Export limit exceeded: 18028 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20196 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-32045 | 1 Totolink | 2 T6, T6 Firmware | 2024-11-21 | 7.5 High |
| TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00413be4. | ||||
| CVE-2022-32044 | 1 Totolink | 2 T6, T6 Firmware | 2024-11-21 | 7.5 High |
| TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the password parameter in the function FUN_00413f80. | ||||
| CVE-2022-32043 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 7.5 High |
| Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAccessCodeInfo. | ||||
| CVE-2022-32041 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 7.5 High |
| Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formGetPassengerAnalyseData. | ||||
| CVE-2022-32040 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 7.5 High |
| Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetCfm. | ||||
| CVE-2022-32039 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 7.5 High |
| Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the listN parameter in the function fromDhcpListClient. | ||||
| CVE-2022-32037 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 7.5 High |
| Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formSetAPCfg. | ||||
| CVE-2022-32036 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 7.5 High |
| Tenda M3 V1.0.0.12 was discovered to contain multiple stack overflow vulnerabilities via the ssidList, storeName, and trademark parameters in the function formSetStoreWeb. | ||||
| CVE-2022-32035 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 7.5 High |
| Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the function formMasterMng. | ||||
| CVE-2022-32034 | 1 Tenda | 2 M3, M3 Firmware | 2024-11-21 | 7.5 High |
| Tenda M3 V1.0.0.12 was discovered to contain a stack overflow via the items parameter in the function formdelMasteraclist. | ||||
| CVE-2022-32033 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the function formSetVirtualSer. | ||||
| CVE-2022-32032 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 9.8 Critical |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the deviceList parameter in the function formAddMacfilterRule. | ||||
| CVE-2022-32031 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function fromSetRouteStatic. | ||||
| CVE-2022-32030 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2024-11-21 | 7.5 High |
| Tenda AX1806 v1.0.0.1 was discovered to contain a stack overflow via the list parameter in the function formSetQosBand. | ||||
| CVE-2022-31885 | 1 Marvalglobal | 1 Marval Msm | 2024-11-21 | 9.8 Critical |
| Marval MSM v14.19.0.12476 is vulnerable to OS Command Injection due to the insecure handling of VBScripts. | ||||
| CVE-2022-31814 | 1 Netgate | 1 Pfblockerng | 2024-11-21 | 9.8 Critical |
| pfSense pfBlockerNG through 2.1.4_26 allows remote attackers to execute arbitrary OS commands as root via shell metacharacters in the HTTP Host header. NOTE: 3.x is unaffected. | ||||
| CVE-2022-31804 | 1 Codesys | 1 Gateway | 2024-11-21 | 7.5 High |
| The CODESYS Gateway Server V2 does not verifiy that the size of a request is within expected limits. An unauthenticated attacker may allocate an arbitrary amount of memory, which may lead to a crash of the Gateway due to an out-of-memory condition. | ||||
| CVE-2022-31795 | 1 Fujitsu | 2 Eternus Cs8000, Eternus Cs8000 Firmware | 2024-11-21 | 9.8 Critical |
| An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the grel_finfo function in grel.php. An attacker is able to influence the username (user), password (pw), and file-name (file) parameters and inject special characters such as semicolons, backticks, or command-substitution sequences in order to force the application to execute arbitrary commands. | ||||
| CVE-2022-31794 | 1 Fujitsu | 2 Eternus Cs8000, Eternus Cs8000 Firmware | 2024-11-21 | 9.8 Critical |
| An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the requestTempFile function in hw_view.php. An attacker is able to influence the unitName POST parameter and inject special characters such as semicolons, backticks, or command-substitution sequences in order to force the application to execute arbitrary commands. | ||||
| CVE-2022-31783 | 2 Fedoraproject, Liblouis | 2 Fedora, Liblouis | 2024-11-21 | 5.5 Medium |
| Liblouis 3.21.0 has an out-of-bounds write in compileRule in compileTranslationTable.c, as demonstrated by lou_trace. | ||||