Total
12292 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-57577 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-17 | N/A | 5.7 MEDIUM |
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. | |||||
CVE-2024-44375 | 1 Dlink | 2 Di-8100, Di-8100 Firmware | 2025-03-17 | N/A | 7.5 HIGH |
D-Link DI-8100 v16.07.26A1 has a stack overflow vulnerability in the dbsrv_asp function. | |||||
CVE-2024-57961 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-17 | N/A | 6.8 MEDIUM |
Out-of-bounds write vulnerability in the emcom module Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. | |||||
CVE-2024-44178 | 1 Apple | 1 Macos | 2025-03-15 | N/A | 5.5 MEDIUM |
This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file system. | |||||
CVE-2023-30774 | 2 Apple, Libtiff | 2 Macos, Libtiff | 2025-03-14 | N/A | 5.5 MEDIUM |
A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values. | |||||
CVE-2019-12483 | 2 Debian, Gpac | 2 Debian Linux, Gpac | 2025-03-14 | 6.8 MEDIUM | 7.8 HIGH |
An issue was discovered in GPAC 0.7.1. There is a heap-based buffer overflow in the function ReadGF_IPMPX_RemoveToolNotificationListener in odf/ipmpx_code.c in libgpac.a, as demonstrated by MP4Box. | |||||
CVE-2020-16304 | 3 Artifex, Canonical, Debian | 3 Ghostscript, Ubuntu Linux, Debian Linux | 2025-03-14 | 4.3 MEDIUM | 5.5 MEDIUM |
A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51. | |||||
CVE-2020-16297 | 3 Artifex, Canonical, Debian | 3 Ghostscript, Ubuntu Linux, Debian Linux | 2025-03-14 | 4.3 MEDIUM | 5.5 MEDIUM |
A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||||
CVE-2023-36274 | 1 Gnu | 1 Libredwg | 2025-03-14 | N/A | 8.8 HIGH |
LibreDWG v0.11 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_write_TF at bits.c. | |||||
CVE-2023-36271 | 1 Gnu | 1 Libredwg | 2025-03-14 | N/A | 8.8 HIGH |
LibreDWG v0.10 to v0.12.5 was discovered to contain a heap buffer overflow via the function bit_wcs2nlen at bits.c. | |||||
CVE-2024-50854 | 1 Tendacn | 2 G3, G3 Firmware | 2025-03-14 | N/A | 8.8 HIGH |
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a stack overflow via the formSetPortMapping function. | |||||
CVE-2024-31956 | 1 Samsung | 6 Exynos 1480, Exynos 1480 Firmware, Exynos 2200 and 3 more | 2025-03-14 | N/A | 8.4 HIGH |
An issue was discovered in Samsung Mobile Processor Exynos 2200, Exynos 1480, Exynos 2400. It lacks proper buffer length checking, which can result in an Out-of-Bounds Write. | |||||
CVE-2024-27365 | 1 Samsung | 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more | 2025-03-14 | N/A | 4.4 MEDIUM |
An issue was discovered in Samsung Mobile Processor Exynos Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsi_rx_blockack_ind(), there is no input validation check on a length coming from userspace, which can lead to a potential heap over-read. | |||||
CVE-2021-20038 | 1 Sonicwall | 10 Sma 200, Sma 200 Firmware, Sma 210 and 7 more | 2025-03-14 | 7.5 HIGH | 9.8 CRITICAL |
A Stack-based buffer overflow vulnerability in SMA100 Apache httpd server's mod_cgi module environment variables allows a remote unauthenticated attacker to potentially execute code as a 'nobody' user in the appliance. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances firmware 10.2.0.8-37sv, 10.2.1.1-19sv, 10.2.1.2-24sv and earlier versions. | |||||
CVE-2021-27562 | 1 Arm | 1 Trusted Firmware-m | 2025-03-14 | 4.9 MEDIUM | 5.5 MEDIUM |
In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode. | |||||
CVE-2024-46258 | 1 Randygaul | 1 Cute Png | 2025-03-14 | N/A | 7.8 HIGH |
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_load_png_mem() function at cute_png.h. | |||||
CVE-2024-39118 | 1 Mommyheather | 1 Advanced Backups | 2025-03-14 | N/A | 5.5 MEDIUM |
Mommy Heather Advanced Backups up to v3.5.3 allows attackers to write arbitrary files via restoring a crafted back up. | |||||
CVE-2024-2615 | 1 Mozilla | 1 Firefox | 2025-03-14 | N/A | 9.8 CRITICAL |
Memory safety bugs present in Firefox 123. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 124. | |||||
CVE-2024-46276 | 1 Randygaul | 1 Cute Png | 2025-03-14 | N/A | 7.8 HIGH |
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_chunk() function at cute_png.h. | |||||
CVE-2024-37079 | 1 Vmware | 2 Cloud Foundation, Vcenter Server | 2025-03-14 | N/A | 9.8 CRITICAL |
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution. |