Total
291487 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-45514 | 1 Tenda | 2 W30e, W30e Firmware | 2025-04-23 | N/A | 7.5 HIGH |
| Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/webExcptypemanFilter. | |||||
| CVE-2022-45513 | 1 Tenda | 2 W30e, W30e Firmware | 2025-04-23 | N/A | 7.5 HIGH |
| Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/P2pListFilter. | |||||
| CVE-2022-45512 | 1 Tenda | 2 W30e, W30e Firmware | 2025-04-23 | N/A | 7.5 HIGH |
| Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/SafeEmailFilter. | |||||
| CVE-2022-45511 | 1 Tenda | 2 W30e, W30e Firmware | 2025-04-23 | N/A | 7.5 HIGH |
| Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the PPPOEPassword parameter at /goform/QuickIndex. | |||||
| CVE-2022-45510 | 1 Tenda | 2 W30e, W30e Firmware | 2025-04-23 | N/A | 7.5 HIGH |
| Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the mit_ssid_index parameter at /goform/AdvSetWrlsafeset. | |||||
| CVE-2022-45509 | 1 Tenda | 2 W30e, W30e Firmware | 2025-04-23 | N/A | 7.5 HIGH |
| Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the account parameter at /goform/addUserName. | |||||
| CVE-2022-45508 | 1 Tenda | 2 W30e, W30e Firmware | 2025-04-23 | N/A | 7.5 HIGH |
| Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the new_account parameter at /goform/editUserName. | |||||
| CVE-2022-45507 | 1 Tenda | 2 W30e, W30e Firmware | 2025-04-23 | N/A | 7.5 HIGH |
| Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the editNameMit parameter at /goform/editFileName. | |||||
| CVE-2022-45506 | 1 Tenda | 2 W30e, W30e Firmware | 2025-04-23 | N/A | 9.8 CRITICAL |
| Tenda W30E v1.0.1.25(633) was discovered to contain a command injection vulnerability via the fileNameMit parameter at /goform/delFileName. | |||||
| CVE-2022-45505 | 1 Tenda | 2 W30e, W30e Firmware | 2025-04-23 | N/A | 7.5 HIGH |
| Tenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the cmdinput parameter at /goform/exeCommand. | |||||
| CVE-2022-45504 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-04-23 | N/A | 7.5 HIGH |
| An issue in the component tpi_systool_handle(0) (/goform/SysToolRestoreSet) of Tenda W6-S v1.0.0.4(510) allows unauthenticated attackers to arbitrarily reboot the device. | |||||
| CVE-2022-45503 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-04-23 | N/A | 7.5 HIGH |
| Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the linkEn parameter at /goform/setAutoPing. | |||||
| CVE-2022-45501 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-04-23 | N/A | 7.5 HIGH |
| Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the wl_radio parameter at /goform/wifiSSIDset. | |||||
| CVE-2022-45499 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-04-23 | N/A | 7.5 HIGH |
| Tenda W6-S v1.0.0.4(510) was discovered to contain a stack overflow via the wl_radio parameter at /goform/WifiMacFilterGet. | |||||
| CVE-2022-45498 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-04-23 | N/A | 7.5 HIGH |
| An issue in the component tpi_systool_handle(0) (/goform/SysToolReboot) of Tenda W6-S v1.0.0.4(510) allows unauthenticated attackers to arbitrarily reboot the device. | |||||
| CVE-2022-45497 | 1 Tenda | 2 W6-s, W6-s Firmware | 2025-04-23 | N/A | 9.8 CRITICAL |
| Tenda W6-S v1.0.0.4(510) was discovered to contain a command injection vulnerability in the tpi_get_ping_output function at /goform/exeCommand. | |||||
| CVE-2022-45326 | 1 Kwoksys | 1 Information Server | 2025-04-23 | N/A | 4.9 MEDIUM |
| An XML external entity (XXE) injection vulnerability in Kwoksys Kwok Information Server before v2.9.5.SP31 allows remote authenticated users to conduct server-side request forgery (SSRF) attacks. | |||||
| CVE-2022-45010 | 1 Simple Phone Book\/directory Web App Project | 1 Simple Phone Book\/directory Web App | 2025-04-23 | N/A | 9.8 CRITICAL |
| Simple Phone Book/Directory Web App v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter at /PhoneBook/edit.php. | |||||
| CVE-2022-44900 | 1 Py7zr Project | 1 Py7zr | 2025-04-23 | N/A | 9.1 CRITICAL |
| A directory traversal vulnerability in the SevenZipFile.extractall() function of the python library py7zr v0.20.0 and earlier allows attackers to write arbitrary files via extracting a crafted 7z file. | |||||
| CVE-2022-44838 | 1 Automotive Shop Management System Project | 1 Automotive Shop Management System | 2025-04-23 | N/A | 7.2 HIGH |
| Automotive Shop Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /services/view_service.php. | |||||