Total
12257 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-42942 | 1 Autodesk | 11 Autocad, Autocad Advance Steel, Autocad Architecture and 8 more | 2025-05-08 | N/A | 7.8 HIGH |
| A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2023-6858 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2025-05-07 | N/A | 8.8 HIGH |
| Firefox was susceptible to a heap buffer overflow in `nsTextFragment` due to insufficient OOM handling. This vulnerability affects Firefox ESR < 115.6, Thunderbird < 115.6, and Firefox < 121. | |||||
| CVE-2022-3598 | 3 Debian, Libtiff, Netapp | 3 Debian Linux, Libtiff, Active Iq Unified Manager | 2025-05-07 | N/A | 5.5 MEDIUM |
| LibTIFF 4.4.0 has an out-of-bounds write in extractContigSamplesShifted24bits in tools/tiffcrop.c:3604, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit cfbb883b. | |||||
| CVE-2022-3597 | 3 Debian, Libtiff, Netapp | 3 Debian Linux, Libtiff, Active Iq Unified Manager | 2025-05-07 | N/A | 5.5 MEDIUM |
| LibTIFF 4.4.0 has an out-of-bounds write in _TIFFmemcpy in libtiff/tif_unix.c:346 when called from extractImageSection, tools/tiffcrop.c:6826, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 236b7191. | |||||
| CVE-2025-29912 | 1 Nasa | 1 Cryptolib | 2025-05-07 | N/A | 9.8 CRITICAL |
| CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, an unsigned integer underflow in the `Crypto_TC_ProcessSecurity` function of CryptoLib leads to a heap buffer overflow. The vulnerability is triggered when the `fl` (frame length) field in a Telecommand (TC) packet is set to 0. This underflow causes the frame length to be interpreted as 65535, resulting in out-of-bounds memory access. This critical vulnerability can be exploited to cause a denial of service (DoS) or potentially achieve remote code execution. Users of CryptoLib are advised to apply the recommended patch or avoid processing untrusted TC packets until a fix is available. | |||||
| CVE-2024-58116 | 1 Huawei | 1 Harmonyos | 2025-05-07 | N/A | 4.0 MEDIUM |
| Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-58115 | 1 Huawei | 1 Harmonyos | 2025-05-07 | N/A | 4.0 MEDIUM |
| Buffer overflow vulnerability in the SVG parsing module of the ArkUI framework Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2022-42939 | 1 Autodesk | 11 Autocad, Autocad Advance Steel, Autocad Architecture and 8 more | 2025-05-07 | N/A | 7.8 HIGH |
| A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2022-42938 | 1 Autodesk | 11 Autocad, Autocad Advance Steel, Autocad Architecture and 8 more | 2025-05-07 | N/A | 7.8 HIGH |
| A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2022-42937 | 1 Autodesk | 11 Autocad, Autocad Advance Steel, Autocad Architecture and 8 more | 2025-05-07 | N/A | 7.8 HIGH |
| A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2022-42936 | 1 Autodesk | 11 Autocad, Autocad Advance Steel, Autocad Architecture and 8 more | 2025-05-07 | N/A | 7.8 HIGH |
| A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2022-42935 | 1 Autodesk | 11 Autocad, Autocad Advance Steel, Autocad Architecture and 8 more | 2025-05-07 | N/A | 7.8 HIGH |
| A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2022-42934 | 1 Autodesk | 11 Autocad, Autocad Advance Steel, Autocad Architecture and 8 more | 2025-05-07 | N/A | 7.8 HIGH |
| A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2022-42933 | 1 Autodesk | 11 Autocad, Autocad Advance Steel, Autocad Architecture and 8 more | 2025-05-07 | N/A | 7.8 HIGH |
| A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2022-3570 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2025-05-07 | N/A | 7.7 HIGH |
| Multiple heap buffer overflows in tiffcrop.c utility in libtiff library Version 4.4.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other context-dependent impact | |||||
| CVE-2022-40876 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-05-07 | N/A | 9.8 CRITICAL |
| In Tenda ax1803 v1.0.0.1, the http requests handled by the fromAdvSetMacMtuWan functions, wanSpeed, cloneType, mac, can cause a stack overflow and enable remote code execution (RCE). | |||||
| CVE-2022-40875 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-05-07 | N/A | 7.5 HIGH |
| Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow in the function GetParentControlInfo. | |||||
| CVE-2022-40874 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-05-07 | N/A | 7.5 HIGH |
| Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow vulnerability in the GetParentControlInfo function, which can cause a denial of service attack through a carefully constructed http request. | |||||
| CVE-2022-42944 | 1 Autodesk | 11 Autocad, Autocad Advance Steel, Autocad Architecture and 8 more | 2025-05-07 | N/A | 7.8 HIGH |
| A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||
| CVE-2022-42943 | 1 Autodesk | 11 Autocad, Autocad Advance Steel, Autocad Architecture and 8 more | 2025-05-07 | N/A | 7.8 HIGH |
| A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | |||||