Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-40152 | 2 Fasterxml, Xstream | 2 Woodstox, Xstream | 2025-05-23 | N/A | 7.5 HIGH |
| Those using Woodstox to parse XML data may be vulnerable to Denial of Service attacks (DOS) if DTD support is enabled. If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack. | |||||
| CVE-2022-40151 | 1 Xstream | 1 Xstream | 2025-05-23 | N/A | 7.5 HIGH |
| Those using Xstream to seralize XML data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack. | |||||
| CVE-2022-35094 | 1 Swftools | 1 Swftools | 2025-05-23 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc. | |||||
| CVE-2022-35095 | 1 Swftools | 1 Swftools | 2025-05-23 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a segmentation violation via InfoOutputDev::type3D1 at /pdf/InfoOutputDev.cc. | |||||
| CVE-2022-35093 | 1 Swftools | 1 Swftools | 2025-05-23 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a global buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc. | |||||
| CVE-2022-35096 | 1 Swftools | 1 Swftools | 2025-05-23 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at /gfxpoly/stroke.c. | |||||
| CVE-2025-4788 | 1 Freefloat | 1 Freefloat Ftp Server | 2025-05-23 | N/A | 9.8 CRITICAL |
| A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality of the component DELETE Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4789 | 1 Freefloat | 1 Freefloat Ftp Server | 2025-05-23 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component LCD Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4790 | 1 Freefloat | 1 Freefloat Ftp Server | 2025-05-23 | N/A | 9.8 CRITICAL |
| A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component GLOB Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4791 | 1 Freefloat | 1 Freefloat Ftp Server | 2025-05-23 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. This vulnerability affects unknown code of the component HASH Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-36761 | 1 Gfx-rs | 2 Naga, Wgpu | 2025-05-23 | N/A | 9.8 CRITICAL |
| naga v0.14.0 was discovered to contain a stack overflow via the component /wgsl/parse/mod.rs. | |||||
| CVE-2022-35097 | 1 Swftools | 1 Swftools | 2025-05-22 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a segmentation violation via FoFiTrueType::writeTTF at /xpdf/FoFiTrueType.cc. | |||||
| CVE-2022-40862 | 1 Tendacn | 4 Ac15, Ac15 Firmware, Ac18 and 1 more | 2025-05-22 | N/A | 9.8 CRITICAL |
| Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting | |||||
| CVE-2022-40864 | 1 Tendacn | 4 Ac15, Ac15 Firmware, Ac18 and 1 more | 2025-05-22 | N/A | 9.8 CRITICAL |
| Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet | |||||
| CVE-2022-40853 | 1 Tendacn | 2 Ac15, Ac15 Firmware | 2025-05-22 | N/A | 9.8 CRITICAL |
| Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at /goform/fast_setting_wifi_set | |||||
| CVE-2022-40860 | 1 Tendacn | 2 Ac15, Ac15 Firmware | 2025-05-22 | N/A | 9.8 CRITICAL |
| Tenda AC15 router V15.03.05.19 contains a stack overflow vulnerability in the function formSetQosBand->FUN_0007dd20 with request /goform/SetNetControlList | |||||
| CVE-2022-40851 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-05-22 | N/A | 9.8 CRITICAL |
| Tenda AC15 V15.03.05.19 contained a stack overflow via the function fromAddressNat. | |||||
| CVE-2022-35092 | 1 Swftools | 1 Swftools | 2025-05-22 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a segmentation violation via convert_gfxline at /gfxpoly/convert.c. | |||||
| CVE-2022-40855 | 1 Tenda | 2 W20e, W20e Firmware | 2025-05-22 | N/A | 9.8 CRITICAL |
| Tenda W20E router V15.11.0.6 contains a stack overflow in the function formSetPortMapping with post request 'goform/setPortMapping/'. This vulnerability allows attackers to cause a Denial of Service (DoS) or Remote Code Execution (RCE) via the portMappingServer, portMappingProtocol, portMappingWan, porMappingtInternal, and portMappingExternal parameters. | |||||
| CVE-2022-40867 | 1 Tenda | 2 W20e, W20e Firmware | 2025-05-22 | N/A | 9.8 CRITICAL |
| Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formIPMacBindDel with the request /goform/delIpMacBind/ | |||||