CVE Daily
← All tags

Tag: Buffer Overflow

All CVEs associated with "Buffer Overflow". Page 52/160 • 19114 CVEs.

Subscribe CVEs: RSS for “Buffer Overflow”  ·  RSS (High+Critical only)

About “Buffer Overflow”

A curated feed of “Buffer Overflow”-related CVEs appears below. We currently track 19114 CVEs for this tag (all time). In the last 365 days, 2717 were published. Average CVSS is 7.9 (all time; 8.0 over 365d), and 78% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-121 - Stack-based Buffer Overflow, CWE-122 - Heap-based Buffer Overflow.

In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2022-12-23
Critical

CVE-2022-45716

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formIPMacBindDel function.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2022-45715

IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pLanPortRange and pWanPortRange parameters in the formSetPortMapping function.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2022-45714

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the indexSet parameter in the formQOSRuleDel function.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2022-45712

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsForward function.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2022-45710

IP-COM M50 V15.11.0.33(10768) was discovered to contain multiple buffer overflows via the pEnable, pLevel, and pModule parameters in the formSetDebugCfg function.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2022-45708

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the sPortMapIndex parameter in the formDelPortMapping function.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2022-45707

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the rules parameter in the formAddDnsHijack function.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2022-45706

IP-COM M50 V15.11.0.33(10768) was discovered to contain a buffer overflow via the hostname parameter in the formSetNetCheckTools function.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-47942

An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.19 before 5.19.2. There is a heap-based buffer overflow in set_ntacl_dacl, related to use of SMB2_QUERY_INFO_HE after a malformed S…

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2022-12-22
High

CVE-2022-43602

Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer ove…

CVSS: 8.1 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2022-43601

Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer ove…

CVSS: 8.1 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2022-43600

Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer ove…

CVSS: 8.1 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2022-43599

Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer ove…

CVSS: 8.1 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2022-41981

A stack-based buffer overflow vulnerability exists in the TGA file format parser of OpenImageIO v2.3.19.0. A specially-crafted targa file can lead to out of bounds read and write on the process stack…

CVSS: 8.1 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
Critical

CVE-2022-41838

A code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially-crafted .dds can lead to a heap buffer overflow. An attacker c…

CVSS: 9.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
Critical

CVE-2022-41794

A heap based buffer overflow vulnerability exists in the PSD thumbnail resource parsing code of OpenImageIO 2.3.19.0. A specially-crafted PSD file can lead to arbitrary code execution. An attacker ca…

CVSS: 9.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
Critical

CVE-2022-41639

A heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in OpenImageIO master-branch-9aeece7a and v2.3.19.0. A specially-crafted TIFF file can lead to an out of b…

CVSS: 9.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
Medium

CVE-2022-40961

During startup, a graphics driver with an unexpected name could lead to a stack-buffer overflow causing a potentially exploitable crash.<br>*This issue only affects Firefox for Android. Other operati…

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
2022-12-20
High

CVE-2022-46551

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the time parameter at /goform/saveParentControlInfo.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46550

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the urls parameter at /goform/saveParentControlInfo.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46549

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/saveParentControlInfo.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46548

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/DhcpListClient.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46547

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/VirtualSer.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46546

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the entrys parameter at /goform/RouteStatic.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46545

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46544

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the cmdinput parameter at /goform/exeCommand.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46543

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the mitInterface parameter at /goform/addressNat.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46542

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/addressNat.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46541

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the ssid parameter at /goform/fast_setting_wifi_set.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46540

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the entrys parameter at /goform/addressNat.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46539

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the security_5g parameter at /goform/WifiBasicSet.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46537

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the security parameter at /goform/WifiBasicSet.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46536

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the limitSpeedUp parameter at /goform/SetClientState.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46535

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/SetClientState.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46534

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the speed_dir parameter at /goform/SetSpeedWan.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46533

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the limitSpeed parameter at /goform/SetClientState.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46532

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceMac parameter at /goform/addWifiMacFilter.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46531

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceId parameter at /goform/addWifiMacFilter.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-46530

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the mac parameter at /goform/GetParentControlInfo.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45666

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDset function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45665

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the funcpara1 parameter in the formSetCfm function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2022-12-19
Critical

CVE-2022-44755

HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arb…

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-44754

HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute ar…

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-44753

HCL Notes is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute ar…

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-44752

HCL Domino is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute a…

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-44751

HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arb…

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-44750

HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute ar…

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2022-12-18
High

CVE-2022-47521

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_CHANNEL_LIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-47518

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigg…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2022-12-17
Medium

CVE-2022-4584

A vulnerability was found in Axiomatic Bento4 up to 1.6.0-639. It has been rated as critical. Affected by this issue is some unknown functionality of the component mp42aac. The manipulation leads to…

CVSS: 6.3 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
2022-12-16
High

CVE-2022-46109

Tenda AC15 V15.03.06.23 is vulnerable to Buffer Overflow via function formSetClientState.

CVSS: 7.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
2022-12-15
Critical

CVE-2022-46393

An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is en…

CVSS: 9.8 CWE: CWE-125 - Out-of-bounds Read View on NVD
2022-12-14
High

CVE-2022-2601

A buffer overflow was found in grub_font_construct_glyph(). A malicious crafted pf2 font can lead to an overflow when calculating the max_glyph_size value, allocating a smaller than needed buffer for…

CVSS: 8.6 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2022-44910

Binbloom 2.0 was discovered to contain a heap buffer overflow via the read_pointer function at /binbloom-master/src/helpers.c.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2022-12-13
Medium

CVE-2019-25078

A vulnerability classified as problematic was found in pacparser up to 1.3.x. Affected by this vulnerability is the function pacparser_find_proxy of the file src/pacparser.c. The manipulation of the…

CVSS: 5.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2022-12-12
High

CVE-2022-45997

Tenda W20E V16.01.0.6(3392) is vulnerable to Buffer Overflow.

CVSS: 7.2 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45957

ZTE ZXHN-H108NS router with firmware version H108NSV1.0.7u_ZRD_GR2_A68 is vulnerable to remote stack buffer overflow.

CVSS: 7.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-37910

A buffer overflow vulnerability exists in the ArubaOS command line interface. Successful exploitation of this vulnerability results in a denial of service on the affected system.

CVSS: 4.4 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2021-3942

Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR.

CVSS: 9.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2022-12-08
Medium

CVE-2022-46824

In JetBrains IntelliJ IDEA before 2022.2.4 a buffer overflow in the fsnotifier daemon on macOS was possible.

CVSS: 5.6 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2022-44455

The appspawn and nwebspawn services within OpenHarmony-v3.1.2 and prior versions were found to be vulnerable to buffer overflow vulnerability due to insufficient input validation. An unprivileged mal…

CVSS: 6.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2022-12-07
High

CVE-2022-2948

GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code.

CVSS: 7.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2022-43667

Stack-based buffer overflow vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially cra…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2022-12-06
Medium

CVE-2022-42756

In sensor driver, there is a possible buffer overflow due to a missing bounds check. This could lead to local denial of service in kernel.

CVSS: 5.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2022-40918

Buffer overflow in firmware lewei_cam binary version 2.0.10 in Force 1 Discovery Wifi U818A HD+ FPV Drone allows attacker to gain remote code execution as root user via a specially crafted UDP packet…

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2022-12-03
High

CVE-2022-3491

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742.

CVSS: 7.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
2022-12-02
Critical

CVE-2022-3520

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765.

CVSS: 9.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2022-45672

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the formWx3AuthorizeSet function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45671

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the appData parameter in the formSetAppFilterRule function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45670

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45669

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterGet function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45664

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDget function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45663

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45661

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the setSmartPowerManagement function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45660

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedStartTime parameter in the setSchedWifi function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45659

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the wpapsk_crypto parameter in the fromSetWirelessRepeat function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45658

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the schedEndTime parameter in the setSchedWifi function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45657

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45656

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the time parameter in the fromSetSysTime function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45655

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the timeZone parameter in the form_fast_setting_wifi_set function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45654

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the ssid parameter in the form_fast_setting_wifi_set function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45653

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the page parameter in the fromNatStaticSetting function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45652

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the startIp parameter in the formSetPPTPServer function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45651

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the list parameter in the formSetVirtualSer function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45650

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the firewallEn parameter in the formSetFirewallCfg function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45649

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the endIp parameter in the formSetPPTPServer function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45648

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the devName parameter in the formSetDeviceName function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45647

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeed parameter in the formSetClientState function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45646

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the limitSpeedUp parameter in the formSetClientState function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45645

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceMac parameter in the addWifiMacFilter function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45644

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the formSetClientState function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45643

Tenda AC6V1.0 V15.03.05.19 was discovered to contain a buffer overflow via the deviceId parameter in the addWifiMacFilter function.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-45641

Tenda AC6V1.0 V15.03.05.19 is vulnerable to Buffer Overflow via formSetMacFilterCfg.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2022-44367

Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setUplinkInfo.

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-44366

Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setDiagnoseInfo.

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-44363

Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setSnmpInfo.

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-44362

Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/AddSysLogRule.

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2022-12-01
High

CVE-2022-45640

Tenda Tenda AC6V1.0 V15.03.05.19 is affected by buffer overflow. Causes a denial of service (local).

CVSS: 7.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
2022-11-30
High

CVE-2022-45332

LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2022-11-29
Medium

CVE-2022-4172

An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record() and write_erst_record() functions. Both issues m…

CVSS: 6.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2022-11-28
Critical

CVE-2022-44283

AVS Audio Converter 10.3 is vulnerable to Buffer Overflow.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2022-11-25
High

CVE-2022-4141

Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command.

CVSS: 7.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
Critical

CVE-2022-4135

Heap buffer overflow in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page…

CVSS: 9.6 CWE: CWE-787 - Out-of-bounds Write View on NVD
2022-11-23
High

CVE-2022-44260

TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter sPort/ePort in the setIpPortFilterRules function.

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-44259

TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter week, sTime, and eTime in the setParentalRules function.

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-44258

TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter command in the setTracerouteCfg function.

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-44257

TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter pppoeUser in the setOpModeCfg function.

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-44256

TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter lang in the setLanguageCfg function.

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-44255

TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a pre-authentication buffer overflow in the main function via long post data.

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-44254

TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter text in the setSmsCfg function.

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-44253

TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter ip in the setDiagnosisCfg function.

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-36337

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow vulnerability in the MebxConfiguration driver leads to arbitrary code execution. Control of a UEFI var…

CVSS: 8.2 CWE: CWE-787 - Out-of-bounds Write View on NVD
2022-11-22
Medium

CVE-2022-39067

There is a buffer overflow vulnerability in ZTE MF286R. Due to lack of input validation on parameters of the wifi interface, an authenticated attacker could use the vulnerability to perform a denial…

CVSS: 6.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2022-44807

D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow via webGetVarString.

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-44806

D-Link DIR-882 1.10B02 and 1.20B06 is vulnerable to Buffer Overflow.

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-44804

D-Link DIR-882 1.10B02 and1.20B06 is vulnerable to Buffer Overflow via the websRedirect function.

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-44202

D-Link DIR878 1.02B04 and 1.02B05 are vulnerable to Buffer Overflow.

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-44184

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_sec.

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-44200

Netgear R7000P V1.3.0.8, V1.3.1.64 is vulnerable to Buffer Overflow via parameters: stamode_dns1_pri and stamode_dns1_sec.

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-44199

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_server_ip.

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD