Export limit exceeded: 13887 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13887 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-2624 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2024-11-21 | 8.8 High |
| Heap buffer overflow in PDF in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. | ||||
| CVE-2022-2601 | 3 Fedoraproject, Gnu, Redhat | 13 Fedora, Grub2, Enterprise Linux and 10 more | 2024-11-21 | 8.6 High |
| A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for the glyph, this further leads to a buffer overflow and a heap based out-of-bounds write. An attacker may use this vulnerability to circumvent the secure boot mechanism. | ||||
| CVE-2022-2587 | 1 Google | 2 Chrome, Chrome Os | 2024-11-21 | 9.8 Critical |
| Out of bounds write in Chrome OS Audio Server in Google Chrome on Chrome OS prior to 102.0.5005.125 allowed a remote attacker to potentially exploit heap corruption via crafted audio metadata. | ||||
| CVE-2022-2415 | 1 Google | 1 Chrome | 2024-11-21 | 8.8 High |
| Heap buffer overflow in WebGL in Google Chrome prior to 103.0.5060.53 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2022-2402 | 1 Eset | 2 Endpoint Encryption, Full Disk Encryption | 2024-11-21 | 6.5 Medium |
| The vulnerability in the driver dlpfde.sys enables a user logged into the system to perform system calls leading to kernel stack overflow, resulting in a system crash, for instance, a BSOD. | ||||
| CVE-2022-2344 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0045. | ||||
| CVE-2022-2288 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 7.8 High |
| Out-of-bounds Write in GitHub repository vim/vim prior to 9.0. | ||||
| CVE-2022-2274 | 2 Netapp, Openssl | 12 H300s, H300s Firmware, H410c and 9 more | 2024-11-21 | 9.8 Critical |
| The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys incorrect on such machines and memory corruption will happen during the computation. As a consequence of the memory corruption an attacker may be able to trigger a remote code execution on the machine performing the computation. SSL/TLS servers or other servers using 2048 bit RSA private keys running on machines supporting AVX512IFMA instructions of the X86_64 architecture are affected by this issue. | ||||
| CVE-2022-2210 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2024-11-21 | 7.8 High |
| Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-2125 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2024-11-21 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-2061 | 1 Chafa Project | 1 Chafa | 2024-11-21 | 3.3 Low |
| Heap-based Buffer Overflow in GitHub repository hpjansson/chafa prior to 1.12.0. | ||||
| CVE-2022-29824 | 6 Debian, Fedoraproject, Netapp and 3 more | 26 Debian Linux, Fedora, Active Iq Unified Manager and 23 more | 2024-11-21 | 6.5 Medium |
| In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is affected as well. | ||||
| CVE-2022-29777 | 1 Onlyoffice | 2 Core, Document Server | 2024-11-21 | 9.8 Critical |
| Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a heap overflow via the component DesktopEditor/fontengine/fontconverter/FontFileBase.h. | ||||
| CVE-2022-29776 | 1 Onlyoffice | 2 Core, Document Server | 2024-11-21 | 9.8 Critical |
| Onlyoffice Document Server v6.0.0 and below and Core 6.1.0.26 and below were discovered to contain a stack overflow via the component DesktopEditor/common/File.cpp. | ||||
| CVE-2022-29643 | 1 Totolink | 2 A3100r, A3100r Firmware | 2024-11-21 | 7.5 High |
| TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the macAddress parameter in the function setMacQos. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2022-29642 | 1 Totolink | 2 A3100r, A3100r Firmware | 2024-11-21 | 7.5 High |
| TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the url parameter in the function setUrlFilterRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2022-29641 | 1 Totolink | 2 A3100r, A3100r Firmware | 2024-11-21 | 7.5 High |
| TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the startTime and endTime parameters in the function setParentalRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2022-29640 | 1 Totolink | 2 A3100r, A3100r Firmware | 2024-11-21 | 7.5 High |
| TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the comment parameter in the function setPortForwardRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2022-29638 | 1 Totolink | 2 A3100r, A3100r Firmware | 2024-11-21 | 7.5 High |
| TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a stack overflow via the comment parameter in the function setIpQosRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2022-29616 | 1 Sap | 3 Netweaver As Abap Kernel, Netweaver As Abap Krnl64nuc, Netweaver As Abap Krnl64uc | 2024-11-21 | 7.5 High |
| SAP Host Agent, SAP NetWeaver and ABAP Platform allow an attacker to leverage logical errors in memory management to cause a memory corruption. | ||||