Vulnerabilities (CVE)

Filtered by CWE-787
Total 14041 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-37372 1 Pdf-xchange 1 Pdf-xchange Editor 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17809.
CVE-2022-37371 1 Pdf-xchange 1 Pdf-xchange Editor 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17772.
CVE-2022-37369 1 Pdf-xchange 1 Pdf-xchange Editor 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. Crafted data in a PDF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17724.
CVE-2022-37364 1 Pdf-xchange 1 Pdf-xchange Editor 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF files. Crafted data in an EMF file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17634.
CVE-2022-37362 1 Pdf-xchange 1 Pdf-xchange Editor 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PNG files. Crafted data in a PNG file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17660.
CVE-2022-37358 1 Pdf-xchange 1 Pdf-xchange Editor 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG files. Crafted data in a JPG file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17632.
CVE-2022-37357 1 Pdf-xchange 1 Pdf-xchange Editor 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of ICO files. Crafted data in an ICO file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17631.
CVE-2022-37356 1 Pdf-xchange 1 Pdf-xchange Editor 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG files. Crafted data in a JPG file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17630.
CVE-2022-37355 1 Pdf-xchange 1 Pdf-xchange Editor 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPG files. Crafted data in a JPG file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17629.
CVE-2022-37354 1 Pdf-xchange 1 Pdf-xchange Editor 2026-06-17 N/A 7.8 HIGH
This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. Crafted data in a J2K file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17628.
CVE-2022-37331 1 Openbabel 1 Open Babel 2026-06-17 N/A 7.3 HIGH
An out-of-bounds write vulnerability exists in the Gaussian format orientation functionality of Open Babel 3.1.1 and master commit 530dbfa3. A specially crafted malformed file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2022-37292 1 Tenda 2 Ax12, Ax12 Firmware 2026-06-17 N/A 5.5 MEDIUM
Tenda AX12 V22.03.01.21_CN is vulnerable to Buffer Overflow. This overflow is triggered in the sub_42FDE4 function, which satisfies the request of the upper-level interface function sub_430124, that is, handles the post request under /goform/SetIpMacBind.
CVE-2022-37235 1 Netgear 2 R7000, R7000 Firmware 2026-06-17 N/A 9.8 CRITICAL
Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. There is a stack overflow vulnerability caused by strncat
CVE-2022-37234 1 Netgear 2 R7000, R7000 Firmware 2026-06-17 N/A 7.8 HIGH
Netgear Nighthawk AC1900 Smart WiFi Dual Band Gigabit Router R7000-V1.0.11.134_10.2.119 is vulnerable to Buffer Overflow via the wl binary in firmware. There is a stack overflow vulnerability caused by strncpy.
CVE-2022-37232 1 Netgear 2 Wnr2000v4, Wnr2000v4 Firmware 2026-06-17 N/A 9.8 CRITICAL
Netgear N300 wireless router wnr2000v4-V1.0.0.70 is vulnerable to Buffer Overflow via uhttpd. There is a stack overflow vulnerability caused by strcpy.
CVE-2022-37175 1 Tenda 2 Ac15, Ac15 Firmware 2026-06-17 N/A 9.8 CRITICAL
Tenda ac15 firmware V15.03.05.18 httpd server has stack buffer overflow in /goform/formWifiBasicSet.
CVE-2022-37100 1 H3c 2 H200, H200 Firmware 2026-06-17 N/A 9.8 CRITICAL
H3C H200 H200V100R004 was discovered to contain a stack overflow via the function UpdateMacClone.
CVE-2022-37099 1 H3c 2 H200, H200 Firmware 2026-06-17 N/A 9.8 CRITICAL
H3C H200 H200V100R004 was discovered to contain a stack overflow via the function UpdateSnat.
CVE-2022-37098 1 H3c 2 H200, H200 Firmware 2026-06-17 N/A 9.8 CRITICAL
H3C H200 H200V100R004 was discovered to contain a stack overflow via the function UpdateIpv6Params.
CVE-2022-37097 1 H3c 2 H200, H200 Firmware 2026-06-17 N/A 9.8 CRITICAL
H3C H200 H200V100R004 was discovered to contain a stack overflow via the function SetAPInfoById.