Export limit exceeded: 80135 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (80135 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-25554 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the deviceId parameter. | ||||
| CVE-2022-25553 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsPwd parameter. | ||||
| CVE-2022-25552 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function form_fast_setting_wifi_set. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ssid parameter. | ||||
| CVE-2022-25551 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsDomain parameter. | ||||
| CVE-2022-25550 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via the deviceName parameter. | ||||
| CVE-2022-25549 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsEn parameter. | ||||
| CVE-2022-25548 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the serverName parameter. | ||||
| CVE-2022-25547 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service (DoS) via the time parameter. | ||||
| CVE-2022-25546 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow in the function formSetSysToolDDNS. This vulnerability allows attackers to cause a Denial of Service (DoS) via the ddnsUser parameter. | ||||
| CVE-2022-25523 | 1 Typesettercms | 1 Typesetter | 2024-11-21 | 8.8 High |
| TypesetterCMS v5.1 was discovered to contain a Cross-Site Request Forgery (CSRF) which is exploited via a crafted POST request. | ||||
| CVE-2022-25514 | 1 Nothings | 1 Stb Truetype.h | 2024-11-21 | 7.5 High |
| stb_truetype.h v1.26 was discovered to contain a heap-buffer-overflow via the function ttUSHORT() at stb_truetype.h. NOTE: Third party has disputed stating that the source code has also a disclaimer that it should only be used with trusted input. | ||||
| CVE-2022-25512 | 1 Freetakserver-ui Project | 1 Freetakserver-ui | 2024-11-21 | 7.5 High |
| FreeTAKServer-UI v1.9.8 was discovered to leak sensitive API and Websocket keys. | ||||
| CVE-2022-25510 | 1 Freetakserver-ui Project | 1 Freetakserver-ui | 2024-11-21 | 8.8 High |
| FreeTAKServer 1.9.8 contains a hardcoded Flask secret key which allows attackers to create crafted cookies to bypass authentication or escalate privileges. | ||||
| CVE-2022-25508 | 1 Freetakserver-ui Project | 1 Freetakserver-ui | 2024-11-21 | 7.5 High |
| An access control issue in the component /ManageRoute/postRoute of FreeTAKServer v1.9.8 allows unauthenticated attackers to cause a Denial of Service (DoS) via an unusually large amount of created routes, or create unsafe or false routes for legitimate users. | ||||
| CVE-2022-25491 | 1 Hospital Management System Project | 1 Hospital Management System | 2024-11-21 | 7.5 High |
| HMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in appointment.php. | ||||
| CVE-2022-25486 | 1 Cuppacms | 1 Cuppacms | 2024-11-21 | 7.8 High |
| CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertConfigField.php. | ||||
| CVE-2022-25485 | 1 Cuppacms | 1 Cuppacms | 2024-11-21 | 7.8 High |
| CuppaCMS v1.0 was discovered to contain a local file inclusion via the url parameter in /alerts/alertLightbox.php. | ||||
| CVE-2022-25478 | 1 Realtek | 2 Rtsper, Rtsuer | 2024-11-21 | 7.8 High |
| Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 provides read and write access to the PCI configuration space of the device. | ||||
| CVE-2022-25471 | 1 Open-emr | 1 Openemr | 2024-11-21 | 8.1 High |
| An Insecure Direct Object Reference (IDOR) vulnerability in OpenEMR 6.0.0 allows any authenticated attacker to access and modify unauthorized areas via a crafted POST request to /modules/zend_modules/public/Installer/register. | ||||
| CVE-2022-25465 | 1 Espruino | 1 Espruino | 2024-11-21 | 7.8 High |
| Espruino 2v11 release was discovered to contain a stack buffer overflow via src/jsvar.c in jsvGetNextSibling. | ||||