ReportizFlow
Filtered by vendor
Subscriptions
Total
13420 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-23103 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2025-04-15 | 9.8 Critical |
| A stack-based buffer overflow vulnerability exists in the confsrv confctl_set_app_language functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. | ||||
| CVE-2022-23399 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2025-04-15 | 9.8 Critical |
| A stack-based buffer overflow vulnerability exists in the confsrv set_port_fwd_rule functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. | ||||
| CVE-2022-23918 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2025-04-15 | 9.8 Critical |
| A stack-based buffer overflow vulnerability exists in the confsrv set_mf_rule functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability leverages the ethAddr field within the protobuf message to cause a buffer overflow. | ||||
| CVE-2022-23919 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2025-04-15 | 9.8 Critical |
| A stack-based buffer overflow vulnerability exists in the confsrv set_mf_rule functionality of TCL LinkHub Mesh Wifi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability leverages the name field within the protobuf message to cause a buffer overflow. | ||||
| CVE-2022-25996 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2025-04-15 | 9.8 Critical |
| A stack-based buffer overflow vulnerability exists in the confsrv addTimeGroup functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. | ||||
| CVE-2022-26009 | 1 Tcl | 1 Linkhub Mesh Wifi Ac1200 | 2025-04-15 | 9.8 Critical |
| A stack-based buffer overflow vulnerability exists in the confsrv ucloud_set_node_location functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to stack-based buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. | ||||
| CVE-2022-26376 | 2 Asus, Asuswrt-merlin | 36 Asuswrt, Et12, Et12 Firmware and 33 more | 2025-04-15 | 9.8 Critical |
| A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability. | ||||
| CVE-2022-27631 | 1 Dd-wrt | 1 Dd-wrt | 2025-04-15 | 9.8 Critical |
| A memory corruption vulnerability exists in the httpd unescape functionality of DD-WRT Revision 32270 - Revision 48599. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability. | ||||
| CVE-2022-28664 | 1 Freshtomato | 1 Freshtomato | 2025-04-15 | 9.8 Critical |
| A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.The `freshtomato-mips` has a vulnerable URL-decoding feature that can lead to memory corruption. | ||||
| CVE-2022-28665 | 1 Freshtomato | 1 Freshtomato | 2025-04-15 | 9.8 Critical |
| A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network request to trigger this vulnerability.The `freshtomato-arm` has a vulnerable URL-decoding feature that can lead to memory corruption. | ||||
| CVE-2022-29465 | 1 Accusoft | 1 Imagegear | 2025-04-15 | 9.8 Critical |
| An out-of-bounds write vulnerability exists in the PSD Header processing memory allocation functionality of Accusoft ImageGear 20.0. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2022-32588 | 1 Accusoft | 1 Imagegear | 2025-04-15 | 7.8 High |
| An out-of-bounds write vulnerability exists in the PICT parsing pctwread_14841 functionality of Accusoft ImageGear 20.0. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2022-41992 | 1 Poweriso | 1 Poweriso | 2025-04-15 | 7.8 High |
| A memory corruption vulnerability exists in the VHD File Format parsing CXSPARSE record functionality of PowerISO PowerISO 8.3. A specially-crafted file can lead to an out-of-bounds write. A victim needs to open a malicious file to trigger this vulnerability. | ||||
| CVE-2022-38478 | 2 Mozilla, Redhat | 6 Firefox, Firefox Esr, Thunderbird and 3 more | 2025-04-15 | 8.8 High |
| Members the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103, Firefox ESR 102.1, and Firefox ESR 91.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.2, Thunderbird < 91.13, Firefox ESR < 91.13, Firefox ESR < 102.2, and Firefox < 104. | ||||
| CVE-2022-38477 | 2 Mozilla, Redhat | 6 Firefox, Firefox Esr, Thunderbird and 3 more | 2025-04-15 | 8.8 High |
| Mozilla developer Nika Layzell and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 103 and Firefox ESR 102.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 102.2, Thunderbird < 102.2, and Firefox < 104. | ||||
| CVE-2022-34485 | 1 Mozilla | 1 Firefox | 2025-04-15 | 9.8 Critical |
| Mozilla developers Bryce Seager van Dyk and the Mozilla Fuzzing Team reported potential vulnerabilities present in Firefox 101. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 102. | ||||
| CVE-2022-36320 | 1 Mozilla | 1 Firefox | 2025-04-15 | 9.8 Critical |
| Mozilla developers and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 102. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 103. | ||||
| CVE-2022-42932 | 2 Mozilla, Redhat | 6 Firefox, Firefox Esr, Thunderbird and 3 more | 2025-04-15 | 8.8 High |
| Mozilla developers Ashley Hale and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105 and Firefox ESR 102.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 106, Firefox ESR < 102.4, and Thunderbird < 102.4. | ||||
| CVE-2022-46885 | 1 Mozilla | 1 Firefox | 2025-04-15 | 8.8 High |
| Mozilla developers Timothy Nikkel, Ashley Hale, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 105. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 106. | ||||
| CVE-2022-46883 | 1 Mozilla | 1 Firefox | 2025-04-15 | 8.8 High |
| Mozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 106. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.<br />*Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 107. This vulnerability affects Firefox < 107. | ||||