Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-38555 | 1 Linksys | 2 E1200, E1200 Firmware | 2022-09-01 | N/A | 9.8 CRITICAL |
| Linksys E1200 v1.0.04 is vulnerable to Buffer Overflow via ej_get_web_page_name. | |||||
| CVE-2022-38562 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the lan parameter. | |||||
| CVE-2022-38565 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service (DoS) via the mailpwd parameter. | |||||
| CVE-2022-38563 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the MACAddr parameter. | |||||
| CVE-2022-38564 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow vulnerability in the function formSetPicListItem. This vulnerability allows attackers to cause a Denial of Service (DoS) via the adItemUID parameter. | |||||
| CVE-2022-38568 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the hostname parameter. | |||||
| CVE-2022-38566 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service (DoS) via the mailname parameter. | |||||
| CVE-2022-38567 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow vulnerability in the function formSetAdConfigInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the authIPs parameter. | |||||
| CVE-2022-38571 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow in the function formSetGuideListItem. | |||||
| CVE-2022-38570 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelPushedAd. This vulnerability allows attackers to cause a Denial of Service (DoS) via the adPushUID parameter. | |||||
| CVE-2022-38569 | 1 Tenda | 2 M3, M3 Firmware | 2022-09-01 | N/A | 7.5 HIGH |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a stack overflow in the function formDelAd. | |||||
| CVE-2022-1489 | 1 Google | 2 Chrome, Chrome Os | 2022-09-01 | N/A | 8.8 HIGH |
| Out of bounds memory access in UI Shelf in Google Chrome on Chrome OS, Lacros prior to 101.0.4951.41 allowed a remote attacker to potentially exploit heap corruption via specific user interactions. | |||||
| CVE-2022-1142 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 8.8 HIGH |
| Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. | |||||
| CVE-2022-1143 | 1 Google | 1 Chrome | 2022-09-01 | N/A | 8.8 HIGH |
| Heap buffer overflow in WebUI in Google Chrome prior to 100.0.4896.60 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via specific input into DevTools. | |||||
| CVE-2021-21901 | 1 Garrett | 1 Ic Module Cma | 2022-08-31 | 9.0 HIGH | 8.8 HIGH |
| A stack-based buffer overflow vulnerability exists in the CMA check_udp_crc function of Garrett Metal Detectors’ iC Module CMA Version 5.0. A specially-crafted packet can lead to a stack-based buffer overflow during a call to memcpy. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2021-21903 | 1 Garrett | 1 Ic Module Cma | 2022-08-31 | 10.0 HIGH | 9.8 CRITICAL |
| A stack-based buffer overflow vulnerability exists in the CMA check_udp_crc function of Garrett Metal Detectors’ iC Module CMA Version 5.0. A specially-crafted packet can lead to a stack-based buffer overflow during a call to strcpy. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2021-21906 | 1 Garrett | 1 Ic Module Cma | 2022-08-31 | 9.0 HIGH | 7.2 HIGH |
| Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is used by a secondary GUI client, called “CMA Connect”, to interact with the iC Module on behalf of the user. Every time a user submits a password to the CLI password prompt, the buffer containing their input is passed as the password parameter to the checkPassword function. | |||||
| CVE-2021-21905 | 1 Garrett | 1 Ic Module Cma | 2022-08-31 | 8.5 HIGH | 7.2 HIGH |
| Stack-based buffer overflow vulnerability exists in how the CMA readfile function of Garrett Metal Detectors iC Module CMA Version 5.0 is used at various locations. The Garrett iC Module exposes an authenticated CLI over TCP port 6877. This interface is used by a secondary GUI client, called “CMA Connect”, to interact with the iC Module on behalf of the user. After a client successfully authenticates, they can send plaintext commands to manipulate the device. | |||||
| CVE-2020-6066 | 1 Accusoft | 1 Imagegear | 2022-08-31 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG SOFx parser of the Accusoft ImageGear 19.5.0 library. A specially crafted JPEG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | |||||
| CVE-2020-6069 | 1 Accusoft | 1 Imagegear | 2022-08-31 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG jpegread precision parser of the Accusoft ImageGear 19.5.0 library. A specially crafted JPEG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | |||||