CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2022(Memory Corruption)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2022-45869 362 DoS Mem. Corr. 2022-11-30 2022-12-02
0.0
None ??? ??? ??? ??? ??? ???
A race condition in the x86 KVM subsystem in the Linux kernel through 6.1-rc6 allows guest OS users to cause a denial of service (host OS crash or host OS memory corruption) when nested virtualisation and the TDP MMU are enabled.
2 CVE-2022-44789 119 Exec Code Overflow Mem. Corr. 2022-11-23 2022-11-29
0.0
None ??? ??? ??? ??? ??? ???
A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file.
3 CVE-2022-42944 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
4 CVE-2022-42943 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
5 CVE-2022-42942 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
6 CVE-2022-42941 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
7 CVE-2022-42940 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
8 CVE-2022-42939 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
9 CVE-2022-42938 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted TGA file when consumed through DesignReview.exe application could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
10 CVE-2022-42937 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
11 CVE-2022-42936 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
12 CVE-2022-42935 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
13 CVE-2022-42934 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
14 CVE-2022-42933 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
15 CVE-2022-42820 Exec Code Mem. Corr. 2022-11-01 2022-11-03
0.0
None ??? ??? ??? ??? ??? ???
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 16.1 and iPadOS 16, macOS Ventura 13. An app may cause unexpected app termination or arbitrary code execution.
16 CVE-2022-42309 763 Mem. Corr. 2022-11-01 2022-11-29
0.0
None ??? ??? ??? ??? ??? ???
Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage. Entering the error path can be controlled by the guest e.g. by exceeding the quota value of maximum nodes per domain.
17 CVE-2022-41745 125 Exec Code Mem. Corr. 2022-10-10 2022-10-11
0.0
None ??? ??? ??? ??? ??? ???
An Out-of-Bounds access vulnerability in Trend Micro Apex One could allow a local attacker to create a specially crafted message to cause memory corruption on a certain service process which could lead to local privilege escalation on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
18 CVE-2022-41686 125 Mem. Corr. 2022-10-14 2022-10-17
0.0
None ??? ??? ??? ??? ??? ???
OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The processes with system user UID run on the device would be able to write out-of-bound memory which could lead to unspecified memory corruption.
19 CVE-2022-41310 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
20 CVE-2022-41309 787 Exec Code Mem. Corr. 2022-10-21 2022-10-24
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted .dwf or .pct file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
21 CVE-2022-41308 787 Exec Code Mem. Corr. 2022-10-14 2022-10-19
0.0
None ??? ??? ??? ??? ??? ???
A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
22 CVE-2022-41307 787 Exec Code Mem. Corr. 2022-10-14 2022-10-19
0.0
None ??? ??? ??? ??? ??? ???
A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
23 CVE-2022-41306 787 Exec Code Mem. Corr. 2022-10-14 2022-10-19
0.0
None ??? ??? ??? ??? ??? ???
A maliciously crafted PCT file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
24 CVE-2022-41305 787 Exec Code Mem. Corr. 2022-10-14 2022-10-18
0.0
None ??? ??? ??? ??? ??? ???
A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
25 CVE-2022-41301 787 Exec Code Mem. Corr. 2022-10-03 2022-10-14
0.0
None ??? ??? ??? ??? ??? ???
A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
26 CVE-2022-38861 787 Mem. Corr. 2022-09-15 2022-09-20
0.0
None ??? ??? ??? ??? ??? ???
The MPlayer Project mplayer SVN-r38374-13.0.1 is vulnerable to memory corruption via function free_mp_image() of libmpcodecs/mp_image.c.
27 CVE-2022-38690 787 DoS Mem. Corr. 2022-10-14 2022-10-17
0.0
None ??? ??? ??? ??? ??? ???
In camera driver, there is a possible memory corruption due to improper locking. This could lead to local denial of service in kernel.
28 CVE-2022-36448 Mem. Corr. 2022-09-28 2022-09-30
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. There is an SMM memory corruption vulnerability in the Software SMI handler in the PnpSmm driver.
29 CVE-2022-35895 787 Exec Code Mem. Corr. 2022-09-21 2022-09-26
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The FwBlockSericceSmm driver does not properly validate input parameters for a software SMI routine, leading to memory corruption of arbitrary addresses including SMRAM, and possible arbitrary code execution.
30 CVE-2022-35893 Mem. Corr. 2022-09-23 2022-09-28
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM memory corruption vulnerability in the FvbServicesRuntimeDxe driver allows an attacker to write fixed or predictable data to SMRAM. Exploiting this issue could lead to escalating privileges to SMM.
31 CVE-2022-35887 134 DoS Mem. Corr. 2022-10-25 2022-10-27
0.0
None ??? ??? ??? ??? ??? ???
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted HTTP request can lead to memory corruption, information disclosure and denial of service. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability arises from format string injection via the `default_key_id` HTTP parameter, as used within the `/action/wirelessConnect` handler.
32 CVE-2022-35886 134 DoS Mem. Corr. 2022-10-25 2022-10-27
0.0
None ??? ??? ??? ??? ??? ???
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted HTTP request can lead to memory corruption, information disclosure and denial of service. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability arises from format string injection via the `default_key_id` and `key` HTTP parameters, as used within the `/action/wirelessConnect` handler.
33 CVE-2022-35885 134 DoS Mem. Corr. 2022-10-25 2022-10-27
0.0
None ??? ??? ??? ??? ??? ???
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted HTTP request can lead to memory corruption, information disclosure and denial of service. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability arises from format string injection via the `wpapsk_hex` HTTP parameter, as used within the `/action/wirelessConnect` handler.
34 CVE-2022-35884 134 DoS Mem. Corr. 2022-10-25 2022-10-27
0.0
None ??? ??? ??? ??? ??? ???
Four format string injection vulnerabilities exist in the web interface /action/wirelessConnect functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted HTTP request can lead to memory corruption, information disclosure and denial of service. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.This vulnerability arises from format string injection via the `ssid_hex` HTTP parameter, as used within the `/action/wirelessConnect` handler.
35 CVE-2022-35881 134 DoS Mem. Corr. 2022-10-25 2022-10-27
0.0
None ??? ??? ??? ??? ??? ???
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicious UPnP service to trigger these vulnerabilities.This vulnerability arises from format string injection via `errorCode` and `errorDescription` XML tags, as used within the `DoUpdateUPnPbyService` action handler.
36 CVE-2022-35880 134 DoS Mem. Corr. 2022-10-25 2022-10-27
0.0
None ??? ??? ??? ??? ??? ???
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicious UPnP service to trigger these vulnerabilities.This vulnerability arises from format string injection via `NewInternalClient` XML tag, as used within the `DoUpdateUPnPbyService` action handler.
37 CVE-2022-35879 134 DoS Mem. Corr. 2022-10-25 2022-10-27
0.0
None ??? ??? ??? ??? ??? ???
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicious UPnP service to trigger these vulnerabilities.This vulnerability arises from format string injection via `controlURL` XML tag, as used within the `DoUpdateUPnPbyService` action handler.
38 CVE-2022-35878 134 DoS Mem. Corr. 2022-10-25 2022-10-27
0.0
None ??? ??? ??? ??? ??? ???
Four format string injection vulnerabilities exist in the UPnP logging functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted UPnP negotiation can lead to memory corruption, information disclosure, and denial of service. An attacker can host a malicious UPnP service to trigger these vulnerabilities.This vulnerability arises from format string injection via `ST` and `Location` HTTP response headers, as used within the `DoEnumUPnPService` action handler.
39 CVE-2022-35877 134 DoS Mem. Corr. 2022-10-25 2022-10-28
0.0
None ??? ??? ??? ??? ??? ???
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a configuration value and then execute an XCMD to trigger these vulnerabilities.This vulnerability arises from format string injection via the `default_key_id` configuration parameter, as used within the `testWifiAP` XCMD handler
40 CVE-2022-35876 134 DoS Mem. Corr. 2022-10-25 2022-10-28
0.0
None ??? ??? ??? ??? ??? ???
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a configuration value and then execute an XCMD to trigger these vulnerabilities.This vulnerability arises from format string injection via the `default_key_id` and `key` configuration parameters, as used within the `testWifiAP` XCMD handler
41 CVE-2022-35875 134 DoS Mem. Corr. 2022-10-25 2022-10-28
0.0
None ??? ??? ??? ??? ??? ???
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a configuration value and then execute an XCMD to trigger these vulnerabilities.This vulnerability arises from format string injection via the `wpapsk` configuration parameter, as used within the `testWifiAP` XCMD handler
42 CVE-2022-35874 134 DoS Mem. Corr. 2022-10-25 2022-10-28
0.0
None ??? ??? ??? ??? ??? ???
Four format string injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9X and 6.9Z. Specially-crafted configuration values can lead to memory corruption, information disclosure and denial of service. An attacker can modify a configuration value and then execute an XCMD to trigger these vulnerabilities.This vulnerability arises from format string injection via the `ssid` and `ssid_hex` configuration parameters, as used within the `testWifiAP` XCMD handler
43 CVE-2022-35299 121 Overflow Mem. Corr. 2022-10-11 2022-10-12
0.0
None ??? ??? ??? ??? ??? ???
SAP SQL Anywhere - version 17.0, and SAP IQ - version 16.1, allows an attacker to leverage logical errors in memory management to cause a memory corruption, such as Stack-based buffer overflow.
44 CVE-2022-35244 134 DoS Mem. Corr. 2022-10-25 2022-10-26
0.0
None ??? ??? ??? ??? ??? ???
A format string injection vulnerability exists in the XCMD getVarHA functionality of abode systems, inc. iota All-In-One Security Kit 6.9X and 6.9Z. A specially-crafted XCMD can lead to memory corruption, information disclosure, and denial of service. An attacker can send a malicious XML payload to trigger this vulnerability.
45 CVE-2022-33938 134 DoS Mem. Corr. 2022-10-25 2022-10-26
0.0
None ??? ??? ??? ??? ??? ???
A format string injection vulnerability exists in the ghome_process_control_packet functionality of Abode Systems, Inc. iota All-In-One Security Kit 6.9Z and 6.9X. A specially-crafted XCMD can lead to memory corruption, information disclosure and denial of service. An attacker can send a malicious XML payload to trigger this vulnerability.
46 CVE-2022-33896 124 Exec Code Mem. Corr. 2022-10-07 2022-10-11
0.0
None ??? ??? ??? ??? ??? ???
A buffer underflow vulnerability exists in the way Hword of Hancom Office 2020 version 11.0.0.5357 parses XML-based office files. A specially-crafted malformed file can cause memory corruption by using memory before buffer start, which can lead to code execution. A victim would need to access a malicious file to trigger this vulnerability.
47 CVE-2022-33890 787 Exec Code Mem. Corr. 2022-10-03 2022-12-03
0.0
None ??? ??? ??? ??? ??? ???
A maliciously crafted PCT or DWF file when consumed through DesignReview.exe application could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
48 CVE-2022-33888 787 Exec Code Mem. Corr. 2022-10-03 2022-10-05
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted Dwg2Spd file when processed through Autodesk DWG application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
49 CVE-2022-33883 787 Exec Code Mem. Corr. 2022-10-03 2022-10-04
0.0
None ??? ??? ??? ??? ??? ???
A malicious crafted file consumed through Moldflow Synergy, Moldflow Adviser, Moldflow Communicator, and Advanced Material Exchange applications could lead to memory corruption vulnerability. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
50 CVE-2022-33234 Mem. Corr. 2022-11-15 2022-11-18
0.0
None ??? ??? ??? ??? ??? ???
Memory corruption in video due to configuration weakness. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
Total number of vulnerabilities : 350   Page : 1 (This Page)2 3 4 5 6 7
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.