Total
12288 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-4068 | 1 Fabianros | 1 Simple Movie Ticket Booking System | 2025-05-28 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability classified as critical was found in code-projects Simple Movie Ticket Booking System 1.0. Affected by this vulnerability is the function changeprize. The manipulation of the argument prize leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-49404 | 1 Tenda | 2 W30e, W30e Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
| Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formAdvancedSetListSet. | |||||
| CVE-2022-40008 | 1 Swftools | 1 Swftools | 2025-05-28 | N/A | 9.8 CRITICAL |
| SWFTools commit 772e55a was discovered to contain a heap-buffer overflow via the function readU8 at /lib/ttf.c. | |||||
| CVE-2022-35090 | 1 Swftools | 1 Swftools | 2025-05-28 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via __asan_memcpy at /asan/asan_interceptors_memintrinsics.cpp:. | |||||
| CVE-2022-35088 | 1 Swftools | 1 Swftools | 2025-05-28 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a heap buffer-overflow via getGifDelayTime at /home/bupt/Desktop/swftools/src/src/gif2swf.c. | |||||
| CVE-2022-35087 | 1 Swftools | 1 Swftools | 2025-05-28 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a segmentation violation via MovieAddFrame at /src/gif2swf.c. | |||||
| CVE-2022-35086 | 1 Swftools | 1 Swftools | 2025-05-28 | N/A | 5.5 MEDIUM |
| SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S. | |||||
| CVE-2020-36602 | 1 Huawei | 16 576up005 Hota-cm-h-shark-bd, 576up005 Hota-cm-h-shark-bd Firmware, 577hota-cm-h-shark-bd and 13 more | 2025-05-28 | N/A | 6.1 MEDIUM |
| There is an out-of-bounds read and write vulnerability in some headset products. An unauthenticated attacker gets the device physically and crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause out-of-bounds read and write. | |||||
| CVE-2025-3136 | 1 Linuxfoundation | 1 Pytorch | 2025-05-28 | 1.7 LOW | 3.3 LOW |
| A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0. This issue affects the function torch.cuda.memory.caching_allocator_delete of the file c10/cuda/CUDACachingAllocator.cpp. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-41649 | 2025-05-28 | N/A | 7.5 HIGH | ||
| An unauthenticated remote attacker can exploit insufficient input validation to write data beyond the bounds of a buffer, potentially leading to a denial-of-service condition for the devices. | |||||
| CVE-2024-52274 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
| Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoubleL2tpConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50 | |||||
| CVE-2024-52273 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
| Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoublePppoeConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50 | |||||
| CVE-2024-52272 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
| Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromAdvSetLanip(overflow arg:lanMask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50 | |||||
| CVE-2024-52275 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
| Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromWizardHandle modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50. | |||||
| CVE-2025-3196 | 1 Assimp | 1 Assimp | 2025-05-28 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD2Importer::InternReadFile in the library code/AssetLib/MD2/MD2Loader.cpp of the component Malformed File Handler. The manipulation of the argument Name leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. | |||||
| CVE-2024-7139 | 2025-05-28 | N/A | 6.5 MEDIUM | ||
| Due to an unchecked buffer length, a specially crafted L2CAP packet can cause a buffer overflow. This buffer overflow triggers an assert, which results in a temporary denial of service. If a watchdog timer is not enabled, a hard reset is required to recover the device. | |||||
| CVE-2024-7137 | 2025-05-28 | N/A | 6.5 MEDIUM | ||
| The L2CAP receive data buffer for L2CAP packets is restricted to packet sizes smaller than the maximum supported packet size. Receiving a packet that exceeds the restricted buffer length may cause a crash. A hard reset is required to recover the crashed device. | |||||
| CVE-2025-4919 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-05-28 | N/A | 8.8 HIGH |
| An attacker was able to perform an out-of-bounds read or write on a JavaScript object by confusing array index sizes. This vulnerability affects Firefox < 138.0.4, Firefox ESR < 128.10.1, Firefox ESR < 115.23.1, Thunderbird < 128.10.2, and Thunderbird < 138.0.2. | |||||
| CVE-2024-4291 | 1 Tenda | 2 A301, A301 Firmware | 2025-05-28 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was found in Tenda A301 15.13.08.12_multi_TDE01. It has been rated as critical. This issue affects the function formAddMacfilterRule of the file /goform/setBlackRule. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-262223. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2022-32843 | 1 Apple | 2 Mac Os X, Macos | 2025-05-27 | N/A | 7.1 HIGH |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted Postscript file may result in unexpected app termination or disclosure of process memory. | |||||