Total
13373 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-47935 | 1 Siemens | 3 Jt Open Toolkit, Jt Utilities, Solid Edge | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains a memory corruption vulnerability while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19078) | |||||
| CVE-2022-47459 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | |||||
| CVE-2022-47457 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2024-11-21 | N/A | 5.5 MEDIUM |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | |||||
| CVE-2022-47065 | 1 Trendnet | 2 Tew-820ap, Tew-820ap Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| TrendNet Wireless AC Easy-Upgrader TEW-820AP v1.0R, firmware version 1.01.B01 was discovered to contain a stack overflow via the submit-url parameter at /formNewSchedule. This vulnerability allows attackers to execute arbitrary code via a crafted payload. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2022-46348 | 1 Siemens | 1 Parasolid | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19383) | |||||
| CVE-2022-46347 | 1 Siemens | 1 Parasolid | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19079) | |||||
| CVE-2022-46346 | 1 Siemens | 3 Parasolid, Solid Edge Se2022, Solid Edge Se2023 | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19071) | |||||
| CVE-2022-46345 | 1 Siemens | 3 Parasolid, Solid Edge Se2022, Solid Edge Se2023 | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.264), Parasolid V34.0 (All versions < V34.0.252), Parasolid V34.1 (All versions < V34.1.242), Parasolid V35.0 (All versions < V35.0.170), Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2022 (All versions), Solid Edge SE2023 (All versions < V223.0Update2). The affected applications contain an out of bounds write past the end of an allocated structure while parsing specially crafted X_B files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19070) | |||||
| CVE-2022-45781 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| Buffer Overflow vulnerability in Tenda AX1803 v1.0.0.1_2994 and earlier allows attackers to run arbitrary code via /goform/SetOnlineDevName. | |||||
| CVE-2022-45703 | 1 Gnu | 1 Binutils | 2024-11-21 | N/A | 7.8 HIGH |
| Heap buffer overflow vulnerability in binutils readelf before 2.40 via function display_debug_section in file readelf.c. | |||||
| CVE-2022-45493 | 1 Json.h Project | 1 Json.h | 2024-11-21 | N/A | 7.8 HIGH |
| Buffer overflow vulnerability in function json_parse_key in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 (November 14, 2022) allows attackers to code arbitrary code and gain escalated privileges. | |||||
| CVE-2022-45492 | 1 Json.h Project | 1 Json.h | 2024-11-21 | N/A | 7.8 HIGH |
| Buffer overflow vulnerability in function json_parse_number in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 (November 14, 2022) allows attackers to code arbitrary code and gain escalated privileges. | |||||
| CVE-2022-45126 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-11-21 | N/A | 4.0 MEDIUM |
| Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked. | |||||
| CVE-2022-44840 | 1 Gnu | 1 Binutils | 2024-11-21 | N/A | 7.8 HIGH |
| Heap buffer overflow vulnerability in binutils readelf before 2.40 via function find_section_in_set in file readelf.c. | |||||
| CVE-2022-44370 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | N/A | 7.8 HIGH |
| NASM v2.16 was discovered to contain a heap buffer overflow in the component quote_for_pmake() asm/nasm.c:856 | |||||
| CVE-2022-44011 | 1 Clickhouse | 1 Clickhouse | 2024-11-21 | N/A | 6.5 MEDIUM |
| An issue was discovered in ClickHouse before 22.9.1.2603. An authenticated user (with the ability to load data) could cause a heap buffer overflow and crash the server by inserting a malformed CapnProto object. The fixed versions are 22.9.1.2603, 22.8.2.11, 22.7.4.16, 22.6.6.16, and 22.3.12.19. | |||||
| CVE-2022-44010 | 1 Clickhouse | 1 Clickhouse | 2024-11-21 | N/A | 7.5 HIGH |
| An issue was discovered in ClickHouse before 22.9.1.2603. An attacker could send a crafted HTTP request to the HTTP Endpoint (usually listening on port 8123 by default), causing a heap-based buffer overflow that crashes the process. This does not require authentication. The fixed versions are 22.9.1.2603, 22.8.2.11, 22.7.4.16, 22.6.6.16, and 22.3.12.19. | |||||
| CVE-2022-43970 | 1 Linksys | 2 Wrt54gl, Wrt54gl Firmware | 2024-11-21 | N/A | 7.2 HIGH |
| A buffer overflow vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. A stack-based buffer overflow in the Start_EPI function within the httpd binary allows an authenticated attacker with administrator privileges to execute arbitrary commands on the underlying Linux operating system as root. This vulnerablity can be triggered over the network via a malicious POST request to /apply.cgi. | |||||
| CVE-2022-43764 | 1 Br-automation | 1 Industrial Automation Aprol | 2024-11-21 | N/A | 9.8 CRITICAL |
| Insufficient validation of input parameters when changing configuration on Tbase server in B&R APROL versions < R 4.2-07 could result in buffer overflow. This may lead to Denial-of-Service conditions or execution of arbitrary code. | |||||
| CVE-2022-43662 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-11-21 | N/A | 4.0 MEDIUM |
| Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysTimerGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked. | |||||