Total
4008 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-56450 | 1 Huawei | 2 Emui, Harmonyos | 2026-06-17 | N/A | 6.3 MEDIUM |
| Buffer overflow vulnerability in the component driver module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-55564 | 2026-06-17 | N/A | 9.8 CRITICAL | ||
| The POSIX::2008 package before 0.24 for Perl has a potential _execve50c env buffer overflow. | |||||
| CVE-2024-55194 | 1 Openimageio | 1 Openimageio | 2026-06-17 | N/A | 9.8 CRITICAL |
| OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component /OpenImageIO/fmath.h. | |||||
| CVE-2024-55045 | 2026-06-17 | N/A | 7.3 HIGH | ||
| Firmament-Autopilot FMT-Firmware commit de5aec was discovered to contain a buffer overflow via the task_mavobc_entry function at /comm/task_comm.c. | |||||
| CVE-2024-54887 | 1 Tp-link | 2 Tl-wr940n, Tl-wr940n Firmware | 2026-06-17 | N/A | 8.0 HIGH |
| TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. This vulnerability allows an authenticated attacker to execute arbitrary code on the remote device in the context of the root user. | |||||
| CVE-2024-54568 | 1 Apple | 1 Macos | 2026-06-17 | N/A | 4.3 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.2. Parsing a maliciously crafted file may lead to an unexpected app termination. | |||||
| CVE-2024-54105 | 1 Huawei | 1 Harmonyos | 2026-06-17 | N/A | 5.1 MEDIUM |
| Read/Write vulnerability in the image decoding module Impact: Successful exploitation of this vulnerability will affect availability. | |||||
| CVE-2024-53901 | 1 Tonycoz | 1 Imager | 2026-06-17 | N/A | 5.5 MEDIUM |
| The Imager package before 1.025 for Perl has a heap-based buffer overflow leading to denial of service, or possibly unspecified other impact, when the trim() method is called on a crafted input image. | |||||
| CVE-2024-53695 | 1 Qnap | 1 Hybrid Backup Sync | 2026-06-17 | N/A | 9.1 CRITICAL |
| A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.4.952 and later | |||||
| CVE-2024-53681 | 1 Linux | 1 Linux Kernel | 2026-06-17 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: nvmet: Don't overflow subsysnqn nvmet_root_discovery_nqn_store treats the subsysnqn string like a fixed size buffer, even though it is dynamically allocated to the size of the string. Create a new string with kstrndup instead of using the old buffer. | |||||
| CVE-2024-53589 | 2026-06-17 | N/A | 8.4 HIGH | ||
| GNU objdump 2.43 is vulnerable to Buffer Overflow in the BFD (Binary File Descriptor) library's handling of tekhex format files. | |||||
| CVE-2024-53426 | 2026-06-17 | N/A | 6.2 MEDIUM | ||
| A heap-buffer-overflow vulnerability has been identified in ntopng 6.2 in the Flow::dissectMDNS function. | |||||
| CVE-2024-53425 | 1 Assimp | 1 Assimp | 2026-06-17 | N/A | 6.2 MEDIUM |
| A heap-buffer-overflow vulnerability was discovered in the SkipSpacesAndLineEnd function in Assimp v5.4.3. This issue occurs when processing certain malformed MD5 model files, leading to an out-of-bounds read and potential application crash. | |||||
| CVE-2024-53379 | 2026-06-17 | N/A | 7.5 HIGH | ||
| Heap buffer overflow in the server site handshake implementation in Real Time Logic LLC's SharkSSL version (from 05/05/24) commit 64808a5e12c83b38f85c943dee0112e428dc2a43 allows a remote attacker to trigger a Denial-of-Service via a malformed Client-Hello message. | |||||
| CVE-2024-53335 | 1 Totolink | 2 A810r, A810r Firmware | 2026-06-17 | N/A | 7.8 HIGH |
| TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflow in downloadFlile.cgi. | |||||
| CVE-2024-53334 | 1 Totolink | 2 A810r, A810r Firmware | 2026-06-17 | N/A | 8.8 HIGH |
| TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflow in infostat.cgi. | |||||
| CVE-2024-53320 | 2026-06-17 | N/A | 9.8 CRITICAL | ||
| Qualisys C++ SDK commit a32a21a was discovered to contain multiple stack buffer overflows via the GetCurrentFrame, SaveCapture, and LoadProject functions. | |||||
| CVE-2024-53319 | 2026-06-17 | N/A | 7.5 HIGH | ||
| A heap buffer overflow in the XML Text Escaping component of Qualisys C++ SDK commit a32a21a allows attackers to cause Denial of Service (DoS) via escaping special XML characters. | |||||
| CVE-2024-53192 | 1 Linux | 1 Linux Kernel | 2026-06-17 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: clk: clk-loongson2: Fix potential buffer overflow in flexible-array member access Flexible-array member `hws` in `struct clk_hw_onecell_data` is annotated with the `counted_by()` attribute. This means that when memory is allocated for this array, the _counter_, which in this case is member `num` in the flexible structure, should be set to the maximum number of elements the flexible array can contain, or fewer. In this case, the total number of elements for the flexible array is determined by variable `clks_num` when allocating heap space via `devm_kzalloc()`, as shown below: 289 struct loongson2_clk_provider *clp; ... 296 for (p = data; p->name; p++) 297 clks_num++; 298 299 clp = devm_kzalloc(dev, struct_size(clp, clk_data.hws, clks_num), 300 GFP_KERNEL); So, `clp->clk_data.num` should be set to `clks_num` or less, and not exceed `clks_num`, as is currently the case. Otherwise, if data is written into `clp->clk_data.hws[clks_num]`, the instrumentation provided by the compiler won't detect the overflow, leading to a memory corruption bug at runtime. Fix this issue by setting `clp->clk_data.num` to `clks_num`. | |||||
| CVE-2024-53027 | 1 Qualcomm | 424 205, 205 Firmware, Apq8017 and 421 more | 2026-06-17 | N/A | 7.5 HIGH |
| Transient DOS may occur while processing the country IE. | |||||