UApp or ABL may be used by an attacker to send a malformed system call to the bootloader, resulting in out-of-bounds memory accesses. | |||||
| CVE-2016-9427 | 3 Bdwgc Project, Debian, Opensuse | 4 Bdwgc, Debian Linux, Leap and 1 more | 2022-06-01 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow vulnerability in bdwgc before 2016-09-27 allows attackers to cause client of bdwgc denial of service (heap buffer overflow crash) and possibly execute arbitrary code via huge allocation. | |||||
| CVE-2017-14266 | 1 Broadcom | 1 Tcpreplay | 2022-06-01 | 6.8 MEDIUM | 7.8 HIGH |
| tcprewrite in Tcpreplay 3.4.4 has a Heap-Based Buffer Overflow vulnerability triggered by a crafted PCAP file, a related issue to CVE-2016-6160. | |||||
| CVE-2021-26378 | 1 Amd | 167 Epyc 7232p, Epyc 7232p Firmware, Epyc 7252 and 164 more | 2022-06-01 | 4.9 MEDIUM | 5.5 MEDIUM |
| Insufficient bound checks in the System Management Unit (SMU) may result in access to an invalid address space that could result in denial of service. | |||||