Vulnerabilities (CVE)

Filtered by CWE-787
Total 12292 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-2618 1 Dlink 2 Dap-1620, Dap-1620 Firmware 2025-03-26 10.0 HIGH 9.8 CRITICAL
A vulnerability, which was classified as critical, has been found in D-Link DAP-1620 1.03. Affected by this issue is the function set_ws_action of the file /dws/api/ of the component Path Handler. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-2619 1 Dlink 2 Dap-1620, Dap-1620 Firmware 2025-03-26 10.0 HIGH 9.8 CRITICAL
A vulnerability, which was classified as critical, was found in D-Link DAP-1620 1.03. This affects the function check_dws_cookie of the file /storage of the component Cookie Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-2620 1 Dlink 2 Dap-1620, Dap-1620 Firmware 2025-03-26 10.0 HIGH 9.8 CRITICAL
A vulnerability has been found in D-Link DAP-1620 1.03 and classified as critical. This vulnerability affects the function mod_graph_auth_uri_handler of the file /storage of the component Authentication Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-2621 1 Dlink 2 Dap-1620, Dap-1620 Firmware 2025-03-26 10.0 HIGH 9.8 CRITICAL
A vulnerability was found in D-Link DAP-1620 1.03 and classified as critical. This issue affects the function check_dws_cookie of the file /storage. The manipulation of the argument uid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2021-36535 1 Cesanta 1 Mjs 2025-03-26 N/A 5.5 MEDIUM
Buffer Overflow vulnerability in Cesanta mJS 1.26 allows remote attackers to cause a denial of service via crafted .js file to mjs_set_errorf.
CVE-2018-0798 1 Microsoft 3 Office, Office Compatibility Pack, Word 2025-03-26 9.3 HIGH 8.8 HIGH
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability".
CVE-2018-0802 1 Microsoft 3 Office, Office Compatibility Pack, Word 2025-03-26 9.3 HIGH 7.8 HIGH
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812.
CVE-2024-22273 2 Apple, Vmware 5 Macos, Cloud Foundation, Esxi and 2 more 2025-03-26 N/A 8.1 HIGH
The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability. A malicious actor with access to a virtual machine with storage controllers enabled may exploit this issue to create a denial of service condition or execute code on the hypervisor from a virtual machine in conjunction with other issues.
CVE-2022-45496 1 Json.h Project 1 Json.h 2025-03-26 N/A 7.8 HIGH
Buffer overflow vulnerability in function json_parse_string in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 (November 14, 2022) allows attackers to code arbitrary code and gain escalated privileges.
CVE-2023-25139 1 Gnu 1 Glibc 2025-03-26 N/A 9.8 CRITICAL
sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a number, if the buffer is allocated the exact size required to represent that number as a string. For example, 1,234,567 (with padding to 13) overflows by two bytes.
CVE-2023-24613 1 Arraynetworks 14 Ag1000, Ag1000t, Ag1000v5 and 11 more 2025-03-26 N/A 4.9 MEDIUM
The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend binary file that handles the user interface to a cause denial of service attack. This is fixed in AG 9.4.0.481.
CVE-2023-20604 2 Google, Mediatek 27 Android, Mt6735, Mt6737 and 24 more 2025-03-26 N/A 6.7 MEDIUM
In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494067; Issue ID: ALPS07494067.
CVE-2022-47369 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-03-26 N/A 5.5 MEDIUM
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
CVE-2022-47368 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-03-26 N/A 5.5 MEDIUM
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
CVE-2022-47366 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-03-26 N/A 5.5 MEDIUM
In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-47365 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-03-26 N/A 5.5 MEDIUM
In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-47364 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-03-26 N/A 5.5 MEDIUM
In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-44448 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-03-26 N/A 5.5 MEDIUM
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
CVE-2022-42783 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-03-26 N/A 5.5 MEDIUM
In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services.
CVE-2023-20614 2 Google, Mediatek 38 Android, Mt6739, Mt6761 and 35 more 2025-03-26 N/A 6.7 MEDIUM
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628615; Issue ID: ALPS07628615.