Export limit exceeded: 363527 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23183 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40222 | 1 Ashlar | 1 Cobalt | 2025-09-16 | 7.8 High |
| In Ashlar-Vellum Cobalt versions prior to v12 SP2 Build (1204.200), the affected application lacks proper validation of user-supplied data when parsing CO files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2021-47153 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-09-16 | 6 Medium |
| In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Don't generate an interrupt on bus reset Now that the i2c-i801 driver supports interrupts, setting the KILL bit in a attempt to recover from a timed out transaction triggers an interrupt. Unfortunately, the interrupt handler (i801_isr) is not prepared for this situation and will try to process the interrupt as if it was signaling the end of a successful transaction. In the case of a block transaction, this can result in an out-of-range memory access. This condition was reproduced several times by syzbot: https://syzkaller.appspot.com/bug?extid=ed71512d469895b5b34e https://syzkaller.appspot.com/bug?extid=8c8dedc0ba9e03f6c79e https://syzkaller.appspot.com/bug?extid=c8ff0b6d6c73d81b610e https://syzkaller.appspot.com/bug?extid=33f6c360821c399d69eb https://syzkaller.appspot.com/bug?extid=be15dc0b1933f04b043a https://syzkaller.appspot.com/bug?extid=b4d3fd1dfd53e90afd79 So disable interrupts while trying to reset the bus. Interrupts will be enabled again for the following transaction. | ||||
| CVE-2024-26915 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-09-16 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Reset IH OVERFLOW_CLEAR bit Allows us to detect subsequent IH ring buffer overflows as well. | ||||
| CVE-2024-33428 | 1 Stsaz | 1 Phiola | 2025-09-15 | 8.8 High |
| Buffer-Overflow vulnerability at conv.c:68 of stsaz phiola v2.0-rc22 allows a remote attacker to execute arbitrary code via the a crafted .wav file. | ||||
| CVE-2025-57064 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-15 | 7.5 High |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the bindDhcpIndex parameter in the modifyDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-57063 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-15 | 7.5 High |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the portMappingIndex parameter in the formDelPortMapping function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-57061 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-15 | 7.5 High |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formIPMacBindModify function via the ruleId, ip, mac, v6 and remark parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-57059 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-15 | 7.5 High |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the dhcpIndex parameter in the addDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-57058 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-15 | 7.5 High |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formSetDebugCfg function via the pEnable, pLevel, and pModule parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2025-57057 | 1 Tenda | 2 G3, G3 Firmware | 2025-09-15 | 7.5 High |
| Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the listStr parameter in the ipMacBindListStore function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request. | ||||
| CVE-2024-22905 | 1 Arm | 2 Mbed-os, Mbed Os | 2025-09-15 | 7 High |
| Buffer Overflow vulnerability in ARM mbed-os v.6.17.0 allows a remote attacker to execute arbitrary code via a crafted script to the hciTrSerialRxIncoming function. | ||||
| CVE-2024-50698 | 1 Sungrowpower | 2 Winet-s, Winet-s Firmware | 2025-09-15 | 9.8 Critical |
| SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to heap-based buffer overflow due to bounds checks of the MQTT message content. | ||||
| CVE-2025-8846 | 1 Nasm | 1 Netwide Assembler | 2025-09-15 | 5.3 Medium |
| A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parse_line of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8843 | 1 Nasm | 1 Netwide Assembler | 2025-09-15 | 5.3 Medium |
| A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8845 | 1 Nasm | 1 Netwide Assembler | 2025-09-15 | 5.3 Medium |
| A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemble_file of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-56267 | 1 Avigilon | 1 Access Control Manager | 2025-09-12 | 9.8 Critical |
| A CSV injection vulnerability in the /id_profiles endpoint of Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via suuplying a crafted Excel file. | ||||
| CVE-2023-42276 | 1 Hutool | 1 Hutool | 2025-09-12 | 9.8 Critical |
| hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray. | ||||
| CVE-2023-51074 | 2 Json-path, Redhat | 5 Jayway Jsonpath, Amq Streams, Apache-camel-spring-boot and 2 more | 2025-09-12 | 5.3 Medium |
| json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse() method. | ||||
| CVE-2025-9136 | 1 Libretro | 1 Retroarch | 2025-09-12 | 5.3 Medium |
| A flaw has been found in libretro RetroArch 1.18.0/1.19.0/1.20.0. This affects the function filestream_vscanf of the file libretro-common/streams/file_stream.c. This manipulation causes out-of-bounds read. The attack needs to be launched locally. Upgrading to version 1.21.0 mitigates this issue. It is recommended to upgrade the affected component. | ||||
| CVE-2025-54241 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2025-09-12 | 5.5 Medium |
| After Effects versions 25.3, 24.6.7 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure, potentially disclosing sensitive information. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||