Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-32941 | 1 Annke | 2 N48pbb, N48pbb Firmware | 2022-06-07 | 10.0 HIGH | 9.8 CRITICAL |
| Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are vulnerable to a stack-based buffer overflow, which allows an unauthorized remote attacker to execute arbitrary code with the same privileges as the server user (root). | |||||
| CVE-2022-28874 | 4 Apple, F-secure, Microsoft and 1 more | 7 Macos, Atlant, Elements Endpoint Protection and 4 more | 2022-06-07 | 5.0 MEDIUM | 7.5 HIGH |
| Multiple Denial-of-Service vulnerabilities was discovered in the F-Secure Atlant and in certain WithSecure products while scanning fuzzed PE32-bit files cause memory corruption and heap buffer overflow which eventually can crash the scanning engine. The exploit can be triggered remotely by an attacker. | |||||
| CVE-2017-2869 | 1 Natus | 1 Xltek Neuroworks | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable code execution vulnerability exists in the OpenProducer functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2017-2867 | 1 Natus | 1 Xltek Neuroworks | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable code execution vulnerability exists in the SavePatientMontage functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can a malicious packet to trigger this vulnerability. | |||||
| CVE-2017-2868 | 1 Natus | 1 Xltek Neuroworks | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable code execution vulnerability exists in the NewProducerStream functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in code execution. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2017-2853 | 1 Natus | 1 Xltek Neuroworks | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable Code Execution vulnerability exists in the RequestForPatientInfoEEGfile functionality of Natus Xltek NeuroWorks 8. A specially crafted network packet can cause a stack buffer overflow resulting in arbitrary command execution. An attacker can send a malicious packet to trigger this vulnerability. | |||||
| CVE-2017-2886 | 1 Acdsee | 1 Ultimate | 2022-06-03 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption vulnerability exists in the .PSD parsing functionality of ACDSee Ultimate 10.0.0.292. A specially crafted .PSD file can cause an out of bounds write vulnerability resulting in potential code execution. An attacker can send a specific .PSD file to trigger this vulnerability. | |||||
| CVE-2017-2896 | 2 Debian, Libxls Project | 2 Debian Linux, Libxls | 2022-06-03 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable out-of-bounds write vulnerability exists in the xls_mergedCells function of libxls 1.4. . A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability. | |||||
| CVE-2021-32457 | 1 Trendmicro | 1 Home Network Security | 2022-06-03 | 4.6 MEDIUM | 7.8 HIGH |
| Trend Micro Home Network Security version 6.6.604 and earlier is vulnerable to an iotcl stack-based buffer overflow vulnerability which could allow an attacker to issue a specially crafted iotcl to escalate privileges on affected devices. An attacker must first obtain the ability to execute low-privileged code on the target device in order to exploit this vulnerability. | |||||
| CVE-2011-4372 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Reader, Macos and 1 more | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373. | |||||
| CVE-2011-4373 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Reader, Macos and 1 more | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372. | |||||
| CVE-2021-1738 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2022-06-03 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2021-1772 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2022-06-03 | 6.8 MEDIUM | 7.8 HIGH |
| A stack overflow was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, watchOS 7.3, tvOS 14.4, iOS 14.4 and iPadOS 14.4. Processing a maliciously crafted text file may lead to arbitrary code execution. | |||||
| CVE-2022-30595 | 1 Python | 1 Pillow | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files. | |||||
| CVE-2022-28998 | 1 Xlightftpd | 1 Xlight Ftp | 2022-06-03 | 5.5 MEDIUM | 8.1 HIGH |
| Xlight FTP v3.9.3.2 was discovered to contain a stack-based buffer overflow which allows attackers to leak sensitive information via crafted code. | |||||
| CVE-2021-1737 | 1 Apple | 4 Ipados, Iphone Os, Mac Os X and 1 more | 2022-06-03 | 6.8 MEDIUM | 7.8 HIGH |
| An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution. | |||||
| CVE-2021-25678 | 1 Siemens | 2 Solid Edge Se2020, Solid Edge Se2021 | 2022-06-03 | 6.8 MEDIUM | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2020 (All versions < SE2020MP14), Solid Edge SE2021 (All Versions < SE2021MP4). Affected applications lack proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-12529) | |||||
| CVE-2022-30476 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetFirewallCfg request. | |||||
| CVE-2022-30475 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-06-03 | 5.0 MEDIUM | 7.5 HIGH |
| Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/WifiExtraSet request. | |||||
| CVE-2022-30474 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2022-06-03 | 7.5 HIGH | 9.8 CRITICAL |
| Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a heap overflow in the httpd module when handling /goform/saveParentControlInfo request. | |||||