Total
13473 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-30918 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2024-11-21 | 9.8 Critical |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Asp_SetTelnet parameter at /goform/aspForm. | ||||
| CVE-2022-30917 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2024-11-21 | 9.8 Critical |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the AddWlanMacList parameter at /goform/aspForm. | ||||
| CVE-2022-30916 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2024-11-21 | 9.8 Critical |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the Asp_SetTelnetDebug parameter at /goform/aspForm. | ||||
| CVE-2022-30915 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2024-11-21 | 9.8 Critical |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateSnat parameter at /goform/aspForm. | ||||
| CVE-2022-30914 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2024-11-21 | 9.8 Critical |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateMacClone parameter at /goform/aspForm. | ||||
| CVE-2022-30913 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2024-11-21 | 9.8 Critical |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the ipqos_set_bandwidth parameter at /goform/aspForm. | ||||
| CVE-2022-30912 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2024-11-21 | 9.8 Critical |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the UpdateWanParams parameter at /goform/aspForm. | ||||
| CVE-2022-30910 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2024-11-21 | 9.8 Critical |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the GO parameter at /goform/aspForm. | ||||
| CVE-2022-30909 | 1 H3c | 2 Magic R100, Magic R100 Firmware | 2024-11-21 | 9.8 Critical |
| H3C Magic R100 R100V100R005 was discovered to contain a stack overflow vulnerability via the CMD parameter at /goform/aspForm. | ||||
| CVE-2022-30785 | 3 Debian, Fedoraproject, Tuxera | 3 Debian Linux, Fedora, Ntfs-3g | 2024-11-21 | 6.7 Medium |
| A file handle created in fuse_lib_opendir, and later used in fuse_lib_readdir, enables arbitrary memory read and write operations in NTFS-3G through 2021.8.22 when using libfuse-lite. | ||||
| CVE-2022-30660 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-11-21 | N/A |
| Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-30595 | 1 Python | 1 Pillow | 2024-11-21 | 9.8 Critical |
| libImaging/TgaRleDecode.c in Pillow 9.1.0 has a heap buffer overflow in the processing of invalid TGA image files. | ||||
| CVE-2022-30538 | 1 Fujielectric | 1 Monitouch V-sft | 2024-11-21 | 7.8 High |
| Out-of-bounds write vulnerability exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | ||||
| CVE-2022-30524 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | 7.8 High |
| There is an invalid memory access in the TextLine class in TextOutputDev.cc in Xpdf 4.0.4 because the text extractor mishandles characters at large y coordinates. It can be triggered by (for example) sending a crafted pdf file to the pdftotext binary, which allows a remote attacker to cause a Denial of Service (Segmentation fault) or possibly have unspecified other impact. | ||||
| CVE-2022-30521 | 1 Dlink | 2 Dir-890l, Dir-890l Firmware | 2024-11-21 | 9.8 Critical |
| The LAN-side Web-Configuration Interface has Stack-based Buffer Overflow vulnerability in the D-Link Wi-Fi router firmware DIR-890L DIR890LA1_FW107b09.bin and previous versions. The function created at 0x17958 of /htdocs/cgibin will call sprintf without checking the length of strings in parameters given by HTTP header and can be controlled by users easily. The attackers can exploit the vulnerability to carry out arbitrary code by means of sending a specially constructed payload to port 49152. | ||||
| CVE-2022-30477 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetClientState request. | ||||
| CVE-2022-30476 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/SetFirewallCfg request. | ||||
| CVE-2022-30475 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2024-11-21 | 7.5 High |
| Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a stack-based buffer overflow in the httpd module when handling /goform/WifiExtraSet request. | ||||
| CVE-2022-30474 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AC Series Router AC18_V15.03.05.19(6318) was discovered to contain a heap overflow in the httpd module when handling /goform/saveParentControlInfo request. | ||||
| CVE-2022-30473 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2024-11-21 | 7.5 High |
| Tenda AC Series Router AC18_V15.03.05.19(6318) has a stack-based buffer overflow vulnerability in function form_fast_setting_wifi_set | ||||