CVE Daily
← All tags

Tag: Buffer Overflow

All CVEs associated with "Buffer Overflow". Page 55/160 • 19114 CVEs.

Subscribe CVEs: RSS for “Buffer Overflow”  ·  RSS (High+Critical only)

About “Buffer Overflow”

A curated feed of “Buffer Overflow”-related CVEs appears below. We currently track 19114 CVEs for this tag (all time). In the last 365 days, 2717 were published. Average CVSS is 7.9 (all time; 8.0 over 365d), and 78% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-121 - Stack-based Buffer Overflow, CWE-122 - Heap-based Buffer Overflow.

In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2022-09-15
Critical

CVE-2022-38325

Tenda AC15 WiFi Router V15.03.05.19_multi and AC18 WiFi Router V15.03.05.19_multi were discovered to contain a buffer overflow via the filePath parameter at /goform/expandDlnaFile.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2022-38866

Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c . This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-38864

Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. This affects mencoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1.

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-38863

Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer. This affects mecoder SVN-r38374-13.0.1 an…

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-38862

Certain The MPlayer Project products are vulnerable to Buffer Overflow via function play() of libaf/af.c:639. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-38858

Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-38856

Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-38855

Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () of mplayer/libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-1…

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-38853

Certain The MPlayer Project products are vulnerable to Buffer Overflow via function asf_init_audio_stream() of libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-1…

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-2471

Stack-based Buffer Overflow vulnerability in the EZVIZ Motion Detection component as used in camera models CS-CV248, CS-C6N-A0-1C2WFR, CS-DB1C-A0-1E2W2FR, CS-C6N-B0-1G2WF, CS-C3W-A0-3H4WFRL allows a…

CVSS: 9.9 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
2022-09-14
Medium

CVE-2022-40438

Buffer overflow vulnerability in function AP4_MemoryByteStream::WritePartial in mp42aac in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file.

CVSS: 6.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2022-09-13
High

CVE-2022-38495

LIEF commit 365a16a was discovered to contain a heap-buffer overflow via the function print_binary at /c/macho_reader.c.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-38306

LIEF commit 5d1d643 was discovered to contain a heap-buffer overflow in the component /core/CorePrPsInfo.tcc.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2022-09-12
High

CVE-2022-31226

Dell BIOS versions contain a Stack-based Buffer Overflow vulnerability. A local authenticated malicious user could potentially exploit this vulnerability by sending excess data to a function in order…

CVSS: 7.1 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
2022-09-09
Medium

CVE-2022-3077

A buffer overflow vulnerability was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way it handled the I2C_SMBUS_BLOCK_PROC_CALL case (via the ioctl I2C_SMBUS) with malicio…

CVSS: 5.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2022-09-08
Critical

CVE-2022-36588

In D-Link DAP1650 v1.04 firmware, the fileaccess.cgi program in the firmware has a buffer overflow vulnerability caused by strncpy.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2022-36586

In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by strcpy in function 0x869f4 in the httpd binary.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2021-34236

Buffer Overflow in Netgear R8000 Router with firmware v1.0.4.56 allows remote attackers to execute arbitrary code or cause a denial-of-service by sending a crafted POST to '/bd_genie_create_account.c…

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2022-09-07
Critical

CVE-2022-36585

In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, in httpd binary, the addDhcpRule function has a buffer overflow caused by sscanf.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2022-36660

xhyve commit dfbe09b was discovered to contain a stack buffer overflow via the component pci_vtrnd_notify().

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-36587

In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, there is a buffer overflow vulnerability caused by sprintf in function in the httpd binary.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-31414

D-Link DIR-1960 firmware DIR-1960_A1_1.11 was discovered to contain a buffer overflow via srtcat in prog.cgi. This vulnerability allowed attackers to cause a Denial of Service (DoS) via a crafted HTT…

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2022-09-06
High

CVE-2022-38529

tinyexr commit 0647fb3 was discovered to contain a heap-buffer overflow via the component rleUncompress.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-26860

Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arb…

CVSS: 7.5 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
Critical

CVE-2022-31789

An integer overflow in WatchGuard Firebox and XTM appliances allows an unauthenticated remote attacker to trigger a buffer overflow and potentially execute arbitrary code by sending a malicious reque…

CVSS: 9.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
Medium

CVE-2022-25309

A heap-based buffer overflow flaw was found in the Fribidi package and affects the fribidi_cap_rtl_to_unicode() function of the fribidi-char-sets-cap-rtl.c file. This flaw allows an attacker to pass…

CVSS: 5.5 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2022-25308

A stack-based buffer overflow flaw was found in the Fribidi package. This flaw allows an attacker to pass a specially crafted file to the Fribidi application, which leads to a possible memory leak or…

CVSS: 7.8 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2022-40112

TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable Buffer Overflow via the hostname parameter in binary /bin/boa.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-40110

TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Buffer Overflow via /bin/boa.

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2022-37842

In TOTOLINK A860R V4.1.2cu.5182_B20201027, the parameters in infostat.cgi are not filtered, causing a buffer overflow vulnerability.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2022-37840

In TOTOLINK A860R V4.1.2cu.5182_B20201027, the main function in downloadfile.cgi has a buffer overflow vulnerability.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2022-37839

TOTOLINK A860R V4.1.2cu.5182_B20201027 is vulnerable to Buffer Overflow via Cstecgi.cgi.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2022-36584

In Tenda G3 US_G3V3.0br_V15.11.0.6(7663)_EN_TDE, the getsinglepppuser function has a buffer overflow caused by sscanf.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2022-09-05
High

CVE-2022-39843

123elf Lotus 1-2-3 before 1.0.0rc3 for Linux, and Lotus 1-2-3 R3 for UNIX and other platforms through 9.8.2, allow attackers to execute arbitrary code via a crafted worksheet. This occurs because of…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-39832

An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_string in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (application…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-39831

An issue was discovered in PSPP 1.6.2. There is a heap-based buffer overflow at the function read_bytes_internal in utilities/pspp-dump-sav.c, which allows attackers to cause a denial of service (app…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2022-09-02
Medium

CVE-2022-36647

PKUVCL davs2 v1.6.205 was discovered to contain a global buffer overflow via the function parse_sequence_header() at source/common/header.cc:269.

CVSS: 5.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-25680

Memory corruption in multimedia due to buffer overflow while processing count variable from client in Snapdragon Auto

CVSS: 8.4 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-25659

Memory corruption due to buffer overflow while parsing MKV clips with invalid bitmap size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industri…

CVSS: 7.3 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-25657

Memory corruption due to buffer overflow occurs while processing invalid MKV clip which has invalid seek header in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial…

CVSS: 7.3 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2022-22096

Memory corruption in Bluetooth HOST due to stack-based buffer overflow when when extracting data using command length parameter in Snapdragon Connectivity, Snapdragon Mobile

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2022-09-01
Medium

CVE-2021-3826

Heap/stack buffer overflow in the dlang_lname function in d-demangle.c in libiberty allows attackers to potentially cause a denial of service (segmentation fault and crash) via a crafted mangled symb…

CVSS: 6.5 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2022-08-31
High

CVE-2022-36620

D-link DIR-816 A2_v1.10CNB04, DIR-878 DIR_878_FW1.30B08.img is vulnerable to Buffer Overflow via /goform/addRouting.

CVSS: 7.5 CWE: CWE-1284 - Improper Validation of Specified Quantity in Input View on NVD
High

CVE-2022-2895

Measuresoft ScadaPro Server (All Versions) uses unmaintained ActiveX controls. These controls may allow two stack-based buffer overflow instances while processing a specific project file.

CVSS: 7.8 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2022-1888

Alpha7 PC Loader (All versions) is vulnerable to a stack-based buffer overflow while processing a specifically crafted project file, which may allow an attacker to execute arbitrary code.

CVSS: 7.8 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2022-1405

CNCSoft: All versions prior to 1.01.32 does not properly sanitize input while processing a specific project file, allowing a possible stack-based buffer overflow condition.

CVSS: 7.8 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
Medium

CVE-2022-1355

A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue,…

CVSS: 6.1 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
Medium

CVE-2022-1354

A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap bu…

CVSS: 5.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
High

CVE-2022-39047

Freeciv before 2.6.7 and before 3.0.3 is prone to a buffer overflow vulnerability in the Modpack Installer utility's handling of the modpack URL.

CVSS: 8.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2022-08-30
Medium

CVE-2022-26529

Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for segmented packets’ link parameter. An unauthenticated attacker in the adjacent network…

CVSS: 6.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2022-26528

Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the length of segmented packets’ shift parameter. An unauthenticated attacker in the ad…

CVSS: 6.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2022-26527

Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for the size of segmented packets’ reference parameter. An unauthenticated attacker in the…

CVSS: 6.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2022-25635

Realtek Linux/Android Bluetooth Mesh SDK has a buffer overflow vulnerability due to insufficient validation for broadcast network packet length. An unauthenticated attacker in the adjacent network ca…

CVSS: 6.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2022-08-29
High

CVE-2022-0367

A heap-based buffer overflow flaw was found in libmodbus in function modbus_reply() in src/modbus.c.

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2022-35020

Advancecomp v2.3 was discovered to contain a heap buffer overflow via the component __interceptor_memcpy at /sanitizer_common/sanitizer_common_interceptors.inc.

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35017

Advancecomp v2.3 was discovered to contain a heap buffer overflow.

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35016

Advancecomp v2.3 was discovered to contain a heap buffer overflow.

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35015

Advancecomp v2.3 was discovered to contain a heap buffer overflow via le_uint32_read at /lib/endianrw.h.

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-32548

An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab…

CVSS: 10.0 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-38510

Tenda_TX9pro V22.03.02.10 was discovered to contain a buffer overflow via the component httpd/SetNetControlList.

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2022-08-28
High

CVE-2022-38571

Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow in the function formSetGuideListItem.

CVSS: 7.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-38568

Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the…

CVSS: 7.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-38566

Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service (DoS) via the m…

CVSS: 7.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-38565

Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formEmailTest. This vulnerability allows attackers to cause a Denial of Service (DoS) via the m…

CVSS: 7.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-38564

Tenda M3 V1.0.0.12(4856) was discovered to contain a buffer overflow vulnerability in the function formSetPicListItem. This vulnerability allows attackers to cause a Denial of Service (DoS) via the a…

CVSS: 7.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-38563

Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the…

CVSS: 7.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-38562

Tenda M3 V1.0.0.12(4856) was discovered to contain a heap buffer overflow vulnerability in the function formSetFixTools. This vulnerability allows attackers to cause a Denial of Service (DoS) via the…

CVSS: 7.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-38555

Linksys E1200 v1.0.04 is vulnerable to Buffer Overflow via ej_get_web_page_name.

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-37055

D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Buffer Overflow via cgibin, hnap_main,

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2022-08-26
High

CVE-2022-2915

A Heap-based Buffer Overflow vulnerability in the SonicWall SMA100 appliance allows a remote authenticated attacker to cause Denial of Service (DoS) on the appliance or potentially lead to code execu…

CVSS: 8.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2022-30984

A buffer overflow vulnerability in the Rubrik Backup Service (RBS) Agent for Linux or Unix-based systems in Rubrik CDM 7.0.1, 7.0.1-p1, 7.0.1-p2 or 7.0.1-p3 before CDM 7.0.2-p2 could allow a local at…

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2022-08-25
Medium

CVE-2022-2991

A heap-based buffer overflow was found in the Linux kernel's LightNVM subsystem. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixe…

CVSS: 6.7 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
Medium

CVE-2022-37292

Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow. This overflow is triggered in the sub_42FDE4 function, which satisfies the request of the upper-level interface function sub_430124, that…

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-22728

A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could…

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2022-08-24
High

CVE-2021-3999

A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input b…

CVSS: 7.8 CWE: CWE-193 - Off-by-one Error View on NVD
2022-08-23
High

CVE-2020-35511

A global buffer overflow was discovered in pngcheck function in pngcheck-2.4.0(5 patches applied) via a crafted png file.

CVSS: 7.8 CWE: CWE-126 - Buffer Over-read View on NVD
2022-08-22
High

CVE-2022-26061

A heap-based buffer overflow vulnerability exists in the gif2h5 functionality of HDF5 Group libhdf5 1.10.4. A specially-crafted GIF file can lead to code execution. An attacker can provide a maliciou…

CVSS: 7.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
Critical

CVE-2022-37134

D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Buffer Overflow via /goform/form2Wan.cgi. When wantype is 3, l2tp_usrname will be decrypted by base64, and the result will be stored in v94, which do…

CVSS: 9.8 CWE: CWE-1284 - Improper Validation of Specified Quantity in Input View on NVD
2022-08-19
High

CVE-2020-27792

A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF fil…

CVSS: 7.1 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2022-36233

Tenda AC9 V15.03.2.13 is vulnerable to Buffer Overflow via httpd, form_fast_setting_wifi_set. httpd.

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2022-37175

Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet.

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2022-08-18
Critical

CVE-2022-36947

Unsafe Parsing of a PNG tRNS chunk in FastStone Image Viewer through 7.5 results in a stack buffer overflow.

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-37049

The component tcpprep in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in parse_mpls at common/get.c:150. NOTE: this is different from CVE-2022-27942.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-37048

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_l2len_protocol at common/get.c:344. NOTE: this is different from CVE-2022-27941.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-37047

The component tcprewrite in Tcpreplay v4.4.1 was discovered to contain a heap-based buffer overflow in get_ipv6_next at common/get.c:713. NOTE: this is different from CVE-2022-27940.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2022-08-17
High

CVE-2022-2849

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0220.

CVSS: 7.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
2022-08-16
High

CVE-2022-38238

XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::lookChar() at /xpdf/Stream.cc.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-38237

XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readScan() at /xpdf/Stream.cc.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-38236

XPDF commit ffaf11c was discovered to contain a global-buffer overflow via Lexer::getObj(Object*) at /xpdf/Lexer.cc.

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2022-38231

XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::getChar() at /xpdf/Stream.cc.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-38229

XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-38228

XPDF commit ffaf11c was discovered to contain a heap-buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-37781

fdkaac v1.0.3 was discovered to contain a heap buffer overflow via __interceptor_memcpy.part.46 at /sanitizer_common/sanitizer_common_interceptors.inc.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-36150

tifig v0.2.2 was discovered to contain a heap-buffer overflow via __asan_memmove at /asan/asan_interceptors_memintrinsics.cpp.

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-36144

SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via base64_encode.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-36143

SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via __interceptor_strlen.part at /sanitizer_common/sanitizer_common_interceptors.inc.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-36142

SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via SWF::Reader::getU30().

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2022-36139

SWFMill commit 53d7690 was discovered to contain a heap-buffer overflow via SWF::Writer::writeByte(unsigned char).

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35475

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41a8.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35474

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b544e.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35471

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41b0.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35470

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x65fc97.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35468

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e420d.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35467

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e41b8.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35466

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0473.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35465

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0414.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35464

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6171b2.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35463

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0478.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35462

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0bc3.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35461

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c0a32.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35460

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x61731f.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35459

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6e412a.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35458

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b05ce.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35456

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x617087.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35455

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0d63.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35454

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b05aa.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35453

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6c08a6.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35452

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b0b2c.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35451

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b03b5.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2022-35450

OTFCC v0.10.4 was discovered to contain a heap-buffer overflow via /release-x64/otfccdump+0x6b84b1.

CVSS: 6.5 CWE: CWE-787 - Out-of-bounds Write View on NVD