Total
3292 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-33259 | 1 Qualcomm | 24 Mdm8207, Mdm8207 Firmware, Mdm9205 and 21 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS received. | |||||
| CVE-2022-33232 | 1 Qualcomm | 222 Aqt1000, Aqt1000 Firmware, Ar8035 and 219 more | 2024-11-21 | N/A | 9.3 CRITICAL |
| Memory corruption due to buffer copy without checking size of input while running memory sharing tests with large scattered memory. | |||||
| CVE-2022-33230 | 1 Qualcomm | 88 Aqt1000, Aqt1000 Firmware, Qca6420 and 85 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| Memory corruption in FM Host due to buffer copy without checking the size of input in FM Host | |||||
| CVE-2022-33226 | 1 Qualcomm | 66 Aqt1000, Aqt1000 Firmware, Qam8255p and 63 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications. | |||||
| CVE-2022-33224 | 1 Qualcomm | 92 Aqt1000, Aqt1000 Firmware, Qam8255p and 89 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| Memory corruption in core due to buffer copy without check9ing the size of input while processing ioctl queries. | |||||
| CVE-2022-33213 | 1 Qualcomm | 418 Apq8009, Apq8009 Firmware, Apq8009w and 415 more | 2024-11-21 | N/A | 7.5 HIGH |
| Memory corruption in modem due to buffer overflow while processing a PPP packet | |||||
| CVE-2022-32981 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in the Linux kernel through 5.18.3 on powerpc 32-bit platforms. There is a buffer overflow in ptrace PEEKUSER and POKEUSER (aka PEEKUSR and POKEUSR) when accessing floating point registers. | |||||
| CVE-2022-32548 | 1 Draytek | 136 Vigor1000b, Vigor1000b Firmware, Vigor165 and 133 more | 2024-11-21 | N/A | 10.0 CRITICAL |
| An issue was discovered on certain DrayTek Vigor routers before July 2022 such as the Vigor3910 before 4.3.1.1. /cgi-bin/wlogin.cgi has a buffer overflow via the username or password to the aa or ab field. | |||||
| CVE-2022-32529 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | N/A | 9.8 CRITICAL |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted log data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170) | |||||
| CVE-2022-32527 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | N/A | 9.8 CRITICAL |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm cache data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170) | |||||
| CVE-2022-32526 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | N/A | 9.8 CRITICAL |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted setting value messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170) | |||||
| CVE-2022-32525 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | N/A | 9.8 CRITICAL |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted alarm data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170) | |||||
| CVE-2022-32524 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | N/A | 9.8 CRITICAL |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted time reduced data messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170) | |||||
| CVE-2022-32523 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | N/A | 9.8 CRITICAL |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted online data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170) | |||||
| CVE-2022-32522 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2024-11-21 | N/A | 9.8 CRITICAL |
| A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could cause a stack-based buffer overflow, potentially leading to remote code execution when an attacker sends specially crafted mathematically reduced data request messages. Affected Products: IGSS Data Server - IGSSdataServer.exe (Versions prior to V15.0.0.22170) | |||||
| CVE-2022-32504 | 2024-11-21 | N/A | 9.8 CRITICAL | ||
| An issue was discovered on certain Nuki Home Solutions devices. The code used to parse the JSON objects received from the WebSocket service provided by the device leads to a stack buffer overflow. An attacker would be able to exploit this to gain arbitrary code execution on a KeyTurner device. This affects Nuki Smart Lock 3.0 before 3.3.5 and 2.0 before 2.12.4, as well as Nuki Bridge v1 before 1.22.0 and v2 before 2.13.2. | |||||
| CVE-2022-32491 | 1 Dell | 580 Alienware Area 51m R1, Alienware Area 51m R1 Firmware, Alienware Area 51m R2 and 577 more | 2024-11-21 | N/A | 4.1 MEDIUM |
| Dell Client BIOS contains a Buffer Overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause an arbitrary write during SMM. | |||||
| CVE-2022-32406 | 1 Gtkradiant Project | 1 Gtkradiant | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| GtkRadiant v1.6.6 was discovered to contain a buffer overflow via the component q3map2. This vulnerability can cause a Denial of Service (DoS) via a crafted MAP file. | |||||
| CVE-2022-32140 | 1 Codesys | 2 Plcwinnt, Runtime Toolkit | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Multiple CODESYS products are affected to a buffer overflow.A low privileged remote attacker may craft a request, which can cause a buffer copy without checking the size of the service, resulting in a denial-of-service condition. User Interaction is not required. | |||||
| CVE-2022-32096 | 1 Rhonabwy Project | 1 Rhonabwy | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Rhonabwy before v1.1.5 was discovered to contain a buffer overflow via the component r_jwe_aesgcm_key_unwrap. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted JWE token. | |||||