Vulnerabilities (CVE)

Filtered by CWE-119
Total 13622 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-4068 1 Fabian 1 Simple Movie Ticket Booking System 2026-06-17 4.3 MEDIUM 5.3 MEDIUM
A vulnerability classified as critical was found in code-projects Simple Movie Ticket Booking System 1.0. Affected by this vulnerability is the function changeprize. The manipulation of the argument prize leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
CVE-2025-4063 1 Fabian 1 Student Information Management System 2026-06-17 4.3 MEDIUM 5.3 MEDIUM
A vulnerability was found in code-projects Student Information Management System 1.0 and classified as critical. Affected by this issue is the function cancel. The manipulation of the argument first_name/last_name leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used.
CVE-2025-4062 1 Fabian 1 Theater Seat Booking System 2026-06-17 4.3 MEDIUM 5.3 MEDIUM
A vulnerability has been found in code-projects Theater Seat Booking System 1.0 and classified as critical. Affected by this vulnerability is the function cancel. The manipulation of the argument cancelcustomername leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used.
CVE-2025-4061 1 Fabian 1 Clothing Store Management System 2026-06-17 4.3 MEDIUM 5.3 MEDIUM
A vulnerability, which was classified as critical, was found in code-projects Clothing Store Management System up to 1.0. Affected is the function add_item. The manipulation of the argument st.productname leads to stack-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
CVE-2025-4059 1 Code-projects 1 Prison Management System 2026-06-17 4.3 MEDIUM 5.3 MEDIUM
A vulnerability classified as critical was found in code-projects Prison Management System 1.0. This vulnerability affects the function addrecord of the component Prison_Mgmt_Sys. The manipulation of the argument filename leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
CVE-2025-4038 1 Fabian 1 Train Ticket Reservation System 2026-06-17 4.3 MEDIUM 5.3 MEDIUM
A vulnerability was found in code-projects Train Ticket Reservation System 1.0. It has been declared as critical. Affected by this vulnerability is the function Reservation of the component Ticket Reservation. The manipulation of the argument Name leads to stack-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.
CVE-2025-4029 1 Fabian 1 Personal Diary Management System 2026-06-17 4.3 MEDIUM 5.3 MEDIUM
A vulnerability was found in code-projects Personal Diary Management System 1.0 and classified as critical. Affected by this issue is the function addrecord of the component New Record Handler. The manipulation of the argument filename leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used.
CVE-2025-4007 1 Tenda 4 I24, I24 Firmware, W12 and 1 more 2026-06-17 9.0 HIGH 8.8 HIGH
A vulnerability classified as critical was found in Tenda W12 and i24 3.0.0.4(2887)/3.0.0.5(3644). Affected by this vulnerability is the function cgidhcpsCfgSet of the file /goform/modules of the component httpd. The manipulation of the argument json leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-49847 1 Ggml 1 Llama.cpp 2026-06-17 N/A 8.8 HIGH
llama.cpp is an inference of several LLM models in C/C++. Prior to version b5662, an attacker‐supplied GGUF model vocabulary can trigger a buffer overflow in llama.cpp’s vocabulary‐loading code. Specifically, the helper _try_copy in llama.cpp/src/vocab.cpp: llama_vocab::impl::token_to_piece() casts a very large size_t token length into an int32_t, causing the length check (if (length < (int32_t)size)) to be bypassed. As a result, memcpy is still called with that oversized size, letting a malicious model overwrite memory beyond the intended buffer. This can lead to arbitrary memory corruption and potential code execution. This issue has been patched in version b5662.
CVE-2025-48429 1 Malaterre 1 Grassroots Dicom 2026-06-17 N/A 7.4 HIGH
An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to leaking heap data. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2025-47869 1 Apache 1 Nuttx 2026-06-17 N/A 9.8 CRITICAL
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability was discovered in Apache NuttX RTOS apps/exapmles/xmlrpc application. In this example application device stats structure that stored remotely provided parameters had hardcoded buffer size which could lead to buffer overflow. Structure members buffers were updated to valid size of CONFIG_XMLRPC_STRINGSIZE+1. This issue affects Apache NuttX RTOS users that may have used or base their code on example application as presented in releases from 6.22 before 12.9.0. Users of XMLRPC in Apache NuttX RTOS are advised to review their code for this pattern and update buffer sizes as presented in the version of the example in release 12.9.0.
CVE-2025-47408 1 Qualcomm 40 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6900 and 37 more 2026-06-17 N/A 7.8 HIGH
Memory corruption when another driver calls an IOCTL with invalid input/output buffer.
CVE-2025-47405 1 Qualcomm 32 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 29 more 2026-06-17 N/A 7.8 HIGH
Memory corruption when processing camera sensor input/output control codes with invalid output buffers.
CVE-2025-46333 2026-06-17 N/A N/A
z2d is a pure Zig 2D graphics library. Versions of z2d after `0.5.1` and up to and including `0.6.0`, when writing from one surface to another using `z2d.compositor.StrideCompositor.run`, and higher-level operations when the anti-aliasing mode is set to `.default` (such as `Context.fill`, `Context.stroke`, `painter.fill`, and `painter.stroke`), the source surface can be completely out-of-bounds on the x-axis, but not on the y-axis, by way of a negative offset. This results in an overflow of the value controlling the length of the stride. In non-safe optimization modes (consumers compiling with `ReleaseFast` or `ReleaseSmall`), this could potentially lead to invalid memory accesses or corruption. This issue is patched in version `0.6.1`. Users on an untagged version after `v0.5.1` and before `v0.6.1` are advised to update to address the vulnerability. Those still on Zig `0.13.0` are recommended to downgrade to `v0.5.1`.
CVE-2025-46305 1 Apple 3 Ipados, Iphone Os, Macos 2026-06-17 N/A 5.7 MEDIUM
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. A malicious HID device may cause an unexpected process crash.
CVE-2025-46303 1 Apple 3 Ipados, Iphone Os, Macos 2026-06-17 N/A 5.7 MEDIUM
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. A malicious HID device may cause an unexpected process crash.
CVE-2025-46302 1 Apple 3 Ipados, Iphone Os, Macos 2026-06-17 N/A 5.7 MEDIUM
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. A malicious HID device may cause an unexpected process crash.
CVE-2025-46301 1 Apple 3 Ipados, Iphone Os, Macos 2026-06-17 N/A 5.7 MEDIUM
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. A malicious HID device may cause an unexpected process crash.
CVE-2025-46300 1 Apple 3 Ipados, Iphone Os, Macos 2026-06-17 N/A 5.7 MEDIUM
The issue was addressed with improved bounds checks. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.2 and iPadOS 26.2, macOS Sequoia 15.7.4, macOS Sonoma 14.8.4, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. A malicious HID device may cause an unexpected process crash.
CVE-2025-46298 1 Apple 7 Ipados, Iphone Os, Macos and 4 more 2026-06-17 N/A 6.5 MEDIUM
The issue was addressed with improved memory handling. This issue is fixed in Safari 26.2, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, tvOS 26.2, visionOS 26.2, watchOS 26.2. Processing maliciously crafted web content may lead to an unexpected process crash.