Total
12293 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-40159 | 1 Apache | 1 Commons Jxpath | 2024-11-21 | N/A | 6.5 MEDIUM |
| ** DISPUTED ** This record was originally reported by the oss-fuzz project who failed to consider the security context in which JXPath is intended to be used and failed to contact the JXPath maintainers prior to requesting the CVE allocation. The CVE was then allocated by Google in breach of the CNA rules. After review by the JXPath maintainers, the original report was found to be invalid. | |||||
| CVE-2022-40149 | 2 Debian, Jettison Project | 2 Debian Linux, Jettison | 2024-11-21 | N/A | 6.5 MEDIUM |
| Those using Jettison to parse untrusted XML or JSON data may be vulnerable to Denial of Service attacks (DOS). If the parser is running on user supplied input, an attacker may supply content that causes the parser to crash by stackoverflow. This effect may support a denial of service attack. | |||||
| CVE-2022-40076 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: fromSetWifiGusetBasic. | |||||
| CVE-2022-40075 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, form_fast_setting_wifi_set. | |||||
| CVE-2022-40074 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, setSchedWifi. | |||||
| CVE-2022-40073 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, saveParentControlInfo. | |||||
| CVE-2022-40072 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: setSmartPowerManagement. | |||||
| CVE-2022-40071 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, formSetDeviceName. | |||||
| CVE-2022-40070 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via bin/httpd, function: formSetFirewallCfg. | |||||
| CVE-2022-40069 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| ]Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: fromSetSysTime. | |||||
| CVE-2022-40068 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: formSetQosBand. | |||||
| CVE-2022-40067 | 1 Tenda | 2 Ac21, Ac21 Firmware | 2024-11-21 | N/A | 7.5 HIGH |
| Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: formSetVirtualSer. | |||||
| CVE-2022-3974 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A | 6.3 MEDIUM |
| A vulnerability classified as critical was found in Axiomatic Bento4. Affected by this vulnerability is the function AP4_StdcFileByteStream::ReadPartial of the file Ap4StdCFileByteStream.cpp of the component mp4info. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213553 was assigned to this vulnerability. | |||||
| CVE-2022-3890 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-11-21 | N/A | 9.6 CRITICAL |
| Heap buffer overflow in Crashpad in Google Chrome on Android prior to 107.0.5304.106 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2022-3785 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A | 6.3 MEDIUM |
| A vulnerability, which was classified as critical, has been found in Axiomatic Bento4. Affected by this issue is the function AP4_DataBuffer::SetDataSize of the component Avcinfo. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212564. | |||||
| CVE-2022-3784 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A | 6.3 MEDIUM |
| A vulnerability classified as critical was found in Axiomatic Bento4 5e7bb34. Affected by this vulnerability is the function AP4_Mp4AudioDsiParser::ReadBits of the file Ap4Mp4AudioInfo.cpp of the component mp4hls. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212563. | |||||
| CVE-2022-3775 | 2 Gnu, Redhat | 2 Grub2, Enterprise Linux | 2024-11-21 | N/A | 7.1 HIGH |
| When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded. | |||||
| CVE-2022-3699 | 1 Lenovo | 3 Diagnostics, Hardwarescan Addin, Hardwarescan Plugin | 2024-11-21 | N/A | 7.8 HIGH |
| A privilege escalation vulnerability was reported in the Lenovo HardwareScanPlugin prior to versionĀ 1.3.1.2 andĀ Lenovo Diagnostics prior to version 4.45 that could allow a local user to execute code with elevated privileges. | |||||
| CVE-2022-3670 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A | 7.3 HIGH |
| A vulnerability was found in Axiomatic Bento4. It has been classified as critical. Affected is the function WriteSample of the component mp42hevc. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-212010 is the identifier assigned to this vulnerability. | |||||
| CVE-2022-3667 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A | 7.3 HIGH |
| A vulnerability, which was classified as critical, was found in Axiomatic Bento4. This affects the function AP4_MemoryByteStream::WritePartial of the file Ap4ByteStream.cpp of the component mp42aac. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212007. | |||||