Total
13968 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-27135 | 1 Xpdfreader | 1 Xpdf | 2026-06-17 | 4.3 MEDIUM | 5.5 MEDIUM |
| xpdf 4.03 has heap buffer overflow in the function readXRefTable located in XRef.cc. An attacker can exploit this bug to cause a Denial of Service (Segmentation fault) or other unspecified effects by sending a crafted PDF file to the pdftoppm binary. | |||||
| CVE-2022-27044 | 1 Saitoha | 1 Libsixel | 2026-06-17 | 6.8 MEDIUM | 8.8 HIGH |
| libsixel 1.8.6 is affected by Buffer Overflow in libsixel/src/quant.c:876. | |||||
| CVE-2022-27022 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2026-06-17 | 10.0 HIGH | 9.8 CRITICAL |
| There is a stack overflow vulnerability in the SetSysTimeCfg() function in the httpd service of Tenda AC9 V15.03.2.21_cn. The attacker can obtain a stable root shell through a constructed payload. | |||||
| CVE-2022-27016 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2026-06-17 | 10.0 HIGH | 9.8 CRITICAL |
| There is a stack overflow vulnerability in the SetStaticRouteCfg() function in the httpd service of Tenda AC9 15.03.2.21_cn. | |||||
| CVE-2022-26988 | 3 Fastcom, Mercusys, Tp-link | 12 Fac1900r, Fac1900r Firmware, Mercury D196g and 9 more | 2026-06-17 | 7.2 HIGH | 7.8 HIGH |
| TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MntAte` function. Local users could get remote code execution. | |||||
| CVE-2022-26987 | 3 Fastcom, Mercusys, Tp-link | 12 Fac1900r, Fac1900r Firmware, Mercury D196g and 9 more | 2026-06-17 | 7.2 HIGH | 7.8 HIGH |
| TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MmtAtePrase` function. Local users could get remote code execution. | |||||
| CVE-2022-26967 | 1 Gpac | 1 Gpac | 2026-06-17 | 6.8 MEDIUM | 7.8 HIGH |
| GPAC 2.0 allows a heap-based buffer overflow in gf_base64_encode. It can be triggered via MP4Box. | |||||
| CVE-2022-26953 | 1 Digi | 2 Passport, Passport Firmware | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow. An attacker can supply a string in the page parameter for reboot.asp endpoint, allowing him to force an overflow when the string is concatenated to the HTML body. | |||||
| CVE-2022-26952 | 1 Digi | 2 Passport, Passport Firmware | 2026-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow in the function for building the Location header string when an unauthenticated user is redirected to the authentication page. | |||||
| CVE-2022-26873 | 2 Ami, Intel | 5 Aptio V, Nuc M15 Laptop Kit Lapbc510, Nuc M15 Laptop Kit Lapbc510 Firmware and 2 more | 2026-06-17 | N/A | 8.2 HIGH |
| A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines (VMs) and bypassing memory isolation and confidential computing boundaries. Additionally, an attacker can build a payload which can be injected into the SMRAM memory. This issue affects: Module name: PlatformInitAdvancedPreMem SHA256: 644044fdb8daea30a7820e0f5f88dbf5cd460af72fbf70418e9d2e47efed8d9b Module GUID: EEEE611D-F78F-4FB9-B868-55907F169280 This issue affects: AMI Aptio 5.x. | |||||
| CVE-2022-26860 | 1 Dell | 798 Alienware M15 R6, Alienware M15 R6 Firmware, Chengming 3980 and 795 more | 2026-06-17 | N/A | 7.5 HIGH |
| Dell BIOS versions contain a stack-based buffer overflow vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI to bypass security checks resulting in arbitrary code execution in SMM. | |||||
| CVE-2022-26782 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2026-06-17 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`'s `user_define_set_item` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution. | |||||
| CVE-2022-26781 | 1 Inhandnetworks | 2 Ir302, Ir302 Firmware | 2026-06-17 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple improper input validation vulnerabilities exists in the libnvram.so nvram_import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.An improper input validation vulnerability exists in the `httpd`'s `user_define_print` function. Controlling the `user_define_timeout` nvram variable can lead to remote code execution. | |||||
| CVE-2022-26772 | 1 Apple | 1 Macos | 2026-06-17 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26771 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2026-06-17 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 8.6, tvOS 15.5, iOS 15.5 and iPadOS 15.5. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26769 | 1 Apple | 2 Mac Os X, Macos | 2026-06-17 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26768 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-06-17 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, watchOS 8.6, tvOS 15.5, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2022-26764 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2026-06-17 | 2.6 LOW | 4.7 MEDIUM |
| A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.6, tvOS 15.5, macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. An attacker that has already achieved kernel code execution may be able to bypass kernel memory mitigations. | |||||
| CVE-2022-26762 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2026-06-17 | N/A | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4, iOS 15.5 and iPadOS 15.5. A malicious application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2022-26761 | 1 Apple | 2 Mac Os X, Macos | 2026-06-17 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in Security Update 2022-004 Catalina, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges. | |||||