Search Results (23269 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-49849 2026-04-15 N/A
An Out-of-bounds Read vulnerability exists within the parsing of PRJ files. The issues result from the lack of proper validation of user-supplied data, which can result in different memory corruption issues within the application, such as reading and writing past the end of allocated data structures.
CVE-2025-3714 2026-04-15 9.8 Critical
The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow vulnerability in firmware versions prior to v2.2.215, allowing unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
CVE-2025-7945 2026-04-15 8.8 High
A vulnerability was found in D-Link DIR-513 up to 20190831. It has been declared as critical. This vulnerability affects the function formSetWanDhcpplus of the file /goform/formSetWanDhcpplus. The manipulation of the argument curTime leads to buffer overflow. The attack can be initiated remotely. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-3713 2026-04-15 7.5 High
The LCD KVM over IP Switch CL5708IM has a Heap-based Buffer Overflow vulnerability in firmware versions prior to v2.2.215, allowing unauthenticated remote attackers to exploit this vulnerability to perform a denial-of-service attack.
CVE-2025-3712 2026-04-15 7.5 High
The LCD KVM over IP Switch CL5708IM has a Heap-based Buffer Overflow vulnerability in firmware versions prior to v2.2.215, allowing unauthenticated remote attackers to exploit this vulnerability to perform a denial-of-service attack.
CVE-2025-3711 2026-04-15 9.8 Critical
The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow vulnerability in firmware versions prior to v2.2.215, allowing unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
CVE-2025-3710 2026-04-15 9.8 Critical
The LCD KVM over IP Switch CL5708IM has a Stack-based Buffer Overflow vulnerability in firmware versions prior to v2.2.215, allowing unauthenticated remote attackers to exploit this vulnerability to execute arbitrary code on the device.
CVE-2025-29943 1 Amd 6 Epyc, Epyc 8004, Epyc 9004 and 3 more 2026-04-15 3.2 Low
Write what were condition within AMD CPUs may allow an admin-privileged attacker to modify the configuration of the CPU pipeline potentially resulting in the corruption of the stack pointer inside an SEV-SNP guest.
CVE-2025-29948 1 Amd 2 Epyc 9005 Series Processors, Epyc Embedded 9005 Series Processors 2026-04-15 N/A
Improper access control in AMD Secure Encrypted Virtualization (SEV) firmware could allow a malicious hypervisor to bypass RMP protections, potentially resulting in a loss of SEV-SNP guest memory integrity.
CVE-2025-29950 1 Amd 19 Epyc 7001 Series Processors, Epyc 7002 Series Processors, Epyc 7003 Series Processors and 16 more 2026-04-15 N/A
Improper input validation in system management mode (SMM) could allow a privileged attacker to overwrite stack memory leading to arbitrary code execution.
CVE-2025-29951 1 Amd 4 Ryzen 5000 Series Mobile Processors With Radeon Graphics, Ryzen Embedded R1000 Series Processors, Ryzen Embedded R2000 Series Processors and 1 more 2026-04-15 N/A
A buffer overflow in the AMD Secure Processor (ASP) bootloader could allow an attacker to overwrite memory, potentially resulting in privilege escalation and arbitrary code execution.
CVE-2025-64693 2 Intercom, Microsoft 2 Malion, Windows 2026-04-15 N/A
Security Point (Windows) of MaLion and MaLionCloud contains a heap-based buffer overflow vulnerability in processing Content-Length. Receiving a specially crafted request from a remote unauthenticated attacker could lead to arbitrary code execution with SYSTEM privilege.
CVE-2025-34165 2 Netsupport, Netsupportsoftware 3 Netsupport Manager Agent, Netsupport Manager Client, Netsupport Manager 2026-04-15 N/A
A stack-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attacker to cause a denial of service (DoS) or potentially leak a limited amount of memory.
CVE-2025-9961 1 Tp-link 3 Ax10, Ax1500, Tp-link 2026-04-15 N/A
An authenticated attacker may remotely execute arbitrary code via the CWMP binary on the devices AX10 and AX1500.  The exploit can only be conducted via a Man-In-The-Middle (MITM) attack.  This issue affects AX10 V1/V1.2/V2/V2.6/V3/V3.6: before 1.2.1; AX1500 V1/V1.20/V1.26/V1.60/V1.80/V2.60/V3.6: before 1.3.11.
CVE-2025-40634 1 Tp-link 1 Archer Ax50 2026-04-15 N/A
Stack-based buffer overflow vulnerability in the 'conn-indicator' binary running as root on the TP-Link Archer AX50 router, in firmware versions prior to 1.0.15 build 241203 rel61480. This vulnerability allows an attacker to execute arbitrary code on the device over LAN and WAN networks.
CVE-2024-36438 1 Elinksmart 1 Smart Cabinet Lock 2026-04-15 7.3 High
eLinkSmart Hidden Smart Cabinet Lock 2024-05-22 has Incorrect Access Control and fails to perform an authorization check which can lead to card duplication and other attacks.
CVE-2025-23302 1 Nvidia 5 Dgx, Dgx-1, Dgx-2 and 2 more 2026-04-15 4.2 Medium
NVIDIA HGX and DGX contain a vulnerability where a misconfiguration of the LS10 could enable an attacker to set an unsafe debug access level. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23301 1 Nvidia 5 Dgx, Dgx-1, Dgx-2 and 2 more 2026-04-15 4.2 Medium
NVIDIA HGX and DGX contain a vulnerability where a misconfiguration of the VBIOS could enable an attacker to set an unsafe debug access level. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23274 1 Nvidia 2 Cuda Toolkit, Nvjpeg 2026-04-15 4.5 Medium
NVIDIA nvJPEG contains a vulnerability in jpeg encoding where a user may cause an out-of-bounds read by providing a maliciously crafted input image with dimensions that cause integer overflows in array index calculations. A successful exploit of this vulnerability may lead to denial of service.
CVE-2025-23272 1 Nvidia 2 Cuda Toolkit, Nvjpeg 2026-04-15 5.7 Medium
NVIDIA nvJPEG library contains a vulnerability where an attacker can cause an out-of-bounds read by means of a specially crafted JPEG file. A successful exploit of this vulnerability might lead to information disclosure or denial of service.