Total
1229 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-32400 | 1 Rt-labs | 1 P-net | 2025-05-13 | N/A | 7.5 HIGH |
| An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. | |||||
| CVE-2025-32397 | 1 Rt-labs | 1 P-net | 2025-05-13 | N/A | 7.5 HIGH |
| An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. | |||||
| CVE-2025-32396 | 1 Rt-labs | 1 P-net | 2025-05-13 | N/A | 7.5 HIGH |
| An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. | |||||
| CVE-2024-22532 | 1 Xnview | 1 Nconvert | 2025-05-13 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in XNSoft NConvert 7.163 (for Windows x86) allows attackers to cause a denial of service via crafted xwd file. | |||||
| CVE-2023-44418 | 1 Dlink | 2 Dir-x3260, Dir-x3260 Firmware | 2025-05-13 | N/A | 8.8 HIGH |
| D-Link DIR-X3260 Prog.cgi Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd webserver. The issue results from the lack of proper validation of the length an user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20727. | |||||
| CVE-2024-56827 | 2025-05-13 | N/A | 5.6 MEDIUM | ||
| A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. | |||||
| CVE-2024-56826 | 2025-05-13 | N/A | 5.6 MEDIUM | ||
| A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. | |||||
| CVE-2024-12670 | 1 Autodesk | 1 Navisworks | 2025-05-08 | N/A | 7.8 HIGH |
| A maliciously crafted DWF file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-12669 | 1 Autodesk | 1 Navisworks | 2025-05-08 | N/A | 7.8 HIGH |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-12179 | 1 Autodesk | 1 Navisworks | 2025-05-08 | N/A | 7.8 HIGH |
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2025-29912 | 1 Nasa | 1 Cryptolib | 2025-05-07 | N/A | 9.8 CRITICAL |
| CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, an unsigned integer underflow in the `Crypto_TC_ProcessSecurity` function of CryptoLib leads to a heap buffer overflow. The vulnerability is triggered when the `fl` (frame length) field in a Telecommand (TC) packet is set to 0. This underflow causes the frame length to be interpreted as 65535, resulting in out-of-bounds memory access. This critical vulnerability can be exploited to cause a denial of service (DoS) or potentially achieve remote code execution. Users of CryptoLib are advised to apply the recommended patch or avoid processing untrusted TC packets until a fix is available. | |||||
| CVE-2024-11608 | 1 Autodesk | 1 Revit | 2025-05-07 | N/A | 7.8 HIGH |
| A maliciously crafted SKP file, when linked or imported into Autodesk Revit, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-26327 | 1 Qemu | 1 Qemu | 2025-05-07 | N/A | 5.3 MEDIUM |
| An issue was discovered in QEMU 7.1.0 through 8.2.1. register_vfs in hw/pci/pcie_sriov.c mishandles the situation where a guest writes NumVFs greater than TotalVFs, leading to a buffer overflow in VF implementations. | |||||
| CVE-2024-23154 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-06 | N/A | 7.8 HIGH |
| A maliciously crafted SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-37001 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-06 | N/A | 7.8 HIGH |
| A maliciously crafted 3DM file, when parsed in opennurbs.dll through Autodesk applications, can be used to cause a Heap-based Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-23155 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-06 | N/A | 7.8 HIGH |
| A maliciously crafted MODEL file, when parsed in atf_asm_interface.dll through Autodesk applications, can be used to cause a Heap-based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or execute arbitrary code in the context of the current process. | |||||
| CVE-2025-30216 | 1 Nasa | 1 Cryptolib | 2025-05-06 | N/A | 9.4 CRITICAL |
| CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. In versions 1.3.3 and prior, a Heap Overflow vulnerability occurs in the `Crypto_TM_ProcessSecurity` function (`crypto_tm.c:1735:8`). When processing the Secondary Header Length of a TM protocol packet, if the Secondary Header Length exceeds the packet's total length, a heap overflow is triggered during the memcpy operation that copies packet data into the dynamically allocated buffer `p_new_dec_frame`. This allows an attacker to overwrite adjacent heap memory, potentially leading to arbitrary code execution or system instability. A patch is available at commit 810fd66d592c883125272fef123c3240db2f170f. | |||||
| CVE-2024-24996 | 1 Ivanti | 1 Avalanche | 2025-05-06 | N/A | 9.8 CRITICAL |
| A Heap overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows an unauthenticated remote attacker to execute arbitrary commands. | |||||
| CVE-2025-27091 | 1 Cisco | 1 Openh264 | 2025-05-06 | N/A | 7.5 HIGH |
| OpenH264 is a free license codec library which supports H.264 encoding and decoding. A vulnerability in the decoding functions of OpenH264 codec library could allow a remote, unauthenticated attacker to trigger a heap overflow. This vulnerability is due to a race condition between a Sequence Parameter Set (SPS) memory allocation and a subsequent non Instantaneous Decoder Refresh (non-IDR) Network Abstraction Layer (NAL) unit memory usage. An attacker could exploit this vulnerability by crafting a malicious bitstream and tricking a victim user into processing an arbitrary video containing the malicious bistream. An exploit could allow the attacker to cause an unexpected crash in the victim's user decoding client and, possibly, perform arbitrary commands on the victim's host by abusing the heap overflow. This vulnerability affects OpenH264 2.5.0 and earlier releases. Both Scalable Video Coding (SVC) mode and Advanced Video Coding (AVC) mode are affected by this vulnerability. OpenH264 software releases 2.6.0 and later contained the fix for this vulnerability. Users are advised to upgrade. There are no known workarounds for this vulnerability. ### For more information If you have any questions or comments about this advisory: * [Open an issue in cisco/openh264](https://github.com/cisco/openh264/issues) * Email Cisco Open Source Security ([oss-security@cisco.com](mailto:oss-security@cisco.com)) and Cisco PSIRT ([psirt@cisco.com](mailto:psirt@cisco.com)) ### Credits: * **Research:** Octavian Guzu and Andrew Calvano of Meta * **Fix ideation:** Philipp Hancke and Shyam Sadhwani of Meta * **Fix implementation:** Benzheng Zhang (@BenzhengZhang) * **Release engineering:** Benzheng Zhang (@BenzhengZhang) | |||||
| CVE-2025-21172 | 3 Apple, Linux, Microsoft | 7 Macos, Linux Kernel, .net and 4 more | 2025-05-06 | N/A | 7.5 HIGH |
| .NET and Visual Studio Remote Code Execution Vulnerability | |||||