Vulnerabilities (CVE)

Filtered by CWE-787
Total 14055 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-44167 1 Tenda 2 Ac15, Ac15 Firmware 2026-06-17 N/A 7.5 HIGH
Tenda AC15 V15.03.05.18 is avulnerable to Buffer Overflow via function formSetPPTPServer.
CVE-2022-44163 1 Tenda 2 Ac21, Ac21 Firmware 2026-06-17 N/A 7.5 HIGH
Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via function formSetMacFilterCfg.
CVE-2022-44158 1 Tenda 2 Ac21, Ac21 Firmware 2026-06-17 N/A 7.5 HIGH
Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via function via set_device_name.
CVE-2022-44156 1 Tenda 2 Ac15, Ac15 Firmware 2026-06-17 N/A 7.5 HIGH
Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetIpMacBind.
CVE-2022-44109 1 Pdftojson Project 1 Pdftojson 2026-06-17 N/A 9.8 CRITICAL
pdftojson commit 94204bb was discovered to contain a stack overflow via the component Stream::makeFilter(char*, Stream*, Object*, int).
CVE-2022-44108 1 Pdftojson Project 1 Pdftojson 2026-06-17 N/A 9.8 CRITICAL
pdftojson commit 94204bb was discovered to contain a stack overflow via the component Object::copy(Object*):Object.cc.
CVE-2022-44079 1 Pycdc Project 1 Pycdc 2026-06-17 N/A 5.5 MEDIUM
pycdc commit 44a730f3a889503014fec94ae6e62d8401cb75e5 was discovered to contain a stack overflow via the component __sanitizer::StackDepotBase<__sanitizer::StackDepotNode.
CVE-2022-44011 1 Clickhouse 1 Clickhouse 2026-06-17 N/A 6.5 MEDIUM
An issue was discovered in ClickHouse before 22.9.1.2603. An authenticated user (with the ability to load data) could cause a heap buffer overflow and crash the server by inserting a malformed CapnProto object. The fixed versions are 22.9.1.2603, 22.8.2.11, 22.7.4.16, 22.6.6.16, and 22.3.12.19.
CVE-2022-44010 1 Clickhouse 1 Clickhouse 2026-06-17 N/A 7.5 HIGH
An issue was discovered in ClickHouse before 22.9.1.2603. An attacker could send a crafted HTTP request to the HTTP Endpoint (usually listening on port 8123 by default), causing a heap-based buffer overflow that crashes the process. This does not require authentication. The fixed versions are 22.9.1.2603, 22.8.2.11, 22.7.4.16, 22.6.6.16, and 22.3.12.19.
CVE-2022-43970 1 Linksys 2 Wrt54gl, Wrt54gl Firmware 2026-06-17 N/A 7.2 HIGH
A buffer overflow vulnerability exists in Linksys WRT54GL Wireless-G Broadband Router with firmware <= 4.30.18.006. A stack-based buffer overflow in the Start_EPI function within the httpd binary allows an authenticated attacker with administrator privileges to execute arbitrary commands on the underlying Linux operating system as root. This vulnerablity can be triggered over the network via a malicious POST request to /apply.cgi.
CVE-2022-43764 1 Br-automation 1 Industrial Automation Aprol 2026-06-17 N/A 9.8 CRITICAL
Insufficient validation of input parameters when changing configuration on Tbase server in B&R APROL versions < R 4.2-07 could result in buffer overflow. This may lead to Denial-of-Service conditions or execution of arbitrary code.
CVE-2022-43750 2 Debian, Linux 2 Debian Linux, Linux Kernel 2026-06-17 N/A 6.7 MEDIUM
drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the monitor's internal memory.
CVE-2022-43667 1 Omron 1 Cx-programmer 2026-06-17 N/A 7.8 HIGH
Stack-based buffer overflow vulnerability exists in CX-Programmer v.9.77 and earlier, which may lead to information disclosure and/or arbitrary code execution by having a user to open a specially crafted CXP file.
CVE-2022-43662 2 Openatom, Openharmony 2 Openharmony, Openharmony 2026-06-17 N/A 4.0 MEDIUM
Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysTimerGettime. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked.
CVE-2022-43653 1 Bentley 1 View 2026-06-17 N/A 7.8 HIGH
Bentley View SKP File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. Crafted data in an SKP file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-19084.
CVE-2022-43618 1 Corel 1 Coreldraw 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PCX files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16377.
CVE-2022-43617 1 Corel 1 Coreldraw 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PCX files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16372.
CVE-2022-43614 1 Corel 1 Coreldraw 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GIF images. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16357.
CVE-2022-43607 1 Openbabel 1 Open Babel 2026-06-17 N/A 8.1 HIGH
An out-of-bounds write vulnerability exists in the MOL2 format attribute and value functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2022-43605 1 Opener Project 1 Opener 2026-06-17 N/A 10.0 CRITICAL
An out-of-bounds write vulnerability exists in the SetAttributeList attribute_count_request functionality of EIP Stack Group OpENer development commit 58ee13c. A specially crafted EtherNet/IP request can lead to an out of bounds write, potentially causing the server to crash or allow for remote code execution. An attacker can send a series of EtherNet/IP requests to trigger this vulnerability.