Total
1694 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-46461 | 2026-04-15 | N/A | 8.0 HIGH | ||
| VLC media player 3.0.20 and earlier is vulnerable to denial of service through an integer overflow which could be triggered with a maliciously crafted mms stream (heap based overflow). If successful, a malicious third party could trigger either a crash of VLC or an arbitrary code execution with the target user's privileges. | |||||
| CVE-2024-37310 | 2026-04-15 | N/A | 9.0 CRITICAL | ||
| EVerest is an EV charging software stack. An integer overflow in the "v2g_incoming_v2gtp" function in the v2g_server.cpp implementation can allow a remote attacker to overflow the process' heap. This vulnerability is fixed in 2024.3.1 and 2024.6.0. | |||||
| CVE-2025-40928 | 2026-04-15 | N/A | 7.5 HIGH | ||
| JSON::XS before version 4.04 for Perl has an integer buffer overflow causing a segfault when parsing crafted JSON, enabling denial-of-service attacks or other unspecified impact | |||||
| CVE-2024-0257 | 2026-04-15 | N/A | 3.3 LOW | ||
| RoboDK v5.5.4 is vulnerable to heap-based buffer overflow while processing a specific project file. The resulting memory corruption may crash the application. | |||||
| CVE-2024-9632 | 2026-04-15 | N/A | 7.8 HIGH | ||
| A flaw was found in the X.org server. Due to improperly tracked allocation size in _XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org server is run with root privileges. | |||||
| CVE-2025-54951 | 2026-04-15 | N/A | 9.8 CRITICAL | ||
| A group of related buffer overflow vulnerabilities in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit cea9b23aa8ff78aff92829a466da97461cc7930c. | |||||
| CVE-2026-24829 | 2026-04-15 | N/A | 6.5 MEDIUM | ||
| Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in Is-Daouda is-Engine.This issue affects is-Engine: before 3.3.4. | |||||
| CVE-2023-52168 | 2026-04-15 | N/A | 8.4 HIGH | ||
| The NtfsHandler.cpp NTFS handler in 7-Zip before 24.01 (for 7zz) contains a heap-based buffer overflow that allows an attacker to overwrite two bytes at multiple offsets beyond the allocated buffer size: buffer+512*i-2, for i=9, i=10, i=11, etc. | |||||
| CVE-2024-41981 | 2026-04-15 | N/A | 7.8 HIGH | ||
| A vulnerability has been identified in Simcenter Femap V2306 (All versions), Simcenter Femap V2401 (All versions), Simcenter Femap V2406 (All versions). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted BDF files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2025-48797 | 2026-04-15 | N/A | 7.3 HIGH | ||
| A flaw was found in GIMP when processing certain TGA image files. If a user opens one of these image files that has been specially crafted by an attacker, GIMP can be tricked into making serious memory errors, potentially leading to crashes and causing a heap buffer overflow. | |||||
| CVE-2026-24822 | 2026-04-15 | N/A | N/A | ||
| Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in ttttupup wxhelper (src modules). This vulnerability is associated with program files mongoose.C. This issue affects wxhelper: through 3.9.10.19-v1. | |||||
| CVE-2025-22920 | 2026-04-15 | N/A | 5.3 MEDIUM | ||
| A heap buffer overflow vulnerability in FFmpeg before commit 4bf784c allows attackers to trigger a memory corruption via supplying a crafted media file in avformat when processing tile grid group streams. This can lead to a Denial of Service (DoS). | |||||
| CVE-2025-10504 | 2026-04-15 | N/A | 6.1 MEDIUM | ||
| Heap-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33. | |||||
| CVE-2025-5517 | 2026-04-15 | N/A | 6.8 MEDIUM | ||
| Heap-based Buffer Overflow vulnerability in ABB Terra AC wallbox (UL40/80A), ABB Terra AC wallbox (UL32A), ABB Terra AC wallbox (MID/ CE) -Terra AC MID, ABB Terra AC wallbox (MID/ CE) -Terra AC Juno CE, ABB Terra AC wallbox (MID/ CE) -Terra AC PTB, ABB Terra AC wallbox (JP).This issue affects Terra AC wallbox (UL40/80A): through 1.8.32; Terra AC wallbox (UL32A): through 1.8.2; Terra AC wallbox (MID/ CE) -Terra AC MID: through 1.8.32; Terra AC wallbox (MID/ CE) -Terra AC Juno CE: through 1.8.32; Terra AC wallbox (MID/ CE) -Terra AC PTB: through 1.8.21; Terra AC wallbox (JP): through 1.8.2. | |||||
| CVE-2024-53310 | 2026-04-15 | N/A | 5.5 MEDIUM | ||
| A Structured Exception Handler based buffer overflow vulnerability exists in Effectmatrix Total Video Converter Command Line (TVCC) 2.50 when a specially crafted file is passed to the -ff parameter. The vulnerability occurs due to improper handling of file input with overly long characters, leading to memory corruption. This can result in arbitrary code execution or denial of service. | |||||
| CVE-2024-49775 | 2026-04-15 | N/A | 9.8 CRITICAL | ||
| A vulnerability has been identified in Opcenter Execution Foundation (All versions < V2501.0001), Opcenter Intelligence (All versions < V2501.0001), Opcenter Quality (All versions < V2512), Opcenter RDnL (All versions < V2410), SIMATIC PCS neo V4.0 (All versions), SIMATIC PCS neo V4.1 (All versions < V4.1 Update 3), SIMATIC PCS neo V5.0 (All versions < V5.0 Update 1), SINEC NMS (All versions if operated in conjunction with UMC < V2.15), Totally Integrated Automation Portal (TIA Portal) V16 (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions). Affected products contain a heap-based buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to execute arbitrary code. | |||||
| CVE-2024-6873 | 2026-04-15 | N/A | 8.1 HIGH | ||
| It is possible to crash or redirect the execution flow of the ClickHouse server process from an unauthenticated vector by sending a specially crafted request to the ClickHouse server native interface. This redirection is limited to what is available within a 256-byte range of memory at the time of execution, and no known remote code execution (RCE) code has been produced or exploited. Fixes have been merged to all currently supported version of ClickHouse. If you are maintaining your own forked version of ClickHouse or using an older version and cannot upgrade, the fix for this vulnerability can be found in this commit https://github.com/ClickHouse/ClickHouse/pull/64024 . | |||||
| CVE-2025-65079 | 2026-04-15 | N/A | N/A | ||
| A heap-based buffer overflow vulnerability has been identified in the Postscript interpreter in various Lexmark devices. This vulnerability can be leveraged by an attacker to execute arbitrary code as an unprivileged user. | |||||
| CVE-2024-21886 | 2026-04-15 | N/A | 7.8 HIGH | ||
| A heap buffer overflow flaw was found in the DisableDevice function in the X.Org server. This issue may lead to an application crash or, in some circumstances, remote code execution in SSH X11 forwarding environments. | |||||
| CVE-2024-10254 | 2026-04-15 | N/A | 4.7 MEDIUM | ||
| A potential buffer overflow vulnerability was reported in PC Manager, Lenovo Browser, and Lenovo App Store that could allow a local attacker to cause a system crash. | |||||