Total
12289 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-40517 | 1 Qualcomm | 362 Aqt1000, Aqt1000 Firmware, Ar8031 and 359 more | 2025-04-09 | N/A | 8.4 HIGH |
| Memory corruption in core due to stack-based buffer overflow | |||||
| CVE-2022-40516 | 1 Qualcomm | 368 Aqt1000, Aqt1000 Firmware, Ar8031 and 365 more | 2025-04-09 | N/A | 8.4 HIGH |
| Memory corruption in Core due to stack-based buffer overflow. | |||||
| CVE-2022-33300 | 1 Qualcomm | 102 Qam8295p, Qam8295p Firmware, Qca6174a and 99 more | 2025-04-09 | N/A | 8.4 HIGH |
| Memory corruption in Automotive Android OS due to improper input validation. | |||||
| CVE-2022-33286 | 1 Qualcomm | 562 Apq8009, Apq8009 Firmware, Apq8017 and 559 more | 2025-04-09 | N/A | 7.5 HIGH |
| Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames. | |||||
| CVE-2022-33285 | 1 Qualcomm | 556 Apq8009, Apq8009 Firmware, Apq8017 and 553 more | 2025-04-09 | N/A | 7.5 HIGH |
| Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames. | |||||
| CVE-2022-33284 | 1 Qualcomm | 352 Aqt1000, Aqt1000 Firmware, Ar8035 and 349 more | 2025-04-09 | N/A | 8.2 HIGH |
| Information disclosure due to buffer over-read in WLAN while parsing BTM action frame. | |||||
| CVE-2022-33283 | 1 Qualcomm | 268 Ar8035, Ar8035 Firmware, Ar9380 and 265 more | 2025-04-09 | N/A | 8.2 HIGH |
| Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check. | |||||
| CVE-2022-33265 | 1 Qualcomm | 6 Qca7500, Qca7500 Firmware, Qca7520 and 3 more | 2025-04-09 | N/A | 7.3 HIGH |
| Memory corruption due to information exposure in Powerline Communication Firmware while sending different MMEs from a single, unassociated device. | |||||
| CVE-2022-33255 | 1 Qualcomm | 184 Apq8009, Apq8009 Firmware, Ar8031 and 181 more | 2025-04-09 | N/A | 8.2 HIGH |
| Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device. | |||||
| CVE-2021-46791 | 1 Amd | 2 Milanpi, Milanpi Firmware | 2025-04-09 | N/A | 5.5 MEDIUM |
| Insufficient input validation during parsing of the System Management Mode (SMM) binary may allow a maliciously crafted SMM executable binary to corrupt Dynamic Root of Trust for Measurement (DRTM) user application memory that may result in a potential denial of service. | |||||
| CVE-2021-46779 | 1 Amd | 6 Milanpi, Milanpi Firmware, Naplespi and 3 more | 2025-04-09 | N/A | 7.1 HIGH |
| Insufficient input validation in SVC_ECC_PRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AMD Secure Processor) OS memory which may lead to potential loss of integrity and availability. | |||||
| CVE-2021-26398 | 1 Amd | 128 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 125 more | 2025-04-09 | N/A | 7.8 HIGH |
| Insufficient input validation in SYS_KEY_DERIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AMD Secure Processor) OS memory which may lead to potential arbitrary code execution. | |||||
| CVE-2024-32302 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-04-09 | N/A | 6.3 MEDIUM |
| Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle function. | |||||
| CVE-2024-32315 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-04-09 | N/A | 4.7 MEDIUM |
| Tenda FH1202 v1.2.0.14(408) firmware has a stack overflow vulnerability via the adslPwd parameter in the formWanParameterSetting function. | |||||
| CVE-2017-16273 | 1 Insteon | 2 Hub, Hub Firmware | 2025-04-09 | N/A | 9.9 CRITICAL |
| Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd e_ml, at 0x9d016fa8, the value for the `grp` key is copied using `strcpy` to the buffer at `$sp+0x1b4`.This buffer is 8 bytes large, sending anything longer will cause a buffer overflow. | |||||
| CVE-2017-16261 | 1 Insteon | 2 Hub, Hub Firmware | 2025-04-09 | N/A | 8.8 HIGH |
| Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd g_b, at 0x9d015714, the value for the `grp` key is copied using `strcpy` to the buffer at `$sp+0x280`.This buffer is 16 bytes large, sending anything longer will cause a buffer overflow. | |||||
| CVE-2009-0490 | 1 Audacityteam | 1 Audacity | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in the String_parse::get_nonspace_quoted function in lib-src/allegro/strparse.cpp in Audacity 1.2.6 and other versions before 1.3.6 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .gro file containing a long string. | |||||
| CVE-2009-4484 | 5 Canonical, Debian, Mariadb and 2 more | 5 Ubuntu Linux, Debian Linux, Mariadb and 2 more | 2025-04-09 | 7.5 HIGH | N/A |
| Multiple stack-based buffer overflows in the CertDecoder::GetName function in src/asn.cpp in TaoCrypt in yaSSL before 1.9.9, as used in mysqld in MySQL 5.0.x before 5.0.90, MySQL 5.1.x before 5.1.43, MySQL 5.5.x through 5.5.0-m2, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption and daemon crash) by establishing an SSL connection and sending an X.509 client certificate with a crafted name field, as demonstrated by mysql_overflow1.py and the vd_mysql5 module in VulnDisco Pack Professional 8.11. NOTE: this was originally reported for MySQL 5.0.51a. | |||||
| CVE-2009-2550 | 1 Ondanera | 1 Hamster Audio Player | 2025-04-09 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Hamster Audio Player 0.3a allows remote attackers to execute arbitrary code via a long string in a (1) .m3u or (2) .hpl playlist file. | |||||
| CVE-2007-1320 | 5 Debian, Fedoraproject, Opensuse and 2 more | 6 Debian Linux, Fedora, Fedora Core and 3 more | 2025-04-09 | 7.2 HIGH | N/A |
| Multiple heap-based buffer overflows in the cirrus_invalidate_region function in the Cirrus VGA extension in QEMU 0.8.2, as used in Xen and possibly other products, might allow local users to execute arbitrary code via unspecified vectors related to "attempting to mark non-existent regions as dirty," aka the "bitblt" heap overflow. | |||||