Export limit exceeded: 364883 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364883 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-52581 2 Libbiosig Project, The Biosig Project 2 Libbiosig, Libbiosig 2025-11-03 9.8 Critical
An integer overflow vulnerability exists in the GDF parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted GDF file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2025-52461 2 Libbiosig Project, The Biosig Project 2 Libbiosig, Libbiosig 2025-11-03 8.2 High
An out-of-bounds read vulnerability exists in the Nex parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted .nex file can lead to an information leak. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2025-52456 2 Sail, Sail Software 2 Sail, Sail Image Decoding Library 2025-11-03 8.8 High
A memory corruption vulnerability exists in the WebP Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .webp animation an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based buffer to overflow when decoding the image which can lead to remote code execution. An attacker will need to convince the library to read a file to trigger this vulnerability.
CVE-2025-50129 2 Sail, Sail Software 2 Sail, Sail Image Decoding Library 2025-11-03 8.8 High
A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decoding the image data from a specially crafted .tga file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to convince the library to read a file to trigger this vulnerability.
CVE-2025-48060 2 Jqlang, Redhat 7 Jq, Enterprise Linux, Rhel Aus and 4 more 2025-11-03 7.5 High
jq is a command-line JSON processor. In versions up to and including 1.7.1, a heap-buffer-overflow is present in function `jv_string_vfmt` in the jq_fuzz_execute harness from oss-fuzz. This crash happens on file jv.c, line 1456 `void* p = malloc(sz);`. As of time of publication, no patched versions are available.
CVE-2025-48005 2 Libbiosig Project, The Biosig Project 2 Libbiosig, Libbiosig 2025-11-03 9.8 Critical
A heap-based buffer overflow vulnerability exists in the RHS2000 parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted RHS2000 file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2025-46411 2 Libbiosig Project, The Biosig Project 2 Libbiosig, Libbiosig 2025-11-03 8.1 High
A stack-based buffer overflow vulnerability exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.0 and Master Branch (35a819fa). A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2025-46407 2 Sail, Sail Software 2 Sail, Sail Image Decoding Library 2025-11-03 8.8 High
A memory corruption vulnerability exists in the BMPv3 Palette Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur which will cause a heap-based buffer to overflow when reading the palette from the image. These conditions can allow for remote code execution. An attacker will need to convince the library to read a file to trigger this vulnerability.
CVE-2025-35984 2 Sail, Sail Software 2 Sail, Sail Image Decoding Library 2025-11-03 8.8 High
A memory corruption vulnerability exists in the PCX Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When decoding the image data from a specially crafted .pcx file, a heap-based buffer overflow can occur which allows for remote code execution. An attacker will need to convince the library to read a file to trigger this vulnerability.
CVE-2025-32468 2 Sail, Sail Software 2 Sail, Sail Image Decoding Library 2025-11-03 8.8 High
A memory corruption vulnerability exists in the BMPv3 Image Decoding functionality of the SAIL Image Decoding Library v0.9.8. When loading a specially crafted .bmp file, an integer overflow can be made to occur when calculating the stride for decoding. Afterwards, this will cause a heap-based buffer to overflow when decoding the image which can lead to remote code execution. An attacker will need to convince the library to read a file to trigger this vulnerability.
CVE-2025-32010 1 Tenda 2 Ac6, Ac6 Firmware 2025-11-03 8.1 High
A stack-based buffer overflow vulnerability exists in the Cloud API functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP response can lead to arbitrary code execution. An attacker can send an HTTP response to trigger this vulnerability.
CVE-2025-30472 2 Corosync, Redhat 2 Corosync, Enterprise Linux 2025-11-03 9 Critical
Corosync through 3.1.9, if encryption is disabled or the attacker knows the encryption key, has a stack-based buffer overflow in orf_token_endian_convert in exec/totemsrp.c via a large UDP packet.
CVE-2025-30256 1 Tenda 2 Ac6, Ac6 Firmware 2025-11-03 8.6 High
A denial of service vulnerability exists in the HTTP Header Parsing functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted series of HTTP requests can lead to a reboot. An attacker can send multiple network packets to trigger this vulnerability.
CVE-2025-27129 1 Tenda 2 Ac6, Ac6 Firmware 2025-11-03 9.8 Critical
An authentication bypass vulnerability exists in the HTTP authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can send packets to trigger this vulnerability.
CVE-2025-24496 1 Tenda 2 Ac6, Ac6 Firmware 2025-11-03 7.5 High
An information disclosure vulnerability exists in the /goform/getproductInfo functionality of Tenda AC6 V5.0 V02.03.01.110. Specially crafted network packets can lead to a disclosure of sensitive information. An attacker can send packets to trigger this vulnerability.
CVE-2025-24322 1 Tenda 2 Ac6, Ac6 Firmware 2025-11-03 8.1 High
An unsafe default authentication vulnerability exists in the Initial Setup Authentication functionality of Tenda AC6 V5.0 V02.03.01.110. A specially crafted network request can lead to arbitrary code execution. An attacker can browse to the device to trigger this vulnerability.
CVE-2025-23340 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Cuda Toolkit 2025-11-03 3.3 Low
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2025-23338 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Cuda Toolkit 2025-11-03 3.3 Low
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in nvdisasm where a user may cause an out-of-bounds write by running nvdisasm on a malicious ELF file. A successful exploit of this vulnerability may lead to denial of service.
CVE-2025-23271 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Cuda Toolkit 2025-11-03 3.3 Low
NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the nvdisasm binary where a user may cause an out-of-bounds read by passing a malformed ELF file to nvdisasm. A successful exploit of this vulnerability may lead to a partial denial of service.
CVE-2025-20128 2 Cisco, Clamav 3 Secure Endpoint, Secure Endpoint Private Cloud, Clamav 2025-11-03 5.3 Medium
A vulnerability in the Object Linking and Embedding 2 (OLE2) decryption routine of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to an integer underflow in a bounds check that allows for a heap buffer overflow read. An attacker could exploit this vulnerability by submitting a crafted file containing OLE2 content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software. For a description of this vulnerability, see the . Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.