Vulnerabilities (CVE)

Filtered by CWE-787
Total 12292 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-57577 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-17 N/A 5.7 MEDIUM
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.
CVE-2024-44375 1 Dlink 2 Di-8100, Di-8100 Firmware 2025-03-17 N/A 7.5 HIGH
D-Link DI-8100 v16.07.26A1 has a stack overflow vulnerability in the dbsrv_asp function.
CVE-2024-57961 1 Huawei 2 Emui, Harmonyos 2025-03-17 N/A 6.8 MEDIUM
Out-of-bounds write vulnerability in the emcom module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally.
CVE-2024-44178 1 Apple 1 Macos 2025-03-15 N/A 5.5 MEDIUM
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file system.
CVE-2023-30774 2 Apple, Libtiff 2 Macos, Libtiff 2025-03-14 N/A 5.5 MEDIUM
A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values.
CVE-2019-12483 2 Debian, Gpac 2 Debian Linux, Gpac 2025-03-14 6.8 MEDIUM 7.8 HIGH
An issue was discovered in GPAC 0.7.1. There is a heap-based buffer overflow in the function ReadGF_IPMPX_RemoveToolNotificationListener in odf/ipmpx_code.c in libgpac.a, as demonstrated by MP4Box.
CVE-2020-16304 3 Artifex, Canonical, Debian 3 Ghostscript, Ubuntu Linux, Debian Linux 2025-03-14 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51.
CVE-2020-16297 3 Artifex, Canonical, Debian 3 Ghostscript, Ubuntu Linux, Debian Linux 2025-03-14 4.3 MEDIUM 5.5 MEDIUM
A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
CVE-2023-36274 1 Gnu 1 Libredwg 2025-03-14 N/A 8.8 HIGH
LibreDWG v0.11 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c.
CVE-2023-36271 1 Gnu 1 Libredwg 2025-03-14 N/A 8.8 HIGH
LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c.
CVE-2024-50854 1 Tendacn 2 G3, G3 Firmware 2025-03-14 N/A 8.8 HIGH
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a stack overflow via the formSetPortMapping function.
CVE-2024-31956 1 Samsung 6 Exynos 1480, Exynos 1480 Firmware, Exynos 2200 and 3 more 2025-03-14 N/A 8.4 HIGH
An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks proper buffer length checking, which can result in an Out-of-Bounds Write.
CVE-2024-27365 1 Samsung 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more 2025-03-14 N/A 4.4 MEDIUM
An issue was discovered in Samsung Mobile Processor Exynos Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_blockack_ind(), there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read.
CVE-2021-20038 1 Sonicwall 10 Sma 200, Sma 200 Firmware, Sma 210 and 7 more 2025-03-14 7.5 HIGH 9.8 CRITICAL
A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions.
CVE-2021-27562 1 Arm 1 Trusted Firmware-m 2025-03-14 4.9 MEDIUM 5.5 MEDIUM
In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode.
CVE-2024-46258 1 Randygaul 1 Cute Png 2025-03-14 N/A 7.8 HIGH
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_load_png_mem() function at cute_png.h.
CVE-2024-39118 1 Mommyheather 1 Advanced Backups 2025-03-14 N/A 5.5 MEDIUM
Mommy Heather Advanced Backups up to v3.5.3 allows attackers to write arbitrary files via restoring a crafted back up.
CVE-2024-2615 1 Mozilla 1 Firefox 2025-03-14 N/A 9.8 CRITICAL
Memory safety bugs present in Firefox 123. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 124.
CVE-2024-46276 1 Randygaul 1 Cute Png 2025-03-14 N/A 7.8 HIGH
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_chunk() function at cute_png.h.
CVE-2024-37079 1 Vmware 2 Cloud Foundation, Vcenter Server 2025-03-14 N/A 9.8 CRITICAL
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.