Export limit exceeded: 10706 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 23185 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (23185 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-5931 2 Zephyrproject, Zephyrproject-rtos 2 Zephyr, Zephyr 2025-09-17 6.3 Medium
BT: Unchecked user input in bap_broadcast_assistant
CVE-2025-8159 2 D-link, Dlink 3 Dir-513, Dir-513, Dir-513 Firmware 2025-09-16 8.8 High
A vulnerability was found in D-Link DIR-513 1.0. It has been rated as critical. This issue affects the function formLanguageChange of the file /goform/formLanguageChange of the component HTTP POST Request Handler. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2023-40222 1 Ashlar 1 Cobalt 2025-09-16 7.8 High
In Ashlar-Vellum Cobalt versions prior to v12 SP2 Build (1204.200), the affected application lacks proper validation of user-supplied data when parsing CO files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process.
CVE-2021-47153 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-09-16 6 Medium
In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Don't generate an interrupt on bus reset Now that the i2c-i801 driver supports interrupts, setting the KILL bit in a attempt to recover from a timed out transaction triggers an interrupt. Unfortunately, the interrupt handler (i801_isr) is not prepared for this situation and will try to process the interrupt as if it was signaling the end of a successful transaction. In the case of a block transaction, this can result in an out-of-range memory access. This condition was reproduced several times by syzbot: https://syzkaller.appspot.com/bug?extid=ed71512d469895b5b34e https://syzkaller.appspot.com/bug?extid=8c8dedc0ba9e03f6c79e https://syzkaller.appspot.com/bug?extid=c8ff0b6d6c73d81b610e https://syzkaller.appspot.com/bug?extid=33f6c360821c399d69eb https://syzkaller.appspot.com/bug?extid=be15dc0b1933f04b043a https://syzkaller.appspot.com/bug?extid=b4d3fd1dfd53e90afd79 So disable interrupts while trying to reset the bus. Interrupts will be enabled again for the following transaction.
CVE-2024-26915 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-09-16 5.5 Medium
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Reset IH OVERFLOW_CLEAR bit Allows us to detect subsequent IH ring buffer overflows as well.
CVE-2024-33428 1 Stsaz 1 Phiola 2025-09-15 8.8 High
Buffer-Overflow vulnerability at conv.c:68 of stsaz phiola v2.0-rc22 allows a remote attacker to execute arbitrary code via the a crafted .wav file.
CVE-2025-57064 1 Tenda 2 G3, G3 Firmware 2025-09-15 7.5 High
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the bindDhcpIndex parameter in the modifyDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2025-57063 1 Tenda 2 G3, G3 Firmware 2025-09-15 7.5 High
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the portMappingIndex parameter in the formDelPortMapping function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2025-57061 1 Tenda 2 G3, G3 Firmware 2025-09-15 7.5 High
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formIPMacBindModify function via the ruleId, ip, mac, v6 and remark parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2025-57059 1 Tenda 2 G3, G3 Firmware 2025-09-15 7.5 High
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the dhcpIndex parameter in the addDhcpRule function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2025-57058 1 Tenda 2 G3, G3 Firmware 2025-09-15 7.5 High
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain multiple stack overflows in the formSetDebugCfg function via the pEnable, pLevel, and pModule parameters. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2025-57057 1 Tenda 2 G3, G3 Firmware 2025-09-15 7.5 High
Tenda G3 v3.0br_V15.11.0.17 was discovered to contain a stack overflow in the listStr parameter in the ipMacBindListStore function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.
CVE-2024-22905 1 Arm 2 Mbed-os, Mbed Os 2025-09-15 7 High
Buffer Overflow vulnerability in ARM mbed-os v.6.17.0 allows a remote attacker to execute arbitrary code via a crafted script to the hciTrSerialRxIncoming function.
CVE-2024-50698 1 Sungrowpower 2 Winet-s, Winet-s Firmware 2025-09-15 9.8 Critical
SunGrow WiNet-SV200.001.00.P027 and earlier versions is vulnerable to heap-based buffer overflow due to bounds checks of the MQTT message content.
CVE-2025-8846 1 Nasm 1 Netwide Assembler 2025-09-15 5.3 Medium
A vulnerability has been found in NASM Netwide Assember 2.17rc0. Affected is the function parse_line of the file parser.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
CVE-2025-8843 1 Nasm 1 Netwide Assembler 2025-09-15 5.3 Medium
A vulnerability was found in NASM Netwide Assember 2.17rc0. This affects the function macho_no_dead_strip of the file outmacho.c. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
CVE-2025-8845 1 Nasm 1 Netwide Assembler 2025-09-15 5.3 Medium
A vulnerability was identified in NASM Netwide Assember 2.17rc0. This issue affects the function assemble_file of the file nasm.c. The manipulation leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
CVE-2025-56267 1 Avigilon 1 Access Control Manager 2025-09-12 9.8 Critical
A CSV injection vulnerability in the /id_profiles endpoint of Avigilon ACM v7.10.0.20 allows attackers to execute arbitrary code via suuplying a crafted Excel file.
CVE-2023-42276 1 Hutool 1 Hutool 2025-09-12 9.8 Critical
hutool v5.8.21 was discovered to contain a buffer overflow via the component jsonArray.
CVE-2023-51074 2 Json-path, Redhat 5 Jayway Jsonpath, Amq Streams, Apache-camel-spring-boot and 2 more 2025-09-12 5.3 Medium
json-path v2.8.0 was discovered to contain a stack overflow via the Criteria.parse() method.