Vulnerabilities (CVE)

Filtered by CWE-787
Total 14042 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-40070 1 Tenda 2 Ac21, Ac21 Firmware 2026-06-17 N/A 7.5 HIGH
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via bin/httpd, function: formSetFirewallCfg.
CVE-2022-40069 1 Tenda 2 Ac21, Ac21 Firmware 2026-06-17 N/A 7.5 HIGH
]Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: fromSetSysTime.
CVE-2022-40068 1 Tenda 2 Ac21, Ac21 Firmware 2026-06-17 N/A 7.5 HIGH
Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: formSetQosBand.
CVE-2022-40067 1 Tenda 2 Ac21, Ac21 Firmware 2026-06-17 N/A 7.5 HIGH
Tenda AC21 V 16.03.08.15 is vulnerable to Buffer Overflow via /bin/httpd, function: formSetVirtualSer.
CVE-2022-40008 1 Swftools 1 Swftools 2026-06-17 N/A 9.8 CRITICAL
SWFTools commit 772e55a was discovered to contain a heap-buffer overflow via the function readU8 at /lib/ttf.c.
CVE-2022-3974 1 Axiosys 1 Bento4 2026-06-17 N/A 6.3 MEDIUM
A vulnerability classified as critical was found in Axiomatic Bento4. Affected by this vulnerability is the function AP4_StdcFileByteStream::ReadPartial of the file Ap4StdCFileByteStream.cpp of the component mp4info. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-213553 was assigned to this vulnerability.
CVE-2022-3890 2 Debian, Google 2 Debian Linux, Chrome 2026-06-17 N/A 9.6 CRITICAL
Heap buffer overflow in Crashpad in Google Chrome on Android prior to 107.0.5304.106 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3785 1 Axiosys 1 Bento4 2026-06-17 N/A 6.3 MEDIUM
A vulnerability, which was classified as critical, has been found in Axiomatic Bento4. Affected by this issue is the function AP4_DataBuffer::SetDataSize of the component Avcinfo. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212564.
CVE-2022-3784 1 Axiosys 1 Bento4 2026-06-17 N/A 6.3 MEDIUM
A vulnerability classified as critical was found in Axiomatic Bento4 5e7bb34. Affected by this vulnerability is the function AP4_Mp4AudioDsiParser::ReadBits of the file Ap4Mp4AudioInfo.cpp of the component mp4hls. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212563.
CVE-2022-3775 2 Gnu, Redhat 2 Grub2, Enterprise Linux 2026-06-17 N/A 7.1 HIGH
When rendering certain unicode sequences, grub2's font code doesn't proper validate if the informed glyph's width and height is constrained within bitmap size. As consequence an attacker can craft an input which will lead to a out-of-bounds write into grub2's heap, leading to memory corruption and availability issues. Although complex, arbitrary code execution could not be discarded.
CVE-2022-3725 2 Fedoraproject, Wireshark 2 Fedora, Wireshark 2026-06-17 N/A 6.3 MEDIUM
Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file
CVE-2022-3715 2 Gnu, Redhat 2 Bash, Enterprise Linux 2026-06-17 N/A 7.8 HIGH
A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.
CVE-2022-3699 1 Lenovo 3 Diagnostics, Hardwarescan Addin, Hardwarescan Plugin 2026-06-17 N/A 7.8 HIGH
A privilege escalation vulnerability was reported in the Lenovo HardwareScanPlugin prior to versionĀ 1.3.1.2 andĀ Lenovo Diagnostics prior to version 4.45 that could allow a local user to execute code with elevated privileges.
CVE-2022-3670 1 Axiosys 1 Bento4 2026-06-17 N/A 7.3 HIGH
A vulnerability was found in Axiomatic Bento4. It has been classified as critical. Affected is the function WriteSample of the component mp42hevc. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-212010 is the identifier assigned to this vulnerability.
CVE-2022-3667 1 Axiosys 1 Bento4 2026-06-17 N/A 7.3 HIGH
A vulnerability, which was classified as critical, was found in Axiomatic Bento4. This affects the function AP4_MemoryByteStream::WritePartial of the file Ap4ByteStream.cpp of the component mp42aac. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212007.
CVE-2022-3665 1 Axiosys 1 Bento4 2026-06-17 N/A 7.3 HIGH
A vulnerability classified as critical was found in Axiomatic Bento4. Affected by this vulnerability is an unknown functionality of the file AvcInfo.cpp of the component avcinfo. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-212005 was assigned to this vulnerability.
CVE-2022-3664 1 Axiosys 1 Bento4 2026-06-17 N/A 7.3 HIGH
A vulnerability classified as critical has been found in Axiomatic Bento4. Affected is the function AP4_BitStream::WriteBytes of the file Ap4BitStream.cpp of the component avcinfo. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212004.
CVE-2022-3655 1 Google 1 Chrome 2026-06-17 N/A 8.8 HIGH
Heap buffer overflow in Media Galleries in Google Chrome prior to 107.0.5304.62 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
CVE-2022-3653 1 Google 1 Chrome 2026-06-17 N/A 8.8 HIGH
Heap buffer overflow in Vulkan in Google Chrome prior to 107.0.5304.62 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-3627 3 Debian, Libtiff, Netapp 3 Debian Linux, Libtiff, Active Iq Unified Manager 2026-06-17 N/A 5.5 MEDIUM
LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6860, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191.