Total
12292 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-20066 | 1 Mediatek | 23 Mt6298, Mt6813, Mt6815 and 20 more | 2025-03-27 | N/A | 7.5 HIGH |
| In modem, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01267281; Issue ID: MSV-1477. | |||||
| CVE-2025-26336 | 1 Dell | 4 Chassis Management Controller For Poweredge Fx2, Chassis Management Controller For Poweredge Fx2 Firmware, Chassis Management Controller For Poweredge Vrtx and 1 more | 2025-03-27 | N/A | 8.3 HIGH |
| Dell Chassis Management Controller Firmware for Dell PowerEdge FX2, version(s) prior to 2.40.200.202101130302, and Dell Chassis Management Controller Firmware for Dell PowerEdge VRTX version(s) prior to 3.41.200.202209300499, contain(s) a Stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution. | |||||
| CVE-2024-22268 | 3 Apple, Microsoft, Vmware | 4 Macos, Windows, Fusion and 1 more | 2025-03-27 | N/A | 7.1 HIGH |
| VMware Workstation and Fusion contain a heap buffer-overflow vulnerability in the Shader functionality. A malicious actor with non-administrative access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to create a denial of service condition. | |||||
| CVE-2022-31364 | 1 Infineon | 1 Cypress Bluetooth Mesh Software Development Kit | 2025-03-27 | N/A | 8.2 HIGH |
| Cypress : https://www.infineon.com/ Cypress Bluetooth Mesh SDK BSA0107_05.01.00-BX8-AMESH-08 is affected by: Buffer Overflow. The impact is: execute arbitrary code (remote). The component is: affected function is lower_transport_layer_on_seg. ¶¶ In Cypress Bluetooth Mesh SDK, there is an out-of-bound write vulnerability that can be triggered by sending a series of segmented packets with inconsistent SegN. | |||||
| CVE-2022-31363 | 1 Infineon | 1 Cypress Bluetooth Mesh Software Development Kit | 2025-03-27 | N/A | 8.2 HIGH |
| Cypress : https://www.infineon.com/ Cypress Bluetooth Mesh SDK BSA0107_05.01.00-BX8-AMESH-08 is affected by: Buffer Overflow. The impact is: execute arbitrary code (remote). The component is: affected function is pb_transport_handle_frag_. ¶¶ In Cypress Bluetooth Mesh SDK, there is an out-of-bound write vulnerability that can be triggered during mesh provisioning. Because there is no check for mismatched SegN and TotalLength in Transaction Start PDU. | |||||
| CVE-2022-30904 | 1 Bestechnic | 2 Bes2300, Bluetooth Mesh Software Development Kit | 2025-03-27 | N/A | 8.2 HIGH |
| In Bestechnic Bluetooth Mesh SDK (BES2300) V1.0, a buffer overflow vulnerability can be triggered during provisioning, because there is no check for the SegN field of the Transaction Start PDU. | |||||
| CVE-2023-47038 | 3 Fedoraproject, Perl, Redhat | 5 Fedora, Perl, Enterprise Linux and 2 more | 2025-03-27 | N/A | 7.0 HIGH |
| A vulnerability was found in perl 5.30.0 through 5.38.0. This issue occurs when a crafted regular expression is compiled by perl, which can allow an attacker controlled byte buffer overflow in a heap allocated buffer. | |||||
| CVE-2021-36493 | 1 Xpdfreader | 1 Xpdf | 2025-03-27 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in pdfimages in xpdf 4.03 allows attackers to crash the application via crafted command. | |||||
| CVE-2021-36489 | 1 Liballeg | 1 Allegro | 2025-03-27 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in Allegro through 5.2.6 allows attackers to cause a denial of service via crafted PCX/TGA/BMP files to allegro_image addon. | |||||
| CVE-2021-39793 | 1 Google | 1 Android | 2025-03-27 | 7.2 HIGH | 7.8 HIGH |
| In kbase_jd_user_buf_pin_pages of mali_kbase_mem.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-210470189References: N/A | |||||
| CVE-2024-44551 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2025-03-26 | N/A | 9.8 CRITICAL |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function formGetIptv. | |||||
| CVE-2023-42873 | 1 Apple | 4 Ipad Os, Iphone Os, Macos and 1 more | 2025-03-26 | N/A | 7.8 HIGH |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Sonoma 14.1, tvOS 17.1, macOS Monterey 12.7.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1, macOS Ventura 13.6.1. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-20615 | 2 Google, Mediatek | 37 Android, Mt6739, Mt6761 and 34 more | 2025-03-26 | N/A | 6.7 MEDIUM |
| In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629572; Issue ID: ALPS07629572. | |||||
| CVE-2022-48078 | 1 Pycdc Project | 1 Pycdc | 2025-03-26 | N/A | 9.8 CRITICAL |
| pycdc commit 44a730f3a889503014fec94ae6e62d8401cb75e5 was discovered to contain a stack overflow via the component ASTree.cpp:BuildFromCode. | |||||
| CVE-2023-23088 | 1 Json-parser Project | 1 Json-parser | 2025-03-26 | N/A | 9.8 CRITICAL |
| Buffer OverFlow Vulnerability in Barenboim json-parser master and v1.1.0 fixed in v1.1.1 allows an attacker to execute arbitrary code via the json_value_parse function. | |||||
| CVE-2023-23086 | 1 Mojojson Project | 1 Mojojson | 2025-03-26 | N/A | 9.8 CRITICAL |
| Buffer OverFlow Vulnerability in MojoJson v1.2.3 allows an attacker to execute arbitrary code via the SkipString function. | |||||
| CVE-2022-48130 | 1 Tenda | 2 W20e, W20e Firmware | 2025-03-26 | N/A | 9.8 CRITICAL |
| Tenda W20E v15.11.0.6 was discovered to contain multiple stack overflows in the function formSetStaticRoute via the parameters staticRouteNet, staticRouteMask, staticRouteGateway, staticRouteWAN. | |||||
| CVE-2022-45491 | 1 Json.h Project | 1 Json.h | 2025-03-26 | N/A | 7.8 HIGH |
| Buffer overflow vulnerability in function json_parse_value in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 (November 14, 2022) allows attackers to code arbitrary code and gain escalated privileges. | |||||
| CVE-2021-37519 | 1 Memcached | 1 Memcached | 2025-03-26 | N/A | 5.5 MEDIUM |
| Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows attackers to cause a denial of service via crafted authenticattion file. | |||||
| CVE-2021-37501 | 1 Hdfgroup | 1 Hdf5 | 2025-03-26 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in HDFGroup hdf5-h5dump 1.12.0 through 1.13.0 allows attackers to cause a denial of service via h5tools_str_sprint in /hdf5/tools/lib/h5tools_str.c. | |||||