PT-2022-21064 · Tenda · Tenda M3

Name of the Vulnerable Software and Affected Versions: Tenda M3 version 1.0.0.12 Description: A stack overflow issue was discovered via the function formSetAPCfg. This issue may allow for exploitation, potentially leading to unauthorized access or control. No information is available regarding th...

PT-2022-21063 · Tenda · Tenda M3

Name of the Vulnerable Software and Affected Versions: Tenda M3 version 1.0.0.12 Description: The issue is related to multiple stack overflow vulnerabilities. These vulnerabilities can be exploited via the ssidList, storeName, and trademark parameters in the formSetStoreWeb function...

PT-2022-6755 · Tenda · Tenda Fh1202 +5

Name of the Vulnerable Software and Affected Versions: Tenda F1202 version V1.0BR V1.2.0.20408 Tenda FH1202 version V1.2.0.19 EN Tenda AC10 version V1.0 Tenda AC1206 version V1.0 Tenda AC7 version V1.0 Tenda AC5 version V1.0 Tenda AC9 version V3.0 Description: The issue is related to a stack...

PT-2022-10337 · Zephyr · Zephyr

Name of the Vulnerable Software and Affected Versions: Zephyr versions = v2.5.0 Description: A stack-based buffer overflow issue exists in the le ecred conn req function. This issue is related to a stack-based buffer overflow, which can be exploited. Recommendations: For Zephyr versions = v2.5.0,...

PT-2022-11429 · Silverstripe · Silverstripe/Framework

Name of the Vulnerable Software and Affected Versions: Silverstripe silverstripe/framework versions 4.8.1 through 4.10.9 Description: The issue is related to a quadratic blowup in the Convert::xml2array function, which can be exploited via a crafted XML document to enable a remote attack...

PT-2022-11729 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200T version 4.1.2cu.5215 Description: The issue concerns a remote command injection vulnerability. It is located in the setDeviceMac function of the global.so file, allowing control over the deviceName to launch an attack...

PT-2022-3038 · Ntfs-3G +9 · Ntfs-3G +9

Name of the Vulnerable Software and Affected Versions: NTFS-3G versions through 2021.8.22 Description: A crafted NTFS image can cause a heap-based buffer overflow in the ntfs check log client array function. This issue is related to the NTFS file system for the FUSE NTFS-3G module and is associat...

PT-2022-9838 · Xpdf +1 · Xpdf +1

Name of the Vulnerable Software and Affected Versions: xpdf version 4.03 Description: The issue is related to a Null Pointer Dereference in the XFAScanner::scanNode function, located in XFAScanner.cc. This problem can lead to potential crashes or other unintended behavior when the function is...

PT-2022-2680 · Pjsip +2 · Pjsip +2

Name of the Vulnerable Software and Affected Versions: PJSIP versions 2.12 and prior Description: The issue is related to the implementation of the pjmedia rtcp fb parse rpsi function in the PJSIP multimedia communication library. It is associated with a buffer overflow in memory when processing ...

PT-2022-18802 · Htmldoc +3 · Htmldoc +3

Name of the Vulnerable Software and Affected Versions: htmldoc version 31f7804 Description: A flaw was found in htmldoc, where a heap buffer overflow in the function pdf write names in ps-pdf.cxx may lead to arbitrary code execution and Denial of Service DoS. Recommendations: For htmldoc version...

PT-2022-17287 · Tenda · Tenda Ac9

Name of the Vulnerable Software and Affected Versions: Tenda AC9 version 15.03.2.21 Description: The issue is related to multiple stack overflows that can occur via the NPTR, V12, V10, and V11 parameters in the Formsetqosband function. This can potentially lead to exploitation. Recommendations: F...

PT-2022-3854 · Totolink · Totolink A3100R +5

Name of the Vulnerable Software and Affected Versions: TOTOLINK A800R version 4.1.2cu.5137 B20200730 TOTOLINK A810R version 4.1.2cu.5182 B20201026 TOTOLINK A830R version 5.9c.4729 B20191112 TOTOLINK A3000RU version 5.9c.5185 B20201128 TOTOLINK A3100R version 4.1.2cu.5050 B20200504 TOTOLINK A950RG...

PT-2022-1373 · Google · Android Kernel

Name of the Vulnerable Software and Affected Versions: Android kernel versions affected versions not specified Description: The issue is related to an integer overflow in the rndis set response function of the rndis.c file, which could lead to a local escalation of privilege. This can occur if a...

PT-2022-17727 · Totolink · Totolink X5000R

Name of the Vulnerable Software and Affected Versions: Totolink X5000R Firmware version 9.1.0u.6118 B20201102 Description: The issue is related to a command injection vulnerability in the setNtpCfg function, specifically via the tz parameters. This allows attackers to execute arbitrary commands b...

PT-2022-17218 · Unknown · Rigoblock Dragos

Name of the Vulnerable Software and Affected Versions: RigoBlock Dragos through 2022-02-17 Description: The issue is related to the lack of the onlyOwner modifier for setMultipleAllowances, which enables token manipulation. This has been exploited in the wild in February 2022. A major protocol...

PT-2022-7204 · Unknown +2 · Stb Image.H +2

Name of the Vulnerable Software and Affected Versions: stb image.h version 2.27 Description: The issue is related to an integer overflow in the stbi jpeg decode block prog dc function, which can be exploited by attackers to cause a Denial of Service DoS via unspecified vectors. This can allow a...

PT-2022-1945 · Tp Link · Tp-Link Tl-Wr840N

Name of the Vulnerable Software and Affected Versions: TP-LINK TL-WR840NES version V6.20 180709 Description: The issue is related to a remote code execution vulnerability via the function oal wan6 setIpAddr. This vulnerability is associated with the lack of neutralization of special elements when...

PT-2022-12382 · Totolink · Totolink A720R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A720R version 4.1.5cu.470 B20200911 Description: A stack overflow was discovered in the setWiFiWpsStart function, allowing attackers to cause a Denial of Service DoS via the pin parameter. Recommendations: For TOTOLINK A720R version...

PT-2022-7549 · Hdf5 +2 · Hdf5 +2

Name of the Vulnerable Software and Affected Versions: HDF5 version 1.13.1-1 Description: The issue is related to an untrusted pointer dereference vulnerability in the function H5O dtype decode helper at hdf5/src/H5Odtype.c in the HDF5 library. This vulnerability can lead to a Denial of Service D...

PT-2022-12507 · Gnu +3 · Gnu Recutils +3

Name of the Vulnerable Software and Affected Versions: GNU Recutils version 1.8.90 Description: The issue is related to an Use-After-Free vulnerability in the rec record destroy function at rec-record.c. This vulnerability can lead to a segmentation fault or application crash. Recommendations: Fo...