Export limit exceeded: 20363 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20363 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-0365 | 1 Riconmobile | 4 S9922l, S9922l Firmware, S9922xl and 1 more | 2025-04-16 | 9.1 Critical |
| The affected product is vulnerable to an authenticated OS command injection, which may allow an attacker to inject and execute arbitrary shell commands as the Admin (root) user. | ||||
| CVE-2022-21143 | 1 Airspan | 9 A5x, A5x Firmware, C5c and 6 more | 2025-04-16 | 7.5 High |
| MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C-series and A5x: Device versions prior to v2.5.4.1 does not properly sanitize user input on several locations, which may allow an attacker to inject arbitrary commands. | ||||
| CVE-2021-27476 | 1 Rockwellautomation | 1 Factorytalk Assetcentre | 2025-04-16 | 10 Critical |
| A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow for OS command injection. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier. | ||||
| CVE-2021-32933 | 1 Auvesy-mdt | 2 Autosave, Autosave For System Platform | 2025-04-16 | 10 Critical |
| An attacker could leverage an API to pass along a malicious file that could then manipulate the process creation command line in MDT AutoSave versions prior to v6.02.06 and run a command line argument. This could then be leveraged to run a malicious process. | ||||
| CVE-2021-32974 | 1 Moxa | 8 Nport Iaw5150a-12i\/o, Nport Iaw5150a-12i\/o Firmware, Nport Iaw5150a-6i\/o and 5 more | 2025-04-16 | 9.8 Critical |
| Improper input validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to execute commands. | ||||
| CVE-2021-32976 | 1 Moxa | 8 Nport Iaw5150a-12i\/o, Nport Iaw5150a-12i\/o Firmware, Nport Iaw5150a-6i\/o and 5 more | 2025-04-16 | 9.8 Critical |
| Five buffer overflows in the built-in web server in Moxa NPort IAW5000A-I/O series firmware version 2.2 or earlier may allow a remote attacker to initiate a denial-of-service attack and execute arbitrary code. | ||||
| CVE-2022-1068 | 1 Modbustools | 1 Modbus Slave | 2025-04-16 | 5.5 Medium |
| Modbus Tools Modbus Slave (versions 7.4.2 and prior) is vulnerable to a stack-based buffer overflow in the registration field. This may cause the program to crash when a long character string is used. | ||||
| CVE-2021-38427 | 1 Rti | 2 Connext Professional, Connext Secure | 2025-04-16 | 6.6 Medium |
| RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code. | ||||
| CVE-2022-1357 | 1 Cambiumnetworks | 1 Cnmaestro | 2025-04-16 | 9.8 Critical |
| The affected On-Premise cnMaestro allows an unauthenticated attacker to access the cnMaestro server and execute arbitrary code in the privileges of the web server. This lack of validation could allow an attacker to append arbitrary data to the logger command. | ||||
| CVE-2022-1356 | 1 Cambiumnetworks | 1 Cnmaestro | 2025-04-16 | 7.1 High |
| cnMaestro is vulnerable to a local privilege escalation. By default, a user does not have root privileges. However, a user can run scripts as sudo, which could allow an attacker to gain root privileges when running user scripts outside allowed commands. | ||||
| CVE-2022-1359 | 1 Cambiumnetworks | 1 Cnmaestro | 2025-04-16 | 5.7 Medium |
| The affected On-Premise cnMaestro is vulnerable to an arbitrary file-write through improper limitation of a pathname to a restricted directory inside a specific route. If an attacker supplied path traversal charters (../) as part of a filename, the server will save the file where the attacker chooses. This could allow an attacker to write any data to any file in the server. | ||||
| CVE-2022-1360 | 1 Cambiumnetworks | 1 Cnmaestro | 2025-04-16 | 8.2 High |
| The affected On-Premise cnMaestro is vulnerable to execution of code on the cnMaestro hosting server. This could allow a remote attacker to change server configuration settings. | ||||
| CVE-2022-1362 | 1 Cambiumnetworks | 1 Cnmaestro | 2025-04-16 | 5 Medium |
| The affected On-Premise cnMaestro is vulnerable inside a specific route where a user can upload a crafted package to the system. An attacker could abuse this user-controlled data to execute arbitrary commands on the server. | ||||
| CVE-2021-42704 | 1 Inkscape | 1 Inkscape | 2025-04-16 | 7.8 High |
| Inkscape version 0.91 is vulnerable to an out-of-bounds write, which may allow an attacker to arbitrary execute code. | ||||
| CVE-2021-32941 | 1 Annke | 2 N48pbb, N48pbb Firmware | 2025-04-16 | 9.4 Critical |
| Annke N48PBB (Network Video Recorder) products of version 3.4.106 build 200422 and prior are vulnerable to a stack-based buffer overflow, which allows an unauthorized remote attacker to execute arbitrary code with the same privileges as the server user (root). | ||||
| CVE-2022-1737 | 1 Pyramidsolutions | 4 Netstax Ethernet\/ip Adapter Development Kit, Netstax Ethernet\/ip Adapter Dll Kit, Netstax Ethernet\/ip Scanner Development Kit and 1 more | 2025-04-16 | 9.8 Critical |
| Pyramid Solutions' affected products, the Developer and DLL kits for EtherNet/IP Adapter and EtherNet/IP Scanner, are vulnerable to an out-of-bounds write, which may allow an unauthorized attacker to send a specially crafted packet that may result in a denial-of-service condition. | ||||
| CVE-2022-0843 | 1 Mozilla | 1 Firefox | 2025-04-16 | 8.8 High |
| Mozilla developers Kershaw Chang, Ryan VanderMeulen, and Randell Jesup reported memory safety bugs present in Firefox 97. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 98. | ||||
| CVE-2022-0566 | 2 Mozilla, Redhat | 4 Thunderbird, Enterprise Linux, Rhel E4s and 1 more | 2025-04-16 | 8.8 High |
| It may be possible for an attacker to craft an email message that causes Thunderbird to perform an out-of-bounds write of one byte when processing the message. This vulnerability affects Thunderbird < 91.6.1. | ||||
| CVE-2021-4129 | 2 Mozilla, Redhat | 6 Firefox, Firefox Esr, Thunderbird and 3 more | 2025-04-16 | 9.8 Critical |
| Mozilla developers and community members Julian Hector, Randell Jesup, Gabriele Svelto, Tyson Smith, Christian Holler, and Masayuki Nakano reported memory safety bugs present in Firefox 94. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 95, Firefox ESR < 91.4.0, and Thunderbird < 91.4.0. | ||||
| CVE-2022-2044 | 1 Moxa | 2 Nport 5110, Nport 5110 Firmware | 2025-04-16 | 8.2 High |
| MOXA NPort 5110: Firmware Versions 2.10 is vulnerable to an out-of-bounds write that may allow an attacker to overwrite values in memory, causing a denial-of-service condition or potentially bricking the device. | ||||