Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2022-24008 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24009 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24010 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24011 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24012 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24013 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-32429 An authentication-bypass issue in the component http://MYDEVICEIP/cgi-bin-sdb/ExportSettings.sh of Mega System Technologies Inc MSNSwitch MNT.2408 allows unauthenticated attackers to arbitrarily confi... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24014 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24015 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24016 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24017 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24018 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24019 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24020 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24021 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24022 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24024 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24025 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24026 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24027 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24028 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-24029 A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted configuration value can lead to a buffer overflow. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-25996 A stack-based buffer overflow vulnerability exists in the confsrv addTimeGroup functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to a buffer overflo... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-26009 A stack-based buffer overflow vulnerability exists in the confsrv ucloud_set_node_location functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to stac... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-26342 A buffer overflow vulnerability exists in the confsrv ucloud_set_node_location functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to a buffer overflo... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-26346 A denial of service vulnerability exists in the ucloud_del_node functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to denial of service. An attacker ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-26376 A memory corruption vulnerability exists in the httpd unescape functionality of Asuswrt prior to 3.0.0.4.386_48706 and Asuswrt-Merlin New Gen prior to 386.7.. A specially-crafted HTTP request can lead... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-27178 A denial of service vulnerability exists in the confctl_set_wan_cfg functionality of TCL LinkHub Mesh Wi-Fi MS1G_00_01.00_14. A specially-crafted network packet can lead to denial of service. An attac... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-27631 A memory corruption vulnerability exists in the httpd unescape functionality of DD-WRT Revision 32270 - Revision 48599. A specially-crafted HTTP request can lead to memory corruption. An attacker can ... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-28664 A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network reque... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-28665 A memory corruption vulnerability exists in the httpd unescape functionality of FreshTomato 2022.1. A specially-crafted HTTP request can lead to memory corruption. An attacker can send a network reque... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-29465 An out-of-bounds write vulnerability exists in the PSD Header processing memory allocation functionality of Accusoft ImageGear 20.0. A specially-crafted malformed file can lead to memory corruption. A... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-37767 Pebble Templates 3.1.5 allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok. NOTE: the vendor disputes this because input to the Pebble templating en... | 9.8 | CRITICAL | β | 0 |
| CVE-2022-35280 IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Fo... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-34813 Matrix libolm before 3.2.3 allows a malicious Matrix homeserver to crash a client (while it is attempting to retrieve an Olm encrypted room key backup from the homeserver) because olm_pk_decrypt has a... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-31914 In JetBrains TeamCity before 2020.2.4 on Windows, arbitrary code execution on TeamCity Server was possible. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-31915 In JetBrains TeamCity before 2020.2.4, OS command injection leading to remote code execution was possible. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-26461 Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resultin... | 9.8 | CRITICAL | β | 0 |
| CVE-2020-25753 An issue was discovered on Enphase Envoy R3.x and D4.x devices with v3 software. The default admin password is set to the last 6 digits of the serial number. The serial number can be retrieved by an u... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-20418 IBM Security Guardium 11.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 196279. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-35066 An XXE vulnerability exists in ConnectWise Automate before 2021.0.6.132. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-23691 YFCMF v2.3.1 has a Remote Command Execution (RCE) vulnerability in the index.php. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-20466 White Shark System (WSS) 1.3.2 is vulnerable to unauthorized access via user_edit_password.php, remote attackers can modify the password of any user. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-23790 An Arbitrary File Upload vulnerability was discovered in the Golo Laravel theme v 1.1.5. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-32607 An issue was discovered in Smartstore (aka SmartStoreNET) through 4.1.1. Views/PrivateMessages/View.cshtml does not call HtmlUtils.SanitizeHtml on a private message. | 9.8 | CRITICAL | β | 0 |
| CVE-2020-36400 ZeroMQ libzmq 4.3.3 has a heap-based buffer overflow in zmq::tcp_read, a different vulnerability than CVE-2021-20235. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-35474 Stack-based Buffer Overflow vulnerability in cachekey plugin of Apache Traffic Server. This issue affects Apache Traffic Server 7.0.0 to 7.1.12, 8.0.0 to 8.1.1, 9.0.0 to 9.0.1. | 9.8 | CRITICAL | β | 0 |
| CVE-2021-27384 A vulnerability has been identified in SIMATIC HMI Comfort Outdoor Panels V15 7\" & 15\" (incl. SIPLUS variants) (All versions < V15.1 Update 6), SIMATIC HMI Comfort Outdoor Panels V16 7\" & 15\" (inc... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-24376 The Autoptimize WordPress plugin before 2.7.8 attempts to delete malicious files (such as .php) form the uploaded archive via the "Import Settings" feature, after its extraction. However, the extracte... | 9.8 | CRITICAL | β | 0 |
| CVE-2021-32608 An issue was discovered in Smartstore (aka SmartStoreNET) through 4.1.1. Views/Boards/Partials/_ForumPost.cshtml does not call HtmlUtils.SanitizeHtml on certain text for a forum post. | 9.8 | CRITICAL | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.