Export limit exceeded: 44017 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 20360 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20360 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-42525 | 1 Google | 1 Android | 2025-04-17 | 6.7 Medium |
| In fillSetupDataCallInfo_V1_6 of ril_service_1_6.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-243509750References: N/A | ||||
| CVE-2023-41288 | 1 Qnap | 1 Video Station | 2025-04-17 | 8.8 High |
| An OS command injection vulnerability has been reported to affect Video Station. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following version: Video Station 5.7.2 ( 2023/11/23 ) and later | ||||
| CVE-2024-0296 | 1 Totolink | 2 N200re, N200re Firmware | 2025-04-17 | 7.3 High |
| A vulnerability has been found in Totolink N200RE 9.3.5u.6139_B20201216 and classified as critical. This vulnerability affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument host_time leads to os command injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-249862 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-51962 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-04-17 | 9.8 Critical |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function setIptvInfo. | ||||
| CVE-2023-51959 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-04-17 | 9.8 Critical |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the adv.iptv.stbpvid parameter in the function formGetIptv. | ||||
| CVE-2022-44754 | 1 Hcltech | 1 Domino | 2025-04-17 | 9.8 Critical |
| HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44750. This vulnerability applies to software previously licensed by IBM. | ||||
| CVE-2022-44752 | 1 Hcltech | 1 Domino | 2025-04-17 | 9.8 Critical |
| HCL Domino is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted WordPerfect file. This vulnerability applies to software previously licensed by IBM. | ||||
| CVE-2022-44750 | 1 Hcltech | 1 Domino | 2025-04-17 | 9.8 Critical |
| HCL Domino is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44754. This vulnerability applies to software previously licensed by IBM. | ||||
| CVE-2023-48264 | 1 Bosch | 21 Nexo-os, Nexo Cordless Nutrunner Nxa011s-36v-b \(0608842012\), Nexo Cordless Nutrunner Nxa011s-36v \(0608842011\) and 18 more | 2025-04-17 | 8.1 High |
| The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request. | ||||
| CVE-2022-47519 | 3 Debian, Linux, Netapp | 12 Debian Linux, Linux Kernel, H300s and 9 more | 2025-04-17 | 7.8 High |
| An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_OPER_CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the channel list attribute from Wi-Fi management frames. | ||||
| CVE-2022-47518 | 3 Debian, Linux, Netapp | 12 Debian Linux, Linux Kernel, H300s and 9 more | 2025-04-17 | 7.8 High |
| An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the list of operating channels from Wi-Fi management frames. | ||||
| CVE-2022-44755 | 1 Hcltech | 1 Notes | 2025-04-17 | 9.8 Critical |
| HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44751. This vulnerability applies to software previously licensed by IBM. | ||||
| CVE-2022-44753 | 1 Hcltech | 1 Notes | 2025-04-17 | 9.8 Critical |
| HCL Notes is susceptible to a stack based buffer overflow vulnerability in wp6sr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted WordPerfect file. This vulnerability applies to software previously licensed by IBM. | ||||
| CVE-2022-44751 | 1 Hcltech | 1 Notes | 2025-04-17 | 9.8 Critical |
| HCL Notes is susceptible to a stack based buffer overflow vulnerability in lasr.dll in Micro Focus KeyView. This could allow a remote unauthenticated attacker to crash the application or execute arbitrary code via a crafted Lotus Ami Pro file. This is different from the vulnerability described in CVE-2022-44755. This vulnerability applies to software previously licensed by IBM. | ||||
| CVE-2022-44456 | 1 Contec | 1 Conprosys Hmi System | 2025-04-17 | 9.8 Critical |
| CONPROSYS HMI System (CHS) Ver.3.4.4?and earlier allows a remote unauthenticated attacker to execute an arbitrary OS command on the server where the product is running by sending a specially crafted request. | ||||
| CVE-2022-44109 | 1 Pdftojson Project | 1 Pdftojson | 2025-04-17 | 9.8 Critical |
| pdftojson commit 94204bb was discovered to contain a stack overflow via the component Stream::makeFilter(char*, Stream*, Object*, int). | ||||
| CVE-2022-44108 | 1 Pdftojson Project | 1 Pdftojson | 2025-04-17 | 9.8 Critical |
| pdftojson commit 94204bb was discovered to contain a stack overflow via the component Object::copy(Object*):Object.cc. | ||||
| CVE-2022-43466 | 1 Buffalo | 20 Wex-1800ax4, Wex-1800ax4 Firmware, Wex-1800ax4ea and 17 more | 2025-04-17 | 6.8 Medium |
| OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command if a specially crafted request is sent to a specific CGI program. | ||||
| CVE-2022-43443 | 1 Buffalo | 22 Wcr-1166ds, Wcr-1166ds Firmware, Wsr-2533dhp and 19 more | 2025-04-17 | 8 High |
| OS command injection vulnerability in Buffalo network devices allows an network-adjacent attacker to execute an arbitrary OS command if a specially crafted request is sent to the management page. | ||||
| CVE-2022-43289 | 1 Entropymine | 1 Deark | 2025-04-17 | 7.8 High |
| Deark v.1.6.2 was discovered to contain a stack overflow via the do_prism_read_palette() function at /modules/atari-img.c. | ||||