Vulnerabilities (CVE)

Filtered by CWE-787
Total 14050 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-42382 1 Pdf-xchange 1 Pdf-xchange Editor 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18651.
CVE-2022-42381 1 Pdf-xchange 1 Pdf-xchange Editor 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18650.
CVE-2022-42380 1 Pdf-xchange 1 Pdf-xchange Editor 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18649.
CVE-2022-42378 1 Pdf-xchange 1 Pdf-xchange Editor 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18631.
CVE-2022-42377 1 Pdf-xchange 1 Pdf-xchange Editor 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18630.
CVE-2022-42373 1 Pdf-xchange 1 Pdf-xchange Editor 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18402.
CVE-2022-42371 1 Pdf-xchange 1 Pdf-xchange Editor 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18346.
CVE-2022-42370 1 Pdf-xchange 1 Pdf-xchange Editor 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. Crafted data in a U3D file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18345.
CVE-2022-42339 3 Adobe, Apple, Microsoft 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more 2026-06-17 N/A 7.8 HIGH
Adobe Acrobat Reader versions 22.002.20212 (and earlier) and 20.005.30381 (and earlier) are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2022-42281 1 Nvidia 2 Dgx A100, Dgx A100 Firmware 2026-06-17 N/A 6.7 MEDIUM
NVIDIA DGX A100 contains a vulnerability in SBIOS in the FsRecovery, which may allow a highly privileged local attacker to cause an out-of-bounds write, which may lead to code execution, denial of service, compromised integrity, and information disclosure.
CVE-2022-42270 1 Nvidia 9 Jetson Agx Xavier, Jetson Agx Xavier 16gb, Jetson Agx Xavier 32gb and 6 more 2026-06-17 N/A 7.8 HIGH
NVIDIA distributions of Linux contain a vulnerability in nvdla_emu_task_submit, where unvalidated input may allow a local attacker to cause stack-based buffer overflow in kernel code, which may lead to escalation of privileges, compromised integrity and confidentiality, and denial of service.
CVE-2022-42227 1 Jsonlint Project 1 Jsonlint C\+\+ 2026-06-17 N/A 7.5 HIGH
jsonlint 1.0 is vulnerable to heap-buffer-overflow via /home/hjsz/jsonlint/src/lexer.
CVE-2022-42171 1 Tenda 2 Ac10, Ac10 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/saveParentControlInfo.
CVE-2022-42170 1 Tenda 2 Ac10, Ac10 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formWifiWpsStart.
CVE-2022-42169 1 Tenda 2 Ac10, Ac10 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/addWifiMacFilter.
CVE-2022-42168 1 Tenda 2 Ac10, Ac10 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/fromSetIpMacBind.
CVE-2022-42167 1 Tenda 2 Ac10, Ac10 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetFirewallCfg.
CVE-2022-42166 1 Tenda 2 Ac10, Ac10 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetSpeedWan.
CVE-2022-42165 1 Tenda 2 Ac10, Ac10 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetDeviceName.
CVE-2022-42164 1 Tenda 2 Ac10, Ac10 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetClientState.