Total
3816 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-25657 | 1 Qualcomm | 213 Apq8017, Apq8017 Firmware, Apq8053 and 210 more | 2024-11-21 | 7.3 High |
| Memory corruption due to buffer overflow occurs while processing invalid MKV clip which has invalid seek header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | ||||
| CVE-2022-25655 | 1 Qualcomm | 476 Apq8009, Apq8009 Firmware, Apq8017 and 473 more | 2024-11-21 | 8.4 High |
| Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command payload. | ||||
| CVE-2022-25635 | 3 Google, Linux, Realtek | 3 Android, Linux Kernel, Bluetooth Mesh Software Development Kit | 2024-11-21 | 6.5 Medium |
| Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for broadcast network packet length. An unauthenticated attacker in the adjacent network can exploit this vulnerability to disrupt service. | ||||
| CVE-2022-25514 | 1 Nothings | 1 Stb Truetype.h | 2024-11-21 | 7.5 High |
| stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT() at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input. | ||||
| CVE-2022-24949 | 1 Eternal Terminal Project | 1 Eternal Terminal | 2024-11-21 | 7.5 High |
| A privilege escalation to root exists in Eternal Terminal prior to version 6.2.0. This is due to the combination of a race condition, buffer overflow, and logic bug all in PipeSocketHandler::listen(). | ||||
| CVE-2022-24705 | 1 Accel-ppp | 1 Accel-ppp | 2024-11-21 | 9.8 Critical |
| The rad_packet_recv function in radius/packet.c suffers from a memcpy buffer overflow, resulting in an overly-large recvfrom into a fixed buffer that causes a buffer overflow and overwrites arbitrary memory. If the server connects with a malicious client, crafted client requests can remotely trigger this vulnerability. | ||||
| CVE-2022-24704 | 1 Accel-ppp | 1 Accel-ppp | 2024-11-21 | 9.8 Critical |
| The rad_packet_recv function in opt/src/accel-pppd/radius/packet.c suffers from a buffer overflow vulnerability, whereby user input len is copied into a fixed buffer &attr->val.integer without any bound checks. If the client connects to the server and sends a large radius packet, a buffer overflow vulnerability will be triggered. | ||||
| CVE-2022-24702 | 1 Winaprs | 1 Winaprs | 2024-11-21 | 9.8 Critical |
| An issue was discovered in WinAPRS 2.9.0. A buffer overflow in the VHF KISS TNC component allows a remote attacker to achieve remote code execution via malicious AX.25 packets over the air. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2022-24701 | 1 Winaprs | 1 Winaprs | 2024-11-21 | 7.8 High |
| An issue was discovered in WinAPRS 2.9.0. A buffer overflow in national.txt processing allows a local attacker to cause a denial of service or possibly achieve code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2022-24700 | 1 Winaprs | 1 Winaprs | 2024-11-21 | 7.5 High |
| An issue was discovered in WinAPRS 2.9.0. A buffer overflow in DIGI address processing for VHF KISS packets allows a remote attacker to cause a denial of service (daemon crash) via a malicious AX.25 packet over the air. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2022-24675 | 4 Fedoraproject, Golang, Netapp and 1 more | 17 Fedora, Go, Kubernetes Monitoring Operator and 14 more | 2024-11-21 | 7.5 High |
| encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data. | ||||
| CVE-2022-24313 | 1 Schneider-electric | 1 Interactive Graphical Scada System Data Server | 2024-11-21 | 9.8 Critical |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow potentially leading to remote code execution when an attacker sends a specially crafted message. Affected Product: Interactive Graphical SCADA System Data Server (V15.0.0.22020 and prior) | ||||
| CVE-2022-24130 | 3 Debian, Fedoraproject, Invisible-island | 3 Debian Linux, Fedora, Xterm | 2024-11-21 | 5.5 Medium |
| xterm through Patch 370, when Sixel support is enabled, allows attackers to trigger a buffer overflow in set_sixel in graphics_sixel.c via crafted text. | ||||
| CVE-2022-24051 | 3 Fedoraproject, Mariadb, Redhat | 4 Fedora, Mariadb, Enterprise Linux and 1 more | 2024-11-21 | 7.8 High |
| MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193. | ||||
| CVE-2022-24048 | 3 Fedoraproject, Mariadb, Redhat | 4 Fedora, Mariadb, Enterprise Linux and 1 more | 2024-11-21 | 7.8 High |
| MariaDB CONNECT Storage Engine Stack-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16191. | ||||
| CVE-2022-23747 | 1 Sony | 6 Xperia 1, Xperia 1 Firmware, Xperia 5 and 3 more | 2024-11-21 | 9.8 Critical |
| In Sony Xperia series 1, 5, and Pro, an out of bound memory access can occur due to lack of validation of the number of frames being passed during music playback. | ||||
| CVE-2022-23431 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 6.4 Medium |
| An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | ||||
| CVE-2022-23428 | 2 Google, Samsung | 2 Android, Exynos | 2024-11-21 | 8.4 High |
| An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution. | ||||
| CVE-2022-22819 | 1 Nxp | 12 Lpc55s66jbd100, Lpc55s66jbd100 Firmware, Lpc55s66jbd64 and 9 more | 2024-11-21 | 7.8 High |
| NXP LPC55S66JBD64, LPC55S66JBD100, LPC55S66JEV98, LPC55S69JBD64, LPC55S69JBD100, and LPC55S69JEV98 microcontrollers (ROM version 1B) have a buffer overflow in parsing SB2 updates before the signature is verified. This can allow an attacker to achieve non-persistent code execution via a crafted unsigned update. | ||||
| CVE-2022-22805 | 1 Schneider-electric | 16 Scl Series 1029 Ups, Scl Series 1029 Ups Firmware, Scl Series 1030 Ups and 13 more | 2024-11-21 | 9.8 Critical |
| A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior) | ||||