PT-2022-27181 · Picoc · Picoc

Name of the Vulnerable Software and Affected Versions: PicoC version 3.2.2 Description: A heap buffer overflow was discovered in the StdioOutPutc function in stdlib/stdio.c when called from ExpressionParseFunctionCall. This issue affects the StdioOutPutc function, which is part of the PicoC...

PT-2022-7452

Name of the Vulnerable Software and Affected Versions Net-SNMP versions 5.4.3 through 5.9.3 Description The issue is related to a NULL Pointer Exception bug in the handle ipv6IpForwarding function. This bug can be exploited by a remote attacker using a specially crafted UDP packet, resulting in a...

PT-2022-26777 · Timg · Timg

Name of the Vulnerable Software and Affected Versions: timg version 1.4.4 Description: A memory leak was discovered in the function timg::QueryBackgroundColor at /timg/src/term-query.cc. Recommendations: For version 1.4.4, consider disabling the timg::QueryBackgroundColor function as a temporary...

PT-2022-5321 · Nginx · Nginx Njs

Name of the Vulnerable Software and Affected Versions: Nginx NJS versions 0.7.2 through 0.7.4 Description: The issue is related to a segmentation violation via the njs scope valid value function at njs scope.h. This could potentially allow a remote attacker to cause a denial of service. The vendo...

PT-2022-9794 · Lanner · Iac-Ast2500A

Name of the Vulnerable Software and Affected Versions: Lanner Inc IAC-AST2500A standard firmware version 1.10.0 Description: A broken access control issue in the First network func function of spx restservice allows an attacker to arbitrarily change the network configuration of the BMC...

PT-2022-26240 · Tenda · Tenda Ac1206

Name of the Vulnerable Software and Affected Versions: Tenda AC1206 version US AC1206V1.0RTL V15.03.06.23 multi TD01 Description: A stack overflow issue was discovered via the function formWifiBasicSet. Recommendations: For Tenda AC1206 version US AC1206V1.0RTL V15.03.06.23 multi TD01, consider...

PT-2022-26238 · Tenda · Tenda Ac1206

Name of the Vulnerable Software and Affected Versions: Tenda AC1206 version US AC1206V1.0RTL V15.03.06.23 multi TD01 Description: The issue concerns a Cross Site Request Forgery CSRF vulnerability. It occurs via the fromSysToolReboot function. Recommendations: For Tenda AC1206 version US...

PT-2022-7260 · Libde265 +3 · Libde265 +3

Name of the Vulnerable Software and Affected Versions: Libde265 versions 1.0.8 Description: The issue is related to a heap-buffer-overflow in the ff hevc put hevc epel pixels 8 sse function, which can be exploited by attackers to cause a Denial of Service DoS via a crafted video file. This...

PT-2022-25907 · Totolink · Totolink Nr1800X

Name of the Vulnerable Software and Affected Versions: TOTOLINK NR1800X version 9.1.0u.6279 B20210910 Description: The issue is related to an authenticated stack overflow that occurs via the File parameter in the UploadCustomModule function. This allows for potential exploitation. No information ...

PT-2022-25910 · Totolink · Totolink Nr1800X

Name of the Vulnerable Software and Affected Versions: TOTOLINK NR1800X version 9.1.0u.6279 B20210910 Description: The issue is an authenticated stack overflow that occurs via the command parameter in the setTracerouteCfg function. This allows for potential exploitation. No information is provide...

PT-2022-22568 · Swftools · Swftools

Name of the Vulnerable Software and Affected Versions: SWFTools version 772e55a2 Description: A stack overflow issue was discovered in SWFTools via the ImageStream::getPixelunsigned char function at /xpdf/Stream.cc. This issue may be exploited, but details about the estimated number of potentiall...

PT-2022-22560 · Swftools · Swftools

Name of the Vulnerable Software and Affected Versions: SWFTools version 772e55a2 Description: A floating point exception FPE was discovered in SWFTools via the DCTStream::readMCURow function at /xpdf/Stream.cc. This issue may be related to a problem in the readMCURow function. Recommendations: Fo...

PT-2022-24623 · Pbc · Pbc

Name of the Vulnerable Software and Affected Versions: PBC through 2022-8-27 Description: A SEGV issue was detected in the function pbc wmessage integer in src/wmessage.c:137. This issue affects PBC. Recommendations: For PBC through 2022-8-27, as a temporary workaround, consider disabling the pbc...

PT-2022-24465 · 10 Strike · 10-Strike Network Inventory Explorer

Name of the Vulnerable Software and Affected Versions: 10-Strike Network Inventory Explorer version 9.3 Description: A buffer overflow issue was discovered in the Add Computers function of the software. Recommendations: For version 9.3, consider disabling the Add Computers function until a patch ...

PT-2022-25534 · Bento4 · Bento4

Name of the Vulnerable Software and Affected Versions: Bento4 versions 1.6.0-639 and earlier Description: An issue was discovered in Bento4, where a NULL pointer dereference occurs in the AP4 StszAtom::WriteFields function. Recommendations: For Bento4 versions 1.6.0-639 and earlier, as a temporar...

PT-2022-7420 · Mplayer +4 · Mplayer +4

Name of the Vulnerable Software and Affected Versions: MPlayer versions SVN-r38374-13.0.1 mencoder versions SVN-r38374-13.0.1 Description: The issue is related to a Buffer Overflow via the gen sh video function in mplayer/libmpdemux/demux mov.c. This can potentially allow an attacker to cause a...

PT-2022-7411 · Unknown +3 · Libmpdemux +3

Name of the Vulnerable Software and Affected Versions: mplayer version SVN-r38374-13.0.1 mencoder version SVN-r38374-13.0.1 Description: The issue is related to a buffer overflow vulnerability via the asf init audio stream function in the libmpdemux/asfheader.c file. This can lead to a denial of...

PT-2022-7415 · Unknown +5 · Libmpdemux +5

Name of the Vulnerable Software and Affected Versions: MPlayer versions SVN-r38374-13.0.1 mencoder versions SVN-r38374-13.0.1 Description: The issue is related to a Divide By Zero vulnerability via the demux avi read packet function in libmpdemux/demux avi.c. This vulnerability may allow an...

PT-2022-8058 · Smarty +2 · Smarty +2

Name of the Vulnerable Software and Affected Versions: Smarty versions prior to 3.1.47 Smarty versions 4.x prior to 4.2.1 Description: The issue allows cross-site scripting XSS in the libs/plugins/function.mailto.php file. A web page using smarty function mailto and parameterized with GET or POST...

PT-2022-23667 · Samsung · Libsdkrecognitiontext.Spensdk.Samsung.So

Name of the Vulnerable Software and Affected Versions: libSDKRecognitionText.spensdk.samsung.so library versions prior to SMR Sep-2022 Release 1 Description: A heap-based overflow vulnerability in the GetCorrectDbLanguageTypeEsPKc function allows an attacker to cause a memory access fault...