Export limit exceeded: 21030 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21030 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-33885 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2024-11-21 | 7.8 High |
| A maliciously crafted X_B, CATIA, and PDF file when parsed through Autodesk AutoCAD 2023 and 2022 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution. | ||||
| CVE-2022-33883 | 1 Autodesk | 4 Advanced Material Exchange, Moldflow Adviser, Moldflow Communicator and 1 more | 2024-11-21 | 7.8 High |
| A malicious crafted file consumed through Moldflow Synergy, Moldflow Adviser, Moldflow Communicator, and Advanced Material Exchange applications could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | ||||
| CVE-2022-33874 | 1 Fortinet | 1 Fortitester | 2024-11-21 | 9.8 Critical |
| An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in SSH login components of FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an unauthenticated remote attacker to execute arbitrary command in the underlying shell. | ||||
| CVE-2022-33873 | 1 Fortinet | 1 Fortitester | 2024-11-21 | 6.8 Medium |
| An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in Console login components of FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an unauthenticated attacker to execute arbitrary command in the underlying shell. | ||||
| CVE-2022-33872 | 1 Fortinet | 1 Fortitester | 2024-11-21 | 9.8 Critical |
| An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in Telnet login components of FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an unauthenticated remote attacker to execute arbitrary command in the underlying shell. | ||||
| CVE-2022-33871 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 6.3 Medium |
| A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and earlier, 6.4 all versions, version 6.3.19 and earlier may allow a privileged attacker to execute arbitrary code or commands via specifically crafted CLI `execute backup-local rename` and `execute backup-local show` operations. | ||||
| CVE-2022-33870 | 1 Fortinet | 1 Fortitester | 2024-11-21 | 7.8 High |
| An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the command line interpreter of FortiTester 3.0.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands. | ||||
| CVE-2022-33869 | 1 Fortinet | 1 Fortiwan | 2024-11-21 | 8 High |
| An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiWAN 4.0.0 through 4.5.9 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands. | ||||
| CVE-2022-33730 | 1 Google | 1 Android | 2024-11-21 | 6.8 Medium |
| Heap-based buffer overflow vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows arbitrary code execution by physical attackers. | ||||
| CVE-2022-33279 | 1 Qualcomm | 148 Ar9380, Ar9380 Firmware, Csr8811 and 145 more | 2024-11-21 | 9.8 Critical |
| Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length. | ||||
| CVE-2022-33267 | 1 Qualcomm | 112 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 Firmware and 109 more | 2024-11-21 | 6.7 Medium |
| Memory corruption in Linux while sending DRM request. | ||||
| CVE-2022-33264 | 1 Qualcomm | 515 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8953pro and 512 more | 2024-11-21 | 7.9 High |
| Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message. | ||||
| CVE-2022-33260 | 1 Qualcomm | 92 Aqt1000, Aqt1000 Firmware, Qam8295p and 89 more | 2024-11-21 | 5.9 Medium |
| Memory corruption due to stack based buffer overflow in core while sending command from USB of large size. | ||||
| CVE-2022-33233 | 1 Qualcomm | 402 Apq8009, Apq8009 Firmware, Apq8009w and 399 more | 2024-11-21 | 7.8 High |
| Memory corruption due to configuration weakness in modem wile sending command to write protected files. | ||||
| CVE-2022-33140 | 3 Apache, Apple, Linux | 4 Nifi, Nifi Registry, Macos and 1 more | 2024-11-21 | 8.8 High |
| The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of operating system commands on Linux and macOS platforms. The ShellUserGroupProvider is not included in the default configuration. Command injection requires ShellUserGroupProvider to be one of the enabled User Group Providers in the Authorizers configuration. Command injection also requires an authenticated user with elevated privileges. Apache NiFi requires an authenticated user with authorization to modify access policies in order to execute the command. Apache NiFi Registry requires an authenticated user with authorization to read user groups in order to execute the command. The resolution removes command formatting based on user-provided arguments. | ||||
| CVE-2022-33108 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | 7.8 High |
| XPDF v4.04 was discovered to contain a stack overflow vulnerability via the Object::Copy class of object.cc files. | ||||
| CVE-2022-33099 | 3 Fedoraproject, Lua, Redhat | 3 Fedora, Lua, Enterprise Linux | 2024-11-21 | 7.5 High |
| An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs. | ||||
| CVE-2022-33087 | 1 Tp-link | 4 Archer A5, Archer A5 Firmware, Archer C50 and 1 more | 2024-11-21 | 7.5 High |
| A stack overflow in the function DM_ In fillobjbystr() of TP-Link Archer C50&A5(US)_V5_200407 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | ||||
| CVE-2022-33047 | 1 Otfcc Project | 1 Otfcc | 2024-11-21 | 9.8 Critical |
| OTFCC v0.10.4 was discovered to contain a heap buffer overflow after free via otfccbuild.c. | ||||
| CVE-2022-33034 | 1 Gnu | 1 Libredwg | 2024-11-21 | 7.8 High |
| LibreDWG v0.12.4.4608 was discovered to contain a stack overflow via the function copy_bytes at decode_r2007.c. | ||||