Export limit exceeded: 363527 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (23183 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-40222 1 Ashlar 1 Cobalt 2025-09-16 7.8 High
In Ashlar-Vellum Cobalt versions prior to v12 SP2 Build (1204.200), the affected application lacks proper validation of user-supplied data when parsing CO files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
CVE-2021-47153 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-09-16 6 Medium
In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Don't generate an interrupt on bus reset Now that the i2c-i801 driver supports interrupts, setting the KILL bit in a attempt to recover from a timed out transaction triggers an interrupt. Unfortunately, the interrupt handler (i801_isr) is not prepared for this situation and will try to process the interrupt as if it was signaling the end of a successful transaction. In the case of a block transaction, this can result in an out-of-range memory access. This condition was reproduced several times by syzbot: https://syzkaller.appspot.com/bug?extid=ed71512d469895b5b34e https://syzkaller.appspot.com/bug?extid=8c8dedc0ba9e03f6c79e https://syzkaller.appspot.com/bug?extid=c8ff0b6d6c73d81b610e https://syzkaller.appspot.com/bug?extid=33f6c360821c399d69eb https://syzkaller.appspot.com/bug?extid=be15dc0b1933f04b043a https://syzkaller.appspot.com/bug?extid=b4d3fd1dfd53e90afd79 So disable interrupts while trying to reset the bus. Interrupts will be enabled again for the following transaction.
CVE-2024-26915 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-09-16 5.5 Medium
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Reset IH OVERFLOW_CLEAR bit Allows us to detect subsequent IH ring buffer overflows as well.
CVE-2024-33428 1 Stsaz 1 Phiola 2025-09-15 8.8 High
Buffer-Overflow vulnerability at conv.c:68 of stsaz phiola v2.0-rc22 allows a remote attacker to execute arbitrary code via the a crafted .wav file.
CVE-2025-57064 1 Tenda 2 G3, G3 Firmware 2025-09-15 7.5 High
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the bindDhcpIndex parameter in the modifyDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2025-57063 1 Tenda 2 G3, G3 Firmware 2025-09-15 7.5 High
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the portMappingIndex parameter in the formDelPortMapping function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2025-57061 1 Tenda 2 G3, G3 Firmware 2025-09-15 7.5 High
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formIPMacBindModify function via the ruleId, ip, mac, v6 and remark parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2025-57059 1 Tenda 2 G3, G3 Firmware 2025-09-15 7.5 High
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the dhcpIndex parameter in the addDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2025-57058 1 Tenda 2 G3, G3 Firmware 2025-09-15 7.5 High
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formSetDebugCfg function via the pEnable, pLevel, and pModule parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2025-57057 1 Tenda 2 G3, G3 Firmware 2025-09-15 7.5 High
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the listStr parameter in the ipMacBindListStore function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2024-22905 1 Arm 2 Mbed-os, Mbed Os 2025-09-15 7 High
Buffer Overflow vulnerability in ARM mbed-os v.6.17.0 allows a remote attacker to execute arbitrary code via a crafted script to the hciTrSerialRxIncoming function.
CVE-2024-50698 1 Sungrowpower 2 Winet-s, Winet-s Firmware 2025-09-15 9.8 Critical
SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to heap-based buffer overflow due to bounds checks of the MQTT message content.
CVE-2025-8846 1 Nasm 1 Netwide Assembler 2025-09-15 5.3 Medium
A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parse_line of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
CVE-2025-8843 1 Nasm 1 Netwide Assembler 2025-09-15 5.3 Medium
A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
CVE-2025-8845 1 Nasm 1 Netwide Assembler 2025-09-15 5.3 Medium
A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemble_file of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
CVE-2025-56267 1 Avigilon 1 Access Control Manager 2025-09-12 9.8 Critical
A CSV injection vulnerability in the /id_profiles endpoint of Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via suuplying a crafted Excel file.
CVE-2023-42276 1 Hutool 1 Hutool 2025-09-12 9.8 Critical
hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray.
CVE-2023-51074 2 Json-path, Redhat 5 Jayway Jsonpath, Amq Streams, Apache-camel-spring-boot and 2 more 2025-09-12 5.3 Medium
json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse() method.
CVE-2025-9136 1 Libretro 1 Retroarch 2025-09-12 5.3 Medium
A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestream_vscanf of the file libretro-common/streams/file_stream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It is recommended to upgrade the affected component.
CVE-2025-54241 3 Adobe, Apple, Microsoft 3 After Effects, Macos, Windows 2025-09-12 5.5 Medium
After Effects versions 25.3, 24.6.7 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure, potentially disclosing sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file.