Export limit exceeded: 20955 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20955 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-41484 | 1 Tenda | 2 Ap500, Ap500v1 Firmware | 2025-05-15 | 7.5 High |
| Tenda AC1900 AP500(US)_V1_180320(Beta) was discovered to contain a buffer overflow in the 0x32384 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2022-41483 | 1 Tenda | 2 Ac6, Ac6v2.0 Firmware | 2025-05-15 | 7.5 High |
| Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x4a12cc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2022-41482 | 1 Tenda | 2 Ac6, Ac6v2.0 Firmware | 2025-05-15 | 7.5 High |
| Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47c5dc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2022-41481 | 1 Tenda | 2 Ac6, Ac6v2.0 Firmware | 2025-05-15 | 7.5 High |
| Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x47de1c function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2022-41480 | 1 Tenda | 2 Ac6, Ac6v2.0 Firmware | 2025-05-15 | 7.5 High |
| Tenda AC1200 US_AC6V2.0RTL_V15.03.06.51_multi_TDE01 was discovered to contain a buffer overflow in the 0x475dc function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2021-46840 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-15 | 9.1 Critical |
| The HW_KEYMASTER module has an out-of-bounds access vulnerability in parameter set verification.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access. | ||||
| CVE-2021-46839 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-15 | 9.1 Critical |
| The HW_KEYMASTER module has a vulnerability of missing bounds check on length.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access. | ||||
| CVE-2022-32491 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2025-05-15 | 4.1 Medium |
| Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during SMM. | ||||
| CVE-2022-32493 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2025-05-15 | 6 Medium |
| Dell BIOS contains an Stack-Based Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM. | ||||
| CVE-2022-41674 | 4 Debian, Fedoraproject, Linux and 1 more | 6 Debian Linux, Fedora, Linux Kernel and 3 more | 2025-05-15 | 8.1 High |
| An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c. | ||||
| CVE-2022-39120 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-15 | 5.5 Medium |
| In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | ||||
| CVE-2022-38998 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-15 | 7.5 High |
| The HISP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality. | ||||
| CVE-2022-38984 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-15 | 7.5 High |
| The HIPP module has a vulnerability of not verifying the data transferred in the kernel space.Successful exploitation of this vulnerability will cause out-of-bounds read, which affects data confidentiality. | ||||
| CVE-2022-38981 | 1 Huawei | 1 Harmonyos | 2025-05-15 | 7.5 High |
| The HwAirlink module has an out-of-bounds read vulnerability.Successful exploitation of this vulnerability may cause information leakage. | ||||
| CVE-2022-38673 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-15 | 5.5 Medium |
| In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | ||||
| CVE-2022-38672 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-15 | 5.5 Medium |
| In face detect driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | ||||
| CVE-2023-41230 | 1 Dlink | 2 Dir-3040, Dir-3040 Firmware | 2025-05-15 | 8.8 High |
| D-Link DIR-3040 HTTP Request Processing Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd webserver listening on TCP ports 80 and 443. The issue results from the lack of proper validation of a user-supplied string before copying it to a fixed size stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21674. | ||||
| CVE-2023-41229 | 1 Dlink | 2 Dir-3040, Dir-3040 Firmware | 2025-05-15 | 8.8 High |
| D-Link DIR-3040 HTTP Request Processing Referer Heap-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd webserver listening on TCP ports 80 and 443. The issue results from the lack of proper validation of a user-supplied string before copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21671. | ||||
| CVE-2023-41228 | 1 Dlink | 2 Dir-3040, Dir-3040 Firmware | 2025-05-15 | 6.8 Medium |
| D-Link DIR-3040 prog.cgi SetUsersSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd webserver listening on TCP ports 80 and 443. The issue results from the lack of proper validation of a user-supplied string before copying it to a fixed-size stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21654. | ||||
| CVE-2023-41227 | 1 Dlink | 2 Dir-3040, Dir-3040 Firmware | 2025-05-15 | 6.8 Medium |
| D-Link DIR-3040 prog.cgi SetTriggerPPPoEValidate Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd webserver listening on TCP ports 80 and 443. The issue results from the lack of proper validation of a user-supplied string before copying it to a fixed-size stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-21653. | ||||