Total
12237 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-47122 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wrlPwd_5g parameter at /goform/WifiBasicSet. | |||||
| CVE-2022-47121 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wepkey parameter at /goform/WifiBasicSet. | |||||
| CVE-2022-47120 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the security_5g parameter at /goform/WifiBasicSet. | |||||
| CVE-2022-47119 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the ssid parameter at /goform/WifiBasicSet. | |||||
| CVE-2022-47117 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the security parameter at /goform/WifiBasicSet. | |||||
| CVE-2022-47115 | 1 Tenda | 2 A15, A15 Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| Tenda A15 V15.13.07.13 was discovered to contain a stack overflow via the wepauth parameter at /goform/WifiBasicSet. | |||||
| CVE-2022-46601 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the setbg_num parameter in the icp_setbg_img (sub_41DD68) function. | |||||
| CVE-2022-46594 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the update_file_name parameter in the auto_up_fw (sub_420A04) function. | |||||
| CVE-2022-46593 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the wps_sta_enrollee_pin parameter in the do_sta_enrollee_wifi function. | |||||
| CVE-2022-46592 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the wps_sta_enrollee_pin parameter in the set_sta_enrollee_pin_5g function. | |||||
| CVE-2022-46591 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the reject_url parameter in the reject (sub_41BD60) function. | |||||
| CVE-2022-46590 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the cameo.cameo.netstat_rsname parameter in the tools_netstat (sub_41E730) function. | |||||
| CVE-2022-46589 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the cameo.cameo.netstat_option parameter in the tools_netstat (sub_41E730) function. | |||||
| CVE-2022-46588 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the sys_service parameter in the setup_wizard_mydlink (sub_4104B8) function. | |||||
| CVE-2022-46586 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the qcawifi.wifi%d_vap%d.maclist parameter in the kick_ban_wifi_mac_allow (sub_415B00) function. | |||||
| CVE-2022-46585 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the REMOTE_USER parameter in the get_access (sub_45AC2C) function. | |||||
| CVE-2022-40660 | 1 Nikon | 1 Nis-elements Viewer | 2025-04-11 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15135. | |||||
| CVE-2022-40658 | 1 Nikon | 1 Nis-elements Viewer | 2025-04-11 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF images. Crafted data in a TIF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15166. | |||||
| CVE-2022-40659 | 1 Nikon | 1 Nis-elements Viewer | 2025-04-11 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF images. Crafted data in a TIF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15214. | |||||
| CVE-2023-39352 | 3 Debian, Fedoraproject, Freerdp | 3 Debian Linux, Fedora, Freerdp | 2025-04-11 | N/A | 5.3 MEDIUM |
| FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an invalid offset validation leading to Out Of Bound Write. This can be triggered when the values `rect->left` and `rect->top` are exactly equal to `surface->width` and `surface->height`. eg. `rect->left` == `surface->width` && `rect->top` == `surface->height`. In practice this should cause a crash. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability. | |||||