Total
12879 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-36470 | 1 H3c | 2 B5 Mini, B5 Mini Firmware | 2024-11-21 | N/A | 7.8 HIGH |
| H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetAP5GWifiById. | |||||
| CVE-2022-36469 | 1 H3c | 2 B5 Mini, B5 Mini Firmware | 2024-11-21 | N/A | 7.8 HIGH |
| H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetAPWifiorLedInfoById. | |||||
| CVE-2022-36468 | 1 H3c | 2 B5 Mini, B5 Mini Firmware | 2024-11-21 | N/A | 7.8 HIGH |
| H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed. | |||||
| CVE-2022-36467 | 1 H3c | 2 B5 Mini, B5 Mini Firmware | 2024-11-21 | N/A | 7.8 HIGH |
| H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function EditMacList.d. | |||||
| CVE-2022-36466 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-11-21 | N/A | 7.8 HIGH |
| TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg. | |||||
| CVE-2022-36465 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-11-21 | N/A | 7.8 HIGH |
| TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the pppoeUser parameter. | |||||
| CVE-2022-36464 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-11-21 | N/A | 7.8 HIGH |
| TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules. | |||||
| CVE-2022-36463 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-11-21 | N/A | 7.8 HIGH |
| TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg. | |||||
| CVE-2022-36462 | 1 Totolink | 2 A3700r, A3700r Firmware | 2024-11-21 | N/A | 7.8 HIGH |
| TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the lang parameter in the function setLanguageCfg. | |||||
| CVE-2022-36423 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2024-11-21 | N/A | 7.4 HIGH |
| OpenHarmony-v3.1.2 and prior versions have an incorrect configuration of the cJSON library, which leads a Stack overflow vulnerability during recursive parsing. LAN attackers can lead a DoS attack to all network devices. | |||||
| CVE-2022-36382 | 1 Intel | 30 Ethernet Controller X710-am2, Ethernet Controller X710-am2 Firmware, Ethernet Controller X710-bm2 and 27 more | 2024-11-21 | N/A | 6.0 MEDIUM |
| Out-of-bounds write in firmware for some Intel(R) Ethernet Network Controllers and Adapters E810 Series before version 1.7.0.8 and some Intel(R) Ethernet 700 Series Controllers and Adapters before version 9.101 may allow a privileged user to potentially enable denial of service via local access. | |||||
| CVE-2022-36280 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | N/A | 6.3 MEDIUM |
| An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS). | |||||
| CVE-2022-36233 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2024-11-21 | N/A | 5.5 MEDIUM |
| Tenda AC9 V15.03.2.13 is vulnerable to Buffer Overflow via httpd, form_fast_setting_wifi_set. httpd. | |||||
| CVE-2022-36191 | 1 Gpac | 1 Gpac | 2024-11-21 | N/A | 5.5 MEDIUM |
| A heap-buffer-overflow had occurred in function gf_isom_dovi_config_get of isomedia/avc_ext.c:2490, as demonstrated by MP4Box. This vulnerability was fixed in commit fef6242. | |||||
| CVE-2022-36150 | 1 Monostream | 1 Tifig | 2024-11-21 | N/A | 5.5 MEDIUM |
| tifig v0.2.2 was discovered to contain a heap-buffer overflow via __asan_memmove at /asan/asan_interceptors_memintrinsics.cpp. | |||||
| CVE-2022-36144 | 1 Swfmill | 1 Swfmill | 2024-11-21 | N/A | 7.8 HIGH |
| SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via base64_encode. | |||||
| CVE-2022-36143 | 1 Swfmill | 1 Swfmill | 2024-11-21 | N/A | 7.8 HIGH |
| SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via __interceptor_strlen.part at /sanitizer_common/sanitizer_common_interceptors.inc. | |||||
| CVE-2022-36142 | 1 Swfmill | 1 Swfmill | 2024-11-21 | N/A | 7.8 HIGH |
| SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via SWF::Reader::getU30(). | |||||
| CVE-2022-36139 | 1 Swfmill | 1 Swfmill | 2024-11-21 | N/A | 7.8 HIGH |
| SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via SWF::Writer::writeByte(unsigned char). | |||||
| CVE-2022-36086 | 1 Rust-osdev | 1 Linked-list-allocator | 2024-11-21 | N/A | 8.4 HIGH |
| linked_list_allocator is an allocator usable for no_std systems. Prior to version 0.10.2, the heap initialization methods were missing a minimum size check for the given heap size argument. This could lead to out-of-bound writes when a heap was initialized with a size smaller than `3 * size_of::<usize>` because of metadata write operations. This vulnerability impacts all the initialization functions on the `Heap` and `LockedHeap` types, including `Heap::new`, `Heap::init`, `Heap::init_from_slice`, and `LockedHeap::new`. It also affects multiple uses of the `Heap::extend` method. Version 0.10.2 contains a patch for the issue. As a workaround, ensure that the heap is only initialized with a size larger than `3 * size_of::<usize>` and that the `Heap::extend` method is only called with sizes larger than `2 * size_of::<usize>()`. Also, ensure that the total heap size is (and stays) a multiple of `2 * size_of::<usize>()`. | |||||