Export limit exceeded: 350763 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 80659 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (80659 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-38565 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 7.5 High |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service (DoS) via the mailpwd parameter. | ||||
| CVE-2022-38564 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 7.5 High |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow vulnerability in the function formSetPicListItem. This vulnerability allows attackers to cause a Denial of Service (DoS) via the adItemUID parameter. | ||||
| CVE-2022-38563 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 7.5 High |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the MACAddr parameter. | ||||
| CVE-2022-38562 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 7.5 High |
| Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the lan parameter. | ||||
| CVE-2022-38535 | 1 Totolink | 2 A720r, A720r Firmware | 2024-11-21 | 7.2 High |
| TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setTracerouteCfg function. | ||||
| CVE-2022-38534 | 1 Totolink | 2 A720r, A720r Firmware | 2024-11-21 | 7.2 High |
| TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability via the setdiagnosicfg function. | ||||
| CVE-2022-38532 | 1 Msi | 1 Center | 2024-11-21 | 7.8 High |
| Micro-Star International Co., Ltd MSI Center 1.0.50.0 was discovered to contain a vulnerability in the component C_Features of MSI.CentralServer.exe. This vulnerability allows attackers to escalate privileges via running a crafted executable. | ||||
| CVE-2022-38531 | 1 Fpt | 4 G-97rg3, G-97rg3 Firmware, G-97rg6m and 1 more | 2024-11-21 | 8.8 High |
| FPT G-97RG6M R4.2.98.035 and G-97RG3 R4.2.43.078 are vulnerable to Remote Command Execution in the ping function. | ||||
| CVE-2022-38530 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.8 High |
| GPAC v2.1-DEV-rev232-gfcaa01ebb-master was discovered to contain a stack overflow when processing ISOM_IOD. | ||||
| CVE-2022-38529 | 1 Tinyexr Project | 1 Tinyexr | 2024-11-21 | 7.8 High |
| tinyexr commit 0647fb3 was discovered to contain a heap-buffer overflow via the component rleUncompress. | ||||
| CVE-2022-38511 | 1 Totolink | 2 A810r, A810r Firmware | 2024-11-21 | 7.8 High |
| TOTOLINK A810R V5.9c.4050_B20190424 was discovered to contain a command injection vulnerability via the component downloadFile.cgi. | ||||
| CVE-2022-38510 | 1 Tenda | 2 Tx9 Pro, Tx9 Pro Firmware | 2024-11-21 | 7.8 High |
| Tenda_TX9pro V22.03.02.10 was discovered to contain a buffer overflow via the component httpd/SetNetControlList. | ||||
| CVE-2022-38495 | 1 Lief-project | 1 Lief | 2024-11-21 | 7.8 High |
| LIEF commit 365a16a was discovered to contain a heap-buffer overflow via the function print_binary at /c/macho_reader.c. | ||||
| CVE-2022-38493 | 1 Rhonabwy Project | 1 Rhonabwy | 2024-11-21 | 7.5 High |
| Rhonabwy 0.9.99 through 1.1.x before 1.1.7 doesn't check the RSA private key length before RSA-OAEP decryption. This allows attackers to cause a Denial of Service via a crafted JWE (JSON Web Encryption) token. | ||||
| CVE-2022-38484 | 1 Agevolt | 1 Agevolt | 2024-11-21 | 8.8 High |
| An arbitrary file upload and directory traversal vulnerability exist in the file upload functionality of the System Setup menu in AgeVolt Portal prior to version 0.1. A remote authenticated attacker could leverage this vulnerability to upload files to any location on the target operating system with web server privileges. | ||||
| CVE-2022-38466 | 1 Siemens | 1 Coreshield One-way Gateway | 2024-11-21 | 7.8 High |
| A vulnerability has been identified in CoreShield One-Way Gateway (OWG) Software (All versions < V2.2). The default installation sets insecure file permissions that could allow a local attacker to escalate privileges to local administrator. | ||||
| CVE-2022-38451 | 2 Freshtomato, Siretta | 3 Freshtomato, Quartz-gold, Quartz-gold Firmware | 2024-11-21 | 7.5 High |
| A directory traversal vulnerability exists in the httpd update.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability. | ||||
| CVE-2022-38434 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-11-21 | 7.8 High |
| Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-38393 | 1 Asus | 2 Rt-ax82u, Rt-ax82u Firmware | 2024-11-21 | 7.5 High |
| A denial of service vulnerability exists in the cfg_server cm_processConnDiagPktList opcode of Asus RT-AX82U 3.0.0.4.386_49674-ge182230 router's configuration service. A specially-crafted network packet can lead to denial of service. An attacker can send a malicious packet to trigger this vulnerability. | ||||
| CVE-2022-38375 | 1 Fortinet | 2 Fortinac, Fortinac-f | 2024-11-21 | 8.6 High |
| An improper authorization vulnerability [CWE-285] in Fortinet FortiNAC version 9.4.0 through 9.4.1 and before 9.2.6 allows an unauthenticated user to perform some administrative operations over the FortiNAC instance via crafted HTTP POST requests. | ||||