Total
13513 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-34247 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-11-21 | N/A | 7.8 HIGH |
| Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-34245 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2024-11-21 | N/A | 7.8 HIGH |
| Adobe InDesign versions 17.2.1 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-34217 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2024-11-21 | N/A | 7.8 HIGH |
| Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an Out-Of-Bounds Write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-34038 | 1 Etcd | 1 Etcd | 2024-11-21 | N/A | 7.5 HIGH |
| Etcd v3.5.4 allows remote attackers to cause a denial of service via function PageWriter.write in pagewriter.go. NOTE: the vendor's position is that this is not a vulnerability. | |||||
| CVE-2022-34035 | 1 Htmldoc Project | 1 Htmldoc | 2024-11-21 | N/A | 7.5 HIGH |
| HTMLDoc v1.9.12 and below was discovered to contain a heap overflow via e_node htmldoc/htmldoc/html.cxx:588. | |||||
| CVE-2022-34033 | 1 Htmldoc Project | 1 Htmldoc | 2024-11-21 | N/A | 7.5 HIGH |
| HTMLDoc v1.9.15 was discovered to contain a heap overflow via (write_header) /htmldoc/htmldoc/html.cxx:273. | |||||
| CVE-2022-33890 | 1 Autodesk | 11 Autocad, Autocad Advance Steel, Autocad Architecture and 8 more | 2024-11-21 | N/A | 7.8 HIGH |
| A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2022-33889 | 1 Autodesk | 11 Autocad, Autocad Advance Steel, Autocad Architecture and 8 more | 2024-11-21 | N/A | 7.8 HIGH |
| A maliciously crafted GIF or JPEG files when parsed through Autodesk Design Review 2018, and AutoCAD 2023 and 2022 could be used to write beyond the allocated heap buffer. This vulnerability could lead to arbitrary code execution. | |||||
| CVE-2022-33885 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2024-11-21 | N/A | 7.8 HIGH |
| A maliciously crafted X_B, CATIA, and PDF file when parsed through Autodesk AutoCAD 2023 and 2022 can be used to write beyond the allocated buffer. This vulnerability can lead to arbitrary code execution. | |||||
| CVE-2022-33883 | 1 Autodesk | 4 Advanced Material Exchange, Moldflow Adviser, Moldflow Communicator and 1 more | 2024-11-21 | N/A | 7.8 HIGH |
| A malicious crafted file consumed through Moldflow Synergy, Moldflow Adviser, Moldflow Communicator, and Advanced Material Exchange applications could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2022-33871 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | N/A | 6.6 MEDIUM |
| A stack-based buffer overflow vulnerability [CWE-121] in FortiWeb version 7.0.1 and earlier, 6.4 all versions, version 6.3.19 and earlier may allow a privileged attacker to execute arbitrary code or commands via specifically crafted CLI `execute backup-local rename` and `execute backup-local show` operations. | |||||
| CVE-2022-33730 | 1 Google | 1 Android | 2024-11-21 | N/A | 6.8 MEDIUM |
| Heap-based buffer overflow vulnerability in Samsung Dex for PC prior to SMR Aug-2022 Release 1 allows arbitrary code execution by physical attackers. | |||||
| CVE-2022-33279 | 1 Qualcomm | 148 Ar9380, Ar9380 Firmware, Csr8811 and 145 more | 2024-11-21 | N/A | 9.8 CRITICAL |
| Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length. | |||||
| CVE-2022-33267 | 1 Qualcomm | 106 Aqt1000, Aqt1000 Firmware, Qca6390 and 103 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| Memory corruption in Linux while sending DRM request. | |||||
| CVE-2022-33264 | 1 Qualcomm | 484 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8953pro and 481 more | 2024-11-21 | N/A | 7.9 HIGH |
| Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message. | |||||
| CVE-2022-33260 | 1 Qualcomm | 92 Aqt1000, Aqt1000 Firmware, Qam8295p and 89 more | 2024-11-21 | N/A | 5.9 MEDIUM |
| Memory corruption due to stack based buffer overflow in core while sending command from USB of large size. | |||||
| CVE-2022-33233 | 1 Qualcomm | 402 Apq8009, Apq8009 Firmware, Apq8009w and 399 more | 2024-11-21 | N/A | 7.8 HIGH |
| Memory corruption due to configuration weakness in modem wile sending command to write protected files. | |||||
| CVE-2022-33108 | 1 Xpdfreader | 1 Xpdf | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| XPDF v4.04 was discovered to contain a stack overflow vulnerability via the Object::Copy class of object.cc files. | |||||
| CVE-2022-33099 | 2 Fedoraproject, Lua | 2 Fedora, Lua | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue in the component luaG_runerror of Lua v5.4.4 and below leads to a heap-buffer overflow when a recursive error occurs. | |||||
| CVE-2022-33087 | 1 Tp-link | 4 Archer A5, Archer A5 Firmware, Archer C50 and 1 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| A stack overflow in the function DM_ In fillobjbystr() of TP-Link Archer C50&A5(US)_V5_200407 allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request. | |||||