Vulnerabilities (CVE)

Filtered by CWE-787
Total 12289 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-5099 2025-05-23 N/A 9.8 CRITICAL
An Out of Bounds Write occurs when the native library attempts PDF rendering, which can be exploited to achieve memory corruption and potentially arbitrary code execution.
CVE-2025-46715 2025-05-23 N/A 7.8 HIGH
Sandboxie is a sandbox-based isolation software for 32-bit and 64-bit Windows NT-based operating systems. Starting in version 1.3.0 and prior to version 1.15.12, Api_GetSecureParam fails to sanitize incoming pointers, and implicitly trusts that the pointer the user has passed in is safe to write to. GetRegValue then writes the contents of the SBIE registry entry selected to this address. An attacker can pass in a kernel pointer and the driver dumps the registry key contents we requested to it. This can be triggered by anyone on the system, including low integrity windows processes. Version 1.15.12 fixes the issue.
CVE-2022-35096 1 Swftools 1 Swftools 2025-05-23 N/A 5.5 MEDIUM
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via draw_stroke at /gfxpoly/stroke.c.
CVE-2022-35095 1 Swftools 1 Swftools 2025-05-23 N/A 5.5 MEDIUM
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via InfoOutputDev::type3D1 at /pdf/InfoOutputDev.cc.
CVE-2022-35094 1 Swftools 1 Swftools 2025-05-23 N/A 5.5 MEDIUM
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via DCTStream::readHuffSym(DCTHuffTable*) at /xpdf/Stream.cc.
CVE-2022-35093 1 Swftools 1 Swftools 2025-05-23 N/A 5.5 MEDIUM
SWFTools commit 772e55a2 was discovered to contain a global buffer overflow via DCTStream::transformDataUnit at /xpdf/Stream.cc.
CVE-2025-4788 1 Freefloat 1 Freefloat Ftp Server 2025-05-23 7.5 HIGH 7.3 HIGH
A vulnerability classified as critical was found in FreeFloat FTP Server 1.0. Affected by this vulnerability is an unknown functionality of the component DELETE Command Handler. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-4789 1 Freefloat 1 Freefloat Ftp Server 2025-05-23 7.5 HIGH 7.3 HIGH
A vulnerability, which was classified as critical, has been found in FreeFloat FTP Server 1.0. Affected by this issue is some unknown functionality of the component LCD Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-4790 1 Freefloat 1 Freefloat Ftp Server 2025-05-23 7.5 HIGH 7.3 HIGH
A vulnerability, which was classified as critical, was found in FreeFloat FTP Server 1.0. This affects an unknown part of the component GLOB Command Handler. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-4791 1 Freefloat 1 Freefloat Ftp Server 2025-05-23 7.5 HIGH 7.3 HIGH
A vulnerability has been found in FreeFloat FTP Server 1.0 and classified as critical. This vulnerability affects unknown code of the component HASH Command Handler. The manipulation leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2024-36761 1 Gfx-rs 2 Naga, Wgpu 2025-05-23 N/A 9.8 CRITICAL
naga v0.14.0 was discovered to contain a stack overflow via the component /wgsl/parse/mod.rs.
CVE-2022-40864 1 Tendacn 4 Ac15, Ac15 Firmware, Ac18 and 1 more 2025-05-22 N/A 9.8 CRITICAL
Tenda AC15 and AC18 routers V15.03.05.19 contain stack overflow vulnerabilities in the function setSmartPowerManagement with the request /goform/PowerSaveSet
CVE-2022-40862 1 Tendacn 4 Ac15, Ac15 Firmware, Ac18 and 1 more 2025-05-22 N/A 9.8 CRITICAL
Tenda AC15 and AC18 router V15.03.05.19 contains stack overflow vulnerability in the function fromNatStaticSetting with the request /goform/NatStaticSetting
CVE-2022-40860 1 Tendacn 2 Ac15, Ac15 Firmware 2025-05-22 N/A 9.8 CRITICAL
Tenda AC15 router V15.03.05.19 contains a stack overflow vulnerability in the function formSetQosBand->FUN_0007dd20 with request /goform/SetNetControlList
CVE-2022-40853 1 Tendacn 2 Ac15, Ac15 Firmware 2025-05-22 N/A 9.8 CRITICAL
Tenda AC15 router V15.03.05.19 contains a stack overflow via the list parameter at /goform/fast_setting_wifi_set
CVE-2022-35097 1 Swftools 1 Swftools 2025-05-22 N/A 5.5 MEDIUM
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via FoFiTrueType::writeTTF at /xpdf/FoFiTrueType.cc.
CVE-2022-40868 1 Tenda 2 W20e, W20e Firmware 2025-05-22 N/A 9.8 CRITICAL
Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formDelDhcpRule with the request /goform/delDhcpRules/
CVE-2022-40867 1 Tenda 2 W20e, W20e Firmware 2025-05-22 N/A 9.8 CRITICAL
Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formIPMacBindDel with the request /goform/delIpMacBind/
CVE-2022-40866 1 Tenda 2 W20e, W20e Firmware 2025-05-22 N/A 9.8 CRITICAL
Tenda W20E router V15.11.0.6 (US_W20EV4.0br_V15.11.0.6(1068_1546_841)_CN_TDC) contains a stack overflow vulnerability in the function formSetDebugCfg with request /goform/setDebugCfg/
CVE-2022-40861 1 Tenda 2 Ac18, Ac18 Firmware 2025-05-22 N/A 7.2 HIGH
Tenda AC18 router V15.03.05.19 contains a stack overflow vulnerability in the formSetQosBand->FUN_0007db78 function with the request /goform/SetNetControlList/