Total
4015 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-40261 | 2 Ami, Intel | 5 Aptio V, Nuc M15 Laptop Kit Lapbc510, Nuc M15 Laptop Kit Lapbc510 Firmware and 2 more | 2026-06-17 | N/A | 8.2 HIGH |
| An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) and completely isolated from it. Running arbitrary code in SMM additionally bypasses SMM-based SPI flash protections against modifications, which can help an attacker to install a firmware backdoor/implant into BIOS. Such a malicious firmware code in BIOS could persist across operating system re-installs. Additionally, this vulnerability potentially could be used by malicious actors to bypass security mechanisms provided by UEFI firmware (for example, Secure Boot and some types of memory isolation for hypervisors). This issue affects: Module name: OverClockSmiHandler SHA256: a204699576e1a48ce915d9d9423380c8e4c197003baf9d17e6504f0265f3039c Module GUID: 4698C2BD-A903-410E-AD1F-5EEF3A1AE422 | |||||
| CVE-2022-40137 | 1 Lenovo | 571 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 568 more | 2026-06-17 | N/A | 6.7 MEDIUM |
| A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code. | |||||
| CVE-2022-40112 | 1 Totolink | 2 A3002r, A3002r Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable Buffer Overflow via the hostname parameter in binary /bin/boa. | |||||
| CVE-2022-40110 | 1 Totolink | 2 A3002r, A3002r Firmware | 2026-06-17 | N/A | 7.5 HIGH |
| TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Buffer Overflow via /bin/boa. | |||||
| CVE-2022-3786 | 3 Fedoraproject, Nodejs, Openssl | 3 Fedora, Node.js, Openssl | 2026-06-17 | N/A | 7.5 HIGH |
| A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the `.' character (decimal 46) on the stack. This buffer overflow could result in a crash (causing a denial of service). In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. | |||||
| CVE-2022-3742 | 1 Lenovo | 174 Ideapad 1-14ijl7, Ideapad 1-14ijl7 Firmware, Ideapad 1-15ijl7 and 171 more | 2026-06-17 | N/A | 6.7 MEDIUM |
| A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to execute arbitrary code due to improper buffer validation. | |||||
| CVE-2022-3628 | 1 Linux | 1 Linux Kernel | 2026-06-17 | N/A | 6.6 MEDIUM |
| A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges. | |||||
| CVE-2022-3077 | 1 Linux | 1 Linux Kernel | 2026-06-17 | N/A | 5.5 MEDIUM |
| A buffer overflow vulnerability was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way it handled the I2C_SMBUS_BLOCK_PROC_CALL case (via the ioctl I2C_SMBUS) with malicious input data. This flaw could allow a local user to crash the system. | |||||
| CVE-2022-39377 | 3 Debian, Fedoraproject, Sysstat Project | 3 Debian Linux, Fedora, Sysstat | 2026-06-17 | N/A | 7.0 HIGH |
| sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representing system activities. This issue may lead to Remote Code Execution (RCE). This issue has been patched in version 12.7.1. | |||||
| CVE-2022-39344 | 1 Microsoft | 1 Azure Rtos Usbx | 2026-06-17 | N/A | 9.8 CRITICAL |
| Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. Prior to version 6.1.12, the USB DFU UPLOAD functionality may be utilized to introduce a buffer overflow resulting in overwrite of memory contents. In particular cases this may allow an attacker to bypass security features or execute arbitrary code. The implementation of `ux_device_class_dfu_control_request` function prevents buffer overflow during handling of DFU UPLOAD command when current state is `UX_SYSTEM_DFU_STATE_DFU_IDLE`. This issue has been patched, please upgrade to version 6.1.12. As a workaround, add the `UPLOAD_LENGTH` check in all possible states. | |||||
| CVE-2022-39244 | 1 Pjsip | 1 Pjsip | 2026-06-17 | N/A | 7.5 HIGH |
| PJSIP is a free and open source multimedia communication library written in C. In versions of PJSIP prior to 2.13 the PJSIP parser, PJMEDIA RTP decoder, and PJMEDIA SDP parser are affeced by a buffer overflow vulnerability. Users connecting to untrusted clients are at risk. This issue has been patched and is available as commit c4d3498 in the master branch and will be included in releases 2.13 and later. Users are advised to upgrade. There are no known workarounds for this issue. | |||||
| CVE-2022-39067 | 1 Zte | 2 Mf286r, Mf286r Firmware | 2026-06-17 | N/A | 6.5 MEDIUM |
| There is a buffer overflow vulnerability in ZTE MF286R. Due to lack of input validation on parameters of the wifi interface, an authenticated attacker could use the vulnerability to perform a denial of service attack. | |||||
| CVE-2022-39047 | 1 Freeciv | 1 Freeciv | 2026-06-17 | N/A | 8.8 HIGH |
| Freeciv before 2.6.7 and before 3.0.3 is prone to a buffer overflow vulnerability in the Modpack Installer utility's handling of the modpack URL. | |||||
| CVE-2022-39003 | 1 Huawei | 2 Emui, Magic Ui | 2026-06-17 | N/A | 9.1 CRITICAL |
| Buffer overflow vulnerability in the video framework. Successful exploitation of this vulnerability will affect the confidentiality and integrity of trusted components. | |||||
| CVE-2022-38831 | 1 Tenda | 2 Rx9 Pro, Rx9 Pro Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/SetNetControlList | |||||
| CVE-2022-38830 | 1 Tenda | 2 Rx9 Pro, Rx9 Pro Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/setIPv6Status. | |||||
| CVE-2022-38829 | 1 Tenda | 2 Rx9 Pro, Rx9 Pro Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda RX9_Pro V22.03.02.10 is vulnerable to Buffer Overflow via httpd/setMacFilterCfg. | |||||
| CVE-2022-38827 | 1 Totolink | 2 T6, T6 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| TOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to Buffer Overflow via cstecgi.cgi | |||||
| CVE-2022-38573 | 1 10-strike | 1 Network Inventory Explorer | 2026-06-17 | N/A | 9.8 CRITICAL |
| 10-Strike Network Inventory Explorer v9.3 was discovered to contain a buffer overflow via the Add Computers function. | |||||
| CVE-2022-38510 | 1 Tenda | 2 Tx9 Pro, Tx9 Pro Firmware | 2026-06-17 | N/A | 7.8 HIGH |
| Tenda_TX9pro V22.03.02.10 was discovered to contain a buffer overflow via the component httpd/SetNetControlList. | |||||