Total
3168 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-37055 | 1 Dlink | 2 Go-rt-ac750, Go-rt-ac750 Firmware | 2025-01-06 | N/A | 9.8 CRITICAL |
| D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Buffer Overflow via cgibin, hnap_main, | |||||
| CVE-2024-47032 | 2025-01-03 | N/A | 7.8 HIGH | ||
| In construct_transaction_from_cmd of lwis_ioctl.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2022-28550 | 1 Jhead Project | 1 Jhead | 2025-01-03 | N/A | 9.8 CRITICAL |
| Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape(), jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when multiple `&i` or `&o` are given. | |||||
| CVE-2023-32674 | 1 Hp | 1 Pc Hardware Diagnostics | 2025-01-03 | N/A | 9.8 CRITICAL |
| Certain versions of HP PC Hardware Diagnostics Windows are potentially vulnerable to buffer overflow. | |||||
| CVE-2024-26134 | 2 Agronholm, Fedoraproject | 2 Cbor2, Fedora | 2025-01-02 | N/A | 7.5 HIGH |
| cbor2 provides encoding and decoding for the Concise Binary Object Representation (CBOR) (RFC 8949) serialization format. Starting in version 5.5.1 and prior to version 5.6.2, an attacker can crash a service using cbor2 to parse a CBOR binary by sending a long enough object. Version 5.6.2 contains a patch for this issue. | |||||
| CVE-2023-1329 | 1 Hp | 1914 Laserjet Managed Mfp E62665 3gy14a, Laserjet Managed Mfp E62665 3gy14a Firmware, Laserjet Managed Mfp E62665 3gy15a and 1911 more | 2024-12-31 | N/A | 9.8 CRITICAL |
| A potential security vulnerability has been identified for certain HP multifunction printers (MFPs). The vulnerability may lead to Buffer Overflow and/or Remote Code Execution when running HP Workpath solutions on potentially affected products. | |||||
| CVE-2022-48501 | 1 Huawei | 1 Emui | 2024-12-26 | N/A | 7.5 HIGH |
| Configuration defects in the secure OS module.Successful exploitation of this vulnerability will affect availability. | |||||
| CVE-2024-27045 | 1 Linux | 1 Linux Kernel | 2024-12-23 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix a potential buffer overflow in 'dp_dsc_clock_en_read()' Tell snprintf() to store at most 10 bytes in the output buffer instead of 30. Fixes the below: drivers/gpu/drm/amd/amdgpu/../display/amdgpu_dm/amdgpu_dm_debugfs.c:1508 dp_dsc_clock_en_read() error: snprintf() is printing too much 30 vs 10 | |||||
| CVE-2024-47864 | 2024-12-23 | N/A | 5.3 MEDIUM | ||
| home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain a buffer overflow vulnerability in the hidden debug function. A remote unauthenticated attacker may get the web console of the product down. | |||||
| CVE-2024-32664 | 1 Oisf | 1 Suricata | 2024-12-19 | N/A | 5.3 MEDIUM |
| Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.5 and 6.0.19, specially crafted traffic or datasets can cause a limited buffer overflow. This vulnerability is fixed in 7.0.5 and 6.0.19. Workarounds include not use rules with `base64_decode` keyword with `bytes` option with value 1, 2 or 5 and for 7.0.x, setting `app-layer.protocols.smtp.mime.body-md5` to false. | |||||
| CVE-2020-6923 | 2024-12-19 | N/A | 5.7 MEDIUM | ||
| The HP Linux Imaging and Printing (HPLIP) software may potentially be affected by memory buffer overflow. | |||||
| CVE-2017-13308 | 1 Google | 1 Android | 2024-12-19 | N/A | 6.7 MEDIUM |
| In tscpu_write_GPIO_out and mtkts_Abts_write of mtk_ts_Abts.c, there is a possible buffer overflow in an sscanf due to improper input validation. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2018-9386 | 1 Google | 1 Android | 2024-12-19 | N/A | 6.7 MEDIUM |
| In reboot_block_command of htc reboot_block driver, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2018-9402 | 1 Google | 1 Android | 2024-12-19 | N/A | 7.8 HIGH |
| In multiple functions of gl_proc.c, there is a buffer overwrite due to a missing bounds check. This could lead to escalation of privileges in the kernel. | |||||
| CVE-2018-9403 | 1 Google | 1 Android | 2024-12-19 | N/A | 6.7 MEDIUM |
| In the MTK_FLP_MSG_HAL_DIAG_REPORT_DATA_NTF handler of flp2hal_- interface.c, there is a possible stack buffer overflow due to a missing bounds check. This could lead to local escalation of privilege in a privileged process with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2017-13319 | 1 Google | 1 Android | 2024-12-18 | N/A | 7.5 HIGH |
| In pvmp3_get_main_data_size of pvmp3_get_main_data_size.cpp, there is a possible buffer overread due to a missing bounds check. This could lead to remote information disclosure of global static variables with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-12373 | 2024-12-18 | N/A | N/A | ||
| A denial-of-service vulnerability exists in the Rockwell Automation Power Monitor 1000. The vulnerability results in a buffer-overflow, potentially causing denial-of-service. | |||||
| CVE-2018-9418 | 1 Google | 1 Android | 2024-12-18 | N/A | 9.8 CRITICAL |
| In handle_app_cur_val_response of dtif_rc.cc, there is a possible stack buffer overflow due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-21143 | 1 Google | 1 Android | 2024-12-18 | N/A | 5.5 MEDIUM |
| In multiple functions of multiple files, there is a possible way to make the device unusable due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-268193777 | |||||
| CVE-2023-21136 | 1 Google | 1 Android | 2024-12-18 | N/A | 5.5 MEDIUM |
| In multiple functions of JobStore.java, there is a possible way to cause a crash on startup due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-246542285 | |||||