Export limit exceeded: 363250 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (21031 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-32037 1 Tenda 2 M3, M3 Firmware 2024-11-21 7.5 High
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAPCfg.
CVE-2022-32036 1 Tenda 2 M3, M3 Firmware 2024-11-21 7.5 High
Tenda M3 V1.0.0.12 was discovered to contain multiple stack overflow vulnerabilities via the ssidList, storeName, and trademark parameters in the function formSetStoreWeb.
CVE-2022-32035 1 Tenda 2 M3, M3 Firmware 2024-11-21 7.5 High
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formMasterMng.
CVE-2022-32034 1 Tenda 2 M3, M3 Firmware 2024-11-21 7.5 High
Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the items parameter in the function formdelMasteraclist.
CVE-2022-32033 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-11-21 7.5 High
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the function formSetVirtualSer.
CVE-2022-32032 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-11-21 9.8 Critical
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the deviceList parameter in the function formAddMacfilterRule.
CVE-2022-32031 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-11-21 7.5 High
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetRouteStatic.
CVE-2022-32030 1 Tenda 2 Ax1806, Ax1806 Firmware 2024-11-21 7.5 High
Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetQosBand.
CVE-2022-31885 1 Marvalglobal 1 Marval Msm 2024-11-21 9.8 Critical
Marval MSM v14.19.0.12476 is vulnerable to OS Command Injection due to the insecure handling of VBScripts.
CVE-2022-31814 1 Netgate 1 Pfblockerng 2024-11-21 9.8 Critical
pfSense pfBlockerNG through 2.1.4_26 allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected.
CVE-2022-31804 1 Codesys 1 Gateway 2024-11-21 7.5 High
The CODESYS Gateway Server V2 does not verifiy that the size of a request is within expected limits. An unauthenticated attacker may allocate an arbitrary amount of memory, which may lead to a crash of the Gateway due to an out-of-memory condition.
CVE-2022-31795 1 Fujitsu 2 Eternus Cs8000, Eternus Cs8000 Firmware 2024-11-21 9.8 Critical
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the grel_finfo function in grel.php. An attacker is able to influence the username (user), password (pw), and file-name (file) parameters and inject special characters such as semicolons, backticks, or command-substitution sequences in order to force the application to execute arbitrary commands.
CVE-2022-31794 1 Fujitsu 2 Eternus Cs8000, Eternus Cs8000 Firmware 2024-11-21 9.8 Critical
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the requestTempFile function in hw_view.php. An attacker is able to influence the unitName POST parameter and inject special characters such as semicolons, backticks, or command-substitution sequences in order to force the application to execute arbitrary commands.
CVE-2022-31783 2 Fedoraproject, Liblouis 2 Fedora, Liblouis 2024-11-21 5.5 Medium
Liblouis 3.21.0 has an out-of-bounds write in compileRule in compileTranslationTable.c, as demonstrated by lou_trace.
CVE-2022-31782 1 Freedesktop 1 Freetype Demo Programs 2024-11-21 7.8 High
ftbench.c in FreeType Demo Programs through 2.12.1 has a heap-based buffer overflow.
CVE-2022-31767 2 Ibm, Linux 2 Cics Tx, Linux Kernel 2024-11-21 9.8 Critical
IBM CICS TX Standard and Advanced 11.1 could allow a remote attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 227980.
CVE-2022-31627 1 Php 1 Php 2024-11-21 7.7 High
In PHP versions 8.1.x below 8.1.8, when fileinfo functions, such as finfo_buffer, due to incorrect patch applied to the third party code from libmagic, incorrect function may be used to free allocated memory, which may lead to heap corruption.
CVE-2022-31602 1 Nvidia 2 Dgx A100, Dgx A100 Firmware 2024-11-21 6.4 Medium
NVIDIA DGX A100 contains a vulnerability in SBIOS in the IpSecDxe, where a user with elevated privileges and a preconditioned heap can exploit an out-of-bounds write vulnerability, which may lead to code execution, denial of service, data integrity impact, and information disclosure.
CVE-2022-31601 1 Nvidia 2 Dgx A100, Dgx A100 Firmware 2024-11-21 6.7 Medium
NVIDIA DGX A100 contains a vulnerability in SBIOS in the SmbiosPei, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure.
CVE-2022-31499 1 Nortekcontrol 2 Emerge E3, Emerge E3 Firmware 2024-11-21 9.8 Critical
Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to inject OS commands via ReaderNo. NOTE: this issue exists because of an incomplete fix for CVE-2019-7256.