Total
13373 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-2624 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | N/A | 8.8 HIGH |
| Heap buffer overflow in PDF in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. | |||||
| CVE-2022-2598 | 2 Debian, Vim | 2 Debian Linux, Vim | 2024-11-21 | N/A | 6.5 MEDIUM |
| Out-of-bounds Write to API in GitHub repository vim/vim prior to 9.0.0100. | |||||
| CVE-2022-2587 | 1 Google | 2 Chrome, Chrome Os | 2024-11-21 | N/A | 9.8 CRITICAL |
| Out of bounds write in Chrome OS Audio Server in Google Chrome on Chrome OS prior to 102.0.5005.125 allowed a remote attacker to potentially exploit heap corruption via crafted audio metadata. | |||||
| CVE-2022-2415 | 1 Google | 1 Chrome | 2024-11-21 | N/A | 8.8 HIGH |
| Heap buffer overflow in WebGL in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-2402 | 1 Eset | 2 Endpoint Encryption, Full Disk Encryption | 2024-11-21 | N/A | 6.5 MEDIUM |
| The vulnerability in the driver dlpfde.sys enables a user logged into the system to perform system calls leading to kernel stack overflow, resulting in a system crash, for instance, a BSOD. | |||||
| CVE-2022-2344 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. | |||||
| CVE-2022-2288 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Out-of-bounds Write in GitHub repository vim/vim prior to 9.0. | |||||
| CVE-2022-2274 | 2 Netapp, Openssl | 12 H300s, H300s Firmware, H410c and 9 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue. | |||||
| CVE-2022-2210 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-2125 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2022-2122 | 2 Debian, Gstreamer Project | 2 Debian Linux, Gstreamer | 2024-11-21 | N/A | 7.8 HIGH |
| DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemux_inflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a segfault or a heap overwrite. | |||||
| CVE-2022-2081 | 1 Hitachienergy | 8 Rtu520, Rtu520 Firmware, Rtu530 and 5 more | 2024-11-21 | N/A | 7.5 HIGH |
| A vulnerability exists in the HCI Modbus TCP function included in the product versions listed above. If the HCI Modbus TCP is enabled and configured, an attacker could exploit the vulnerability by sending a specially crafted message to the RTU500 in a high rate, causing the targeted RTU500 CMU to reboot. The vulnerability is caused by a lack of flood control which eventually if exploited causes an internal stack overflow in the HCI Modbus TCP function. | |||||
| CVE-2022-2070 | 1 Grandstream | 2 Gds3710, Gds3710 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| In Grandstream GSD3710 in its 1.0.11.13 version, it's possible to overflow the stack since it doesn't check the param length before using the sscanf instruction. Because of that, an attacker could create a socket and connect with a remote IP:port by opening a shell and getting full access to the system. The exploit affects daemons dbmng and logsrv that are running on ports 8000 and 8001 by default. | |||||
| CVE-2022-2069 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-11-21 | N/A | 7.8 HIGH |
| The APDFL.dll in Siemens JT2Go prior to V13.3.0.5 and Siemens Teamcenter Visualization prior to V14.0.0.2 contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2022-2061 | 1 Chafa Project | 1 Chafa | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior to 1.12.0. | |||||
| CVE-2022-2044 | 1 Moxa | 2 Nport 5110, Nport 5110 Firmware | 2024-11-21 | N/A | 8.2 HIGH |
| MOXA NPort 5110: Firmware Versions 2.10 is vulnerable to an out-of-bounds write that may allow an attacker to overwrite values in memory, causing a denial-of-service condition or potentially bricking the device. | |||||
| CVE-2022-2043 | 1 Moxa | 2 Nport 5110, Nport 5110 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| MOXA NPort 5110: Firmware Versions 2.10 is vulnerable to an out-of-bounds write that can cause the device to become unresponsive. | |||||
| CVE-2022-2025 | 1 Grandstream | 2 Gds3710, Gds3710 Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| an attacker with knowledge of user/pass of Grandstream GSD3710 in its 1.0.11.13 version, could overflow the stack since it doesn't check the param length before use the strcopy instruction. The explotation of this vulnerability may lead an attacker to execute a shell with full access. | |||||
| CVE-2022-29777 | 1 Onlyoffice | 2 Core, Document Server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a heap overflow via the component DesktopEditor/fontengine/fontconverter/FontFileBase.h. | |||||
| CVE-2022-29776 | 1 Onlyoffice | 2 Core, Document Server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a stack overflow via the component DesktopEditor/common/File.cpp. | |||||