Total
12293 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-41528 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the text parameter in the setSmsCfg function. | |||||
| CVE-2022-41527 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the pppoeUser parameter in the setOpModeCfg function. | |||||
| CVE-2022-41526 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the ip parameter in the setDiagnosisCfg function. | |||||
| CVE-2022-41524 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the week, sTime, and eTime parameters in the setParentalRules function. | |||||
| CVE-2022-41523 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the command parameter in the setTracerouteCfg function. | |||||
| CVE-2022-41522 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an unauthenticated stack overflow via the "main" function. | |||||
| CVE-2022-41521 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the sPort/ePort parameter in the setIpPortFilterRules function. | |||||
| CVE-2022-41520 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain an authenticated stack overflow via the File parameter in the UploadCustomModule function. | |||||
| CVE-2022-41517 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2024-11-21 | N/A | 8.8 HIGH |
| TOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a stack overflow in the lang parameter in the setLanguageCfg function | |||||
| CVE-2022-41430 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A | 8.8 HIGH |
| Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBit function in mp4mux. | |||||
| CVE-2022-41429 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A | 8.8 HIGH |
| Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_Atom::TypeFromString function in mp4tag. | |||||
| CVE-2022-41428 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A | 8.8 HIGH |
| Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadBits function in mp4mux. | |||||
| CVE-2022-41420 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | N/A | 5.5 MEDIUM |
| nasm v2.16 was discovered to contain a stack overflow in the Ndisasm component | |||||
| CVE-2022-41301 | 1 Autodesk | 1 Subassembly Composer | 2024-11-21 | N/A | 7.8 HIGH |
| A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2022-41283 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-11-21 | N/A | 7.8 HIGH |
| A vulnerability has been identified in JT2Go (All versions < V14.1.0.6), Teamcenter Visualization V13.2 (All versions < V13.2.0.12), Teamcenter Visualization V13.3 (All versions < V13.3.0.8), Teamcenter Visualization V14.0 (All versions < V14.0.0.4), Teamcenter Visualization V14.1 (All versions < V14.1.0.6). The CGM_NIST_Loader.dll contains an out of bounds write vulnerability when parsing a CGM file. An attacker can leverage this vulnerability to execute code in the context of the current process. | |||||
| CVE-2022-41211 | 1 Sap | 2 3d Visual Enterprise Author, 3d Visual Enterprise Viewer | 2024-11-21 | N/A | 7.0 HIGH |
| Due to lack of proper memory management, when a victim opens manipulated file received from untrusted sources in SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer, Arbitrary Code Execution can be triggered when payload forces:Re-use of dangling pointer which refers to overwritten space in memory. The accessed memory must be filled with code to execute the attack. Therefore, repeated success is unlikely.Stack-based buffer overflow. Since the memory overwritten is random, based on access rights of the memory, repeated success is not assured. | |||||
| CVE-2022-41200 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | N/A | 7.8 HIGH |
| Due to lack of proper memory management, when a victim opens a manipulated Scalable Vector Graphic (.svg, svg.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. | |||||
| CVE-2022-41198 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | N/A | 7.8 HIGH |
| Due to lack of proper memory management, when a victim opens a manipulated SketchUp (.skp, SketchUp.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. | |||||
| CVE-2022-41196 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | N/A | 7.8 HIGH |
| Due to lack of proper memory management, when a victim opens a manipulated VRML Worlds (.wrl, vrml.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. | |||||
| CVE-2022-41195 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | N/A | 7.8 HIGH |
| Due to lack of proper memory management, when a victim opens a manipulated EAAmiga Interchange File Format (.iff, 2d.x3d) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9, it is possible that a Remote Code Execution can be triggered when payload forces a stack-based overflow or a re-use of dangling pointer which refers to overwritten space in memory. | |||||