Total
2602 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-30268 | 1 Qualcomm | 274 Apq8009w, Apq8009w Firmware, Apq8017 and 271 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
| Possible heap Memory Corruption Issue due to lack of input validation when sending HWTC IQ Capture command in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2021-30303 | 1 Qualcomm | 478 Apq8009, Apq8009 Firmware, Apq8017 and 475 more | 2022-01-12 | 7.2 HIGH | 7.8 HIGH |
| Possible buffer overflow due to lack of buffer length check when segmented WMI command is received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-30298 | 1 Qualcomm | 122 Ar8031, Ar8031 Firmware, Ar8035 and 119 more | 2022-01-12 | 4.6 MEDIUM | 7.8 HIGH |
| Possible out of bound access due to improper validation of item size and DIAG memory pools data while switching between USB and PCIE interface in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-30351 | 1 Qualcomm | 392 Apq8009, Apq8009 Firmware, Apq8009w and 389 more | 2022-01-12 | 7.5 HIGH | 9.8 CRITICAL |
| An out of bound memory access can occur due to improper validation of number of frames being passed during music playback in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2021-38687 | 1 Qnap | 2 Qts, Surveillance Station | 2022-01-10 | 7.5 HIGH | 9.8 CRITICAL |
| A stack buffer overflow vulnerability has been reported to affect QNAP NAS running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. We have already fixed this vulnerability in the following versions of Surveillance Station: QTS 5.0.0 (64 bit): Surveillance Station 5.2.0.4.2 ( 2021/10/26 ) and later QTS 5.0.0 (32 bit): Surveillance Station 5.2.0.3.2 ( 2021/10/26 ) and later QTS 4.3.6 (64 bit): Surveillance Station 5.1.5.4.6 ( 2021/10/26 ) and later QTS 4.3.6 (32 bit): Surveillance Station 5.1.5.3.6 ( 2021/10/26 ) and later QTS 4.3.3: Surveillance Station 5.1.5.3.6 ( 2021/10/26 ) and later | |||||
| CVE-2021-45610 | 1 Netgear | 56 D6220, D6220 Firmware, D6400 and 53 more | 2022-01-10 | 10.0 HIGH | 9.8 CRITICAL |
| Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D6220 before 1.0.0.66, D6400 before 1.0.0.100, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, DC112A before 1.0.0.52, DGN2200v4 before 1.0.0.118, EAX80 before 1.0.1.64, R6250 before 1.0.4.48, R7000 before 1.0.11.110, R7100LG before 1.0.0.72, R7900 before 1.0.4.30, R7960P before 1.4.1.64, R8000 before 1.0.4.62, RAX200 before 1.0.3.106, RS400 before 1.5.1.80, XR300 before 1.0.3.68, R6400v2 before 1.0.4.106, R7000P before 1.3.2.132, R8000P before 1.4.1.64, RAX20 before 1.0.2.82, RAX45 before 1.0.2.82, RAX80 before 1.0.3.106, R6700v3 before 1.0.4.106, R6900P before 1.3.2.132, R7900P before 1.4.1.64, RAX15 before 1.0.2.82, RAX50 before 1.0.2.82, and RAX75 before 1.0.3.106. | |||||
| CVE-2021-36724 | 1 Forescout | 1 Secureconnector | 2022-01-10 | 2.1 LOW | 5.5 MEDIUM |
| ForeScout - SecureConnector Local Service DoS - A low privilaged user which doesn't have permissions to shutdown the secure connector service writes a large amount of characters in the installationPath. This will cause the buffer to overflow and override the stack cookie causing the service to crash. | |||||
| CVE-2021-45527 | 1 Netgear | 72 D6220, D6220 Firmware, D6400 and 69 more | 2022-01-10 | 6.5 MEDIUM | 9.8 CRITICAL |
| Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.68, D6400 before 1.0.0.102, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, DC112A before 1.0.0.54, EX7000 before 1.0.1.94, EX7500 before 1.0.0.72, R6250 before 1.0.4.48, R6300v2 before 1.0.4.52, R6400 before 1.0.1.70, R6400v2 before 1.0.4.102, R6700v3 before 1.0.4.102, R7000 before 1.0.11.116, R7100LG before 1.0.0.64, R7850 before 1.0.5.68, R7900 before 1.0.4.30, R7960P before 1.4.1.68, R8000 before 1.0.4.52, RAX200 before 1.0.2.88, RBS40V before 2.6.2.4, RS400 before 1.5.1.80, XR300 before 1.0.3.56, R7000P before 1.3.2.124, R8000P before 1.4.1.68, R8500 before 1.0.2.144, RAX80 before 1.0.3.102, R6900P before 1.3.2.124, R7900P before 1.4.1.68, R8300 before 1.0.2.144, RAX75 before 1.0.3.102, RBR750 before 3.2.17.12, RBR850 before 3.2.17.12, RBS750 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, and RBK852 before 3.2.17.12. | |||||
| CVE-2021-45611 | 1 Netgear | 18 Dc112a, Dc112a Firmware, R6400 and 15 more | 2022-01-07 | 7.5 HIGH | 9.8 CRITICAL |
| Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects DC112A before 1.0.0.52, R6400 before 1.0.1.68, RAX200 before 1.0.3.106, WNDR3400v3 before 1.0.1.38, XR300 before 1.0.3.68, R8500 before 1.0.2.144, RAX75 before 1.0.3.106, R8300 before 1.0.2.144, and RAX80 before 1.0.3.106. | |||||
| CVE-2021-45609 | 1 Netgear | 20 D8500, D8500 Firmware, R6250 and 17 more | 2022-01-07 | 7.5 HIGH | 9.8 CRITICAL |
| Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D8500 before 1.0.3.58, R6250 before 1.0.4.48, R7000 before 1.0.11.116, R7100LG before 1.0.0.64, R7900 before 1.0.4.38, R8300 before 1.0.2.144, R8500 before 1.0.2.144, XR300 before 1.0.3.68, R7000P before 1.3.2.132, and R6900P before 1.3.2.132. | |||||
| CVE-2021-45530 | 1 Netgear | 24 R7000, R7000 Firmware, R7000p and 21 more | 2022-01-07 | 6.5 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R7000 before 1.0.11.126, R7960P before 1.4.2.84, R8000 before 1.0.4.74, RAX200 before 1.0.4.120, R8000P before 1.4.2.84, RAX20 before 1.0.2.82, RAX45 before 1.0.2.82, RAX80 before 1.0.4.120, R7900P before 1.4.2.84, RAX15 before 1.0.2.82, RAX50 before 1.0.2.82, and RAX75 before 1.0.4.120. | |||||
| CVE-2021-20166 | 1 Netgear | 2 Rax43, Rax43 Firmware | 2022-01-07 | 5.8 MEDIUM | 8.8 HIGH |
| Netgear RAX43 version 1.0.3.96 contains a buffer overrun vulnerability. The URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection control flow of the applicaiton. | |||||
| CVE-2019-20082 | 1 Asus | 2 Rt-n53, Rt-n53 Firmware | 2022-01-07 | 7.5 HIGH | 9.8 CRITICAL |
| ASUS RT-N53 3.0.0.4.376.3754 devices have a buffer overflow via a long lan_dns1_x or lan_dns2_x parameter to Advanced_LAN_Content.asp. | |||||
| CVE-2021-45526 | 1 Netgear | 28 Ex6000, Ex6000 Firmware, Ex6120 and 25 more | 2022-01-07 | 6.5 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects EX6000 before 1.0.0.38, EX6120 before 1.0.0.48, EX6130 before 1.0.0.30, R6300v2 before 1.0.4.52, R6400 before 1.0.1.52, R7000 before 1.0.11.126, R7900 before 1.0.4.30, R8000 before 1.0.4.52, R7000P before 1.3.2.124, R8000P before 1.4.1.50, RAX80 before 1.0.3.88, R6900P before 1.3.2.124, R7900P before 1.4.1.50, and RAX75 before 1.0.3.88. | |||||
| CVE-2021-45525 | 1 Netgear | 30 Ex7000, Ex7000 Firmware, R6400 and 27 more | 2022-01-07 | 6.5 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects EX7000 before 1.0.1.80, R6400 before 1.0.1.50, R6400v2 before 1.0.4.118, R6700 before 1.0.2.8, R6700v3 before 1.0.4.118, R6900 before 1.0.2.8, R6900P before 1.3.2.124, R7000 before 1.0.9.88, R7000P before 1.3.2.124, R7900 before 1.0.3.18, R7900P before 1.4.1.50, R8000 before 1.0.4.46, R8000P before 1.4.1.50, RAX80 before 1.0.1.56, and WNR3500Lv2 before 1.2.0.62. | |||||
| CVE-2021-45529 | 1 Netgear | 20 Cbr40, Cbr40 Firmware, D7000v2 and 17 more | 2022-01-06 | 6.5 MEDIUM | 7.2 HIGH |
| Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects CBR40 before 2.3.5.12, D7000v2 before 1.0.0.66, D8500 before 1.0.3.58, R6400 before 1.0.1.70, R7000 before 1.0.11.126, R6900P before 1.3.2.124, R7000P before 1.3.2.124, R7900 before 1.0.4.30, R8000 before 1.0.4.52, and WNR3500Lv2 before 1.2.0.62. | |||||
| CVE-2021-45528 | 1 Netgear | 22 R6300v2, R6300v2 Firmware, R6400 and 19 more | 2022-01-06 | 6.5 MEDIUM | 7.2 HIGH |
| Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects R6300v2 before 1.0.4.52, R6400 before 1.0.1.52, R6900 before 1.0.2.8, R7000 before 1.0.9.88, R7900 before 1.0.3.18, R8000 before 1.0.4.46, R7900P before 1.4.1.50, R8000P before 1.4.1.50, RAX75 before 1.0.3.88, RAX80 before 1.0.3.88, and WNR3500Lv2 before 1.2.0.62. | |||||
| CVE-2021-45523 | 1 Netgear | 2 R7000, R7000 Firmware | 2022-01-04 | 6.8 MEDIUM | 6.5 MEDIUM |
| NETGEAR R7000 devices before 1.0.9.42 are affected by a buffer overflow by an authenticated user. | |||||
| CVE-2021-45524 | 1 Netgear | 2 R8000, R8000 Firmware | 2022-01-04 | 9.0 HIGH | 9.1 CRITICAL |
| NETGEAR R8000 devices before 1.0.4.62 are affected by a buffer overflow by an authenticated user. | |||||
| CVE-2019-17061 | 1 Cypress | 2 Psoc 4, Psoc 4 Ble | 2022-01-01 | 6.1 MEDIUM | 6.5 MEDIUM |
| The Bluetooth Low Energy (BLE) stack implementation on Cypress PSoC 4 through 3.62 devices does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID (LLID) equal to zero. This allows attackers within radio range to cause deadlocks, cause anomalous behavior in the BLE state machine, or trigger a buffer overflow via a crafted BLE Link Layer frame. | |||||