Total
315 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-25732 | 1 Qualcomm | 66 Ar8031, Ar8031 Firmware, Csra6620 and 63 more | 2024-11-21 | 8.2 High |
| Information disclosure in modem due to buffer over read in dns client due to missing length check | ||||
| CVE-2022-25730 | 1 Qualcomm | 54 Mdm8207, Mdm8207 Firmware, Mdm9205 and 51 more | 2024-11-21 | 8.2 High |
| Information disclosure in modem due to improper check of IP type while processing DNS server query | ||||
| CVE-2022-25728 | 1 Qualcomm | 68 Ar8031, Ar8031 Firmware, Csra6620 and 65 more | 2024-11-21 | 8.2 High |
| Information disclosure in modem due to buffer over-read while processing response from DNS server | ||||
| CVE-2022-25726 | 1 Qualcomm | 52 Mdm8207, Mdm8207 Firmware, Mdm9205 and 49 more | 2024-11-21 | 8.2 High |
| Information disclosure in modem data due to array out of bound access while handling the incoming DNS response packet | ||||
| CVE-2022-22519 | 1 Codesys | 18 Control For Beaglebone Sl, Control For Beckhoff Cx9020, Control For Empc-a\/imx6 Sl and 15 more | 2024-11-21 | 7.5 High |
| A remote, unauthenticated attacker can send a specific crafted HTTP or HTTPS requests causing a buffer over-read resulting in a crash of the webserver of the CODESYS Control runtime system. | ||||
| CVE-2022-20823 | 1 Cisco | 294 Nexus 3016, Nexus 3016 Firmware, Nexus 3016q and 291 more | 2024-11-21 | 8.6 High |
| A vulnerability in the OSPF version 3 (OSPFv3) feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to incomplete input validation of specific OSPFv3 packets. An attacker could exploit this vulnerability by sending a malicious OSPFv3 link-state advertisement (LSA) to an affected device. A successful exploit could allow the attacker to cause the OSPFv3 process to crash and restart multiple times, causing the affected device to reload and resulting in a DoS condition. Note: The OSPFv3 feature is disabled by default. To exploit this vulnerability, an attacker must be able to establish a full OSPFv3 neighbor state with an affected device. For more information about exploitation conditions, see the Details section of this advisory. | ||||
| CVE-2022-20714 | 1 Cisco | 3 Asr 9902, Asr 9903, Ios Xr | 2024-11-21 | 8.6 High |
| A vulnerability in the data plane microcode of Lightspeed-Plus line cards for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the line card to reset. This vulnerability is due to the incorrect handling of malformed packets that are received on the Lightspeed-Plus line cards. An attacker could exploit this vulnerability by sending a crafted IPv4 or IPv6 packet through an affected device. A successful exploit could allow the attacker to cause the Lightspeed-Plus line card to reset, resulting in a denial of service (DoS) condition for any traffic that traverses that line card. | ||||
| CVE-2022-1987 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | 8.1 High |
| Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. | ||||
| CVE-2022-1927 | 4 Apple, Fedoraproject, Redhat and 1 more | 5 Macos, Fedora, Enterprise Linux and 2 more | 2024-11-21 | 7.8 High |
| Buffer Over-read in GitHub repository vim/vim prior to 8.2. | ||||
| CVE-2022-1908 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | 8.1 High |
| Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. | ||||
| CVE-2022-1907 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | 8.1 High |
| Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. | ||||
| CVE-2022-1769 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2024-11-21 | 7.8 High |
| Buffer Over-read in GitHub repository vim/vim prior to 8.2.4974. | ||||
| CVE-2022-1720 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-11-21 | 7.8 High |
| Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution. | ||||
| CVE-2022-1629 | 4 Apple, Fedoraproject, Redhat and 1 more | 5 Macos, Fedora, Enterprise Linux and 2 more | 2024-11-21 | 7.8 High |
| Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution | ||||
| CVE-2022-1534 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | 7.1 High |
| Buffer Over-read at parse_rawml.c:1416 in GitHub repository bfabiszewski/libmobi prior to 0.11. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash. | ||||
| CVE-2022-1533 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | 7.8 High |
| Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11. This vulnerability is capable of arbitrary code execution. | ||||
| CVE-2021-34584 | 1 Codesys | 1 Codesys | 2024-11-21 | 9.1 Critical |
| Crafted web server requests can be utilised to read partial stack or heap memory or may trigger a denial-of- service condition due to a crash in the CODESYS V2 web server prior to V1.1.9.22. | ||||
| CVE-2021-34325 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-11-21 | 5.5 Medium |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The Jt981.dll library in affected applications lacks proper validation of user-supplied data when parsing JT files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13421) | ||||
| CVE-2021-34322 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-11-21 | 5.5 Medium |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The JPEG2K_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing J2K files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13416) | ||||
| CVE-2021-34321 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2024-11-21 | 5.5 Medium |
| A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The VisDraw.dll library in affected applications lacks proper validation of user-supplied data when parsing J2K files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13414) | ||||