Total
14050 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-42382 | 1 Pdf-xchange | 1 Pdf-xchange Editor | 2026-06-17 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18651. | |||||
| CVE-2022-42381 | 1 Pdf-xchange | 1 Pdf-xchange Editor | 2026-06-17 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18650. | |||||
| CVE-2022-42380 | 1 Pdf-xchange | 1 Pdf-xchange Editor | 2026-06-17 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18649. | |||||
| CVE-2022-42378 | 1 Pdf-xchange | 1 Pdf-xchange Editor | 2026-06-17 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18631. | |||||
| CVE-2022-42377 | 1 Pdf-xchange | 1 Pdf-xchange Editor | 2026-06-17 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18630. | |||||
| CVE-2022-42373 | 1 Pdf-xchange | 1 Pdf-xchange Editor | 2026-06-17 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18402. | |||||
| CVE-2022-42371 | 1 Pdf-xchange | 1 Pdf-xchange Editor | 2026-06-17 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18346. | |||||
| CVE-2022-42370 | 1 Pdf-xchange | 1 Pdf-xchange Editor | 2026-06-17 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18345. | |||||
| CVE-2022-42339 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2026-06-17 | N/A | 7.8 HIGH |
| Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-42281 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2026-06-17 | N/A | 6.7 MEDIUM |
| NVIDIA DGX A100 contains a vulnerability in SBIOS in the FsRecovery, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure. | |||||
| CVE-2022-42270 | 1 Nvidia | 9 Jetson Agx Xavier, Jetson Agx Xavier 16gb, Jetson Agx Xavier 32gb and 6 more | 2026-06-17 | N/A | 7.8 HIGH |
| NVIDIA distributions of Linux contain a vulnerability in nvdla_emu_task_submit, where unvalidated input may allow a local attacker to cause stack-based buffer overflow in kernel code, which may lead to escalation of privileges, compromised integrity and confidentiality, and denial of service. | |||||
| CVE-2022-42227 | 1 Jsonlint Project | 1 Jsonlint C\+\+ | 2026-06-17 | N/A | 7.5 HIGH |
| jsonlint 1.0 is vulnerable to heap-buffer-overflow via /home/hjsz/jsonlint/src/lexer. | |||||
| CVE-2022-42171 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/saveParentControlInfo. | |||||
| CVE-2022-42170 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formWifiWpsStart. | |||||
| CVE-2022-42169 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/addWifiMacFilter. | |||||
| CVE-2022-42168 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/fromSetIpMacBind. | |||||
| CVE-2022-42167 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetFirewallCfg. | |||||
| CVE-2022-42166 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetSpeedWan. | |||||
| CVE-2022-42165 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetDeviceName. | |||||
| CVE-2022-42164 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetClientState. | |||||
