Total
13473 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-26438 | 1 Mediatek | 26 Mt7603, Mt7603 Firmware, Mt7610 and 23 more | 2024-11-21 | 6.7 Medium |
| In wifi driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220420013; Issue ID: GN20220420013. | ||||
| CVE-2022-26435 | 3 Google, Mediatek, Yoctoproject | 32 Android, Mt6833, Mt6853 and 29 more | 2024-11-21 | 6.7 Medium |
| In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138435; Issue ID: ALPS07138435. | ||||
| CVE-2022-26434 | 3 Google, Mediatek, Yoctoproject | 32 Android, Mt6833, Mt6853 and 29 more | 2024-11-21 | 6.7 Medium |
| In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138450; Issue ID: ALPS07138450. | ||||
| CVE-2022-26432 | 3 Google, Mediatek, Yoctoproject | 25 Android, Mt6833, Mt6853 and 22 more | 2024-11-21 | 6.7 Medium |
| In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032542; Issue ID: ALPS07032542. | ||||
| CVE-2022-26431 | 3 Google, Mediatek, Yoctoproject | 25 Android, Mt6833, Mt6853 and 22 more | 2024-11-21 | 6.7 Medium |
| In mailbox, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032553; Issue ID: ALPS07032553. | ||||
| CVE-2022-26430 | 3 Google, Mediatek, Yoctoproject | 25 Android, Mt6833, Mt6853 and 22 more | 2024-11-21 | 6.7 Medium |
| In mailbox, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07032521; Issue ID: ALPS07032521. | ||||
| CVE-2022-26427 | 2 Google, Mediatek | 6 Android, Mt6833, Mt6853 and 3 more | 2024-11-21 | 6.7 Medium |
| In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085540; Issue ID: ALPS07085540. | ||||
| CVE-2022-26426 | 2 Google, Mediatek | 22 Android, Mt6833, Mt6853 and 19 more | 2024-11-21 | 6.7 Medium |
| In camera isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07085486; Issue ID: ALPS07085486. | ||||
| CVE-2022-26302 | 1 Fujielectric | 1 V-sft | 2024-11-21 | 7.8 High |
| Heap-based buffer overflow exists in the simulator module contained in the graphic editor 'V-SFT' versions prior to v6.1.6.0, which may allow an attacker to obtain information and/or execute arbitrary code by having a user to open a specially crafted image file. | ||||
| CVE-2022-26300 | 1 Eosio Project | 1 Eos | 2024-11-21 | 7.5 High |
| EOS v2.1.0 was discovered to contain a heap-buffer-overflow via the function txn_test_gen_plugin. | ||||
| CVE-2022-26278 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AC9 v15.03.2.21_cn was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function. | ||||
| CVE-2022-26181 | 1 Dropbox | 1 Lepton | 2024-11-21 | 7.8 High |
| Dropbox Lepton v1.2.1-185-g2a08b77 was discovered to contain a heap-buffer-overflow in the function aligned_dealloc():src/lepton/bitops.cc:108. | ||||
| CVE-2022-26098 | 1 Google | 1 Android | 2024-11-21 | 8.1 High |
| Heap-based buffer overflow vulnerability in sheifd_create function of libsimba library prior to SMR Apr-2022 Release 1 allows code execution by remote attackers. | ||||
| CVE-2022-26092 | 1 Google | 1 Android | 2024-11-21 | 7.4 High |
| Improper boundary check in Quram Agif library prior to SMR Apr-2022 Release 1 allows arbitrary code execution. | ||||
| CVE-2022-26061 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 7.8 High |
| A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2022-25972 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | 7.8 High |
| An out-of-bounds write vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2022-25949 | 1 Kingsoft | 1 Internet Security 9 Plus | 2024-11-21 | 7.8 High |
| The kernel mode driver kwatch3 of KINGSOFT Internet Security 9 Plus Version 2010.06.23.247 fails to properly handle crafted inputs, leading to stack-based buffer overflow. | ||||
| CVE-2022-25903 | 1 Opcua Project | 1 Opcua | 2024-11-21 | 7.5 High |
| The package opcua from 0.0.0 are vulnerable to Denial of Service (DoS) via the ExtensionObjects and Variants objects, when it allows unlimited nesting levels, which could result in a stack overflow even if the message size is less than the maximum allowed. | ||||
| CVE-2022-25797 | 1 Autodesk | 1 Dwg Trueview | 2024-11-21 | 7.8 High |
| A maliciously crafted PDF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 can be used to dereference for a write beyond the allocated buffer while parsing PDF files. The vulnerability exists because the application fails to handle a crafted PDF file, which causes an unhandled exception. | ||||
| CVE-2022-25792 | 1 Autodesk | 11 Advance Steel, Autocad, Autocad Architecture and 8 more | 2024-11-21 | 7.8 High |
| A maliciously crafted DXF file in Autodesk AutoCAD 2022, 2021, 2020, 2019 and Autodesk Navisworks 2022 can be used to write beyond the allocated buffer through Buffer overflow vulnerability. This vulnerability can be exploited to execute arbitrary code. | ||||