Total
13527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-24117 | 1 Heimgardtechnologies | 2 Eagle 1200ac, Eagle 1200ac Firmware | 2025-03-07 | N/A | 6.5 MEDIUM |
| Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepauth_5g parameter at /goform/WifiBasicSet. | |||||
| CVE-2022-47665 | 1 Struktur | 1 Libde265 | 2025-03-07 | N/A | 7.8 HIGH |
| Libde265 1.0.9 has a heap buffer overflow vulnerability in de265_image::set_SliceAddrRS(int, int, int) | |||||
| CVE-2024-53031 | 1 Qualcomm | 52 Qam8255p, Qam8255p Firmware, Qam8295p and 49 more | 2025-03-07 | N/A | 7.8 HIGH |
| Memory corruption while reading a type value from a buffer controlled by the Guest Virtual Machine. | |||||
| CVE-2024-53030 | 1 Qualcomm | 88 Msm8996au, Msm8996au Firmware, Qam8255p and 85 more | 2025-03-07 | N/A | 7.8 HIGH |
| Memory corruption while processing input message passed from FE driver. | |||||
| CVE-2024-53022 | 1 Qualcomm | 46 Qam8255p, Qam8255p Firmware, Qam8295p and 43 more | 2025-03-06 | N/A | 7.8 HIGH |
| Memory corruption may occur during communication between primary and guest VM. | |||||
| CVE-2023-20626 | 2 Google, Mediatek | 27 Android, Mt6739, Mt6761 and 24 more | 2025-03-06 | N/A | 6.7 MEDIUM |
| In msdc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07405223; Issue ID: ALPS07405223. | |||||
| CVE-2023-32560 | 1 Ivanti | 1 Avalanche | 2025-03-06 | N/A | 9.8 CRITICAL |
| An attacker can send a specially crafted message to the Wavelink Avalanche Manager, which could result in service disruption or arbitrary code execution. Thanks to a Researcher at Tenable for finding and reporting. Fixed in version 6.4.1. | |||||
| CVE-2025-0848 | 1 Tenda | 2 A18, A18 Firmware | 2025-03-06 | 6.8 MEDIUM | 6.5 MEDIUM |
| A vulnerability was found in Tenda A18 up to 15.13.07.09. It has been rated as critical. This issue affects the function SetCmdlineRun of the file /goform/SetCmdlineRun of the component HTTP POST Request Handler. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2020-24829 | 1 Gpac | 1 Gpac | 2025-03-05 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in GPAC from v0.5.2 to v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_section_complete in media_tools/mpegts.c that can cause a denial of service (DOS) via a crafted MP4 file. | |||||
| CVE-2024-45780 | 2025-03-05 | N/A | 6.7 MEDIUM | ||
| A flaw was found in grub2. When reading tar files, grub2 allocates an internal buffer for the file name. However, it fails to properly verify the allocation against possible integer overflows. It's possible to cause the allocation length to overflow with a crafted tar file, leading to a heap out-of-bounds write. This flaw eventually allows an attacker to circumvent secure boot protections. | |||||
| CVE-2023-20632 | 2 Google, Mediatek | 25 Android, Mt6580, Mt6735 and 22 more | 2025-03-05 | N/A | 6.7 MEDIUM |
| In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628506; Issue ID: ALPS07628506. | |||||
| CVE-2023-20630 | 2 Google, Mediatek | 25 Android, Mt6580, Mt6735 and 22 more | 2025-03-05 | N/A | 6.7 MEDIUM |
| In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628505; Issue ID: ALPS07628505. | |||||
| CVE-2025-25744 | 1 Dlink | 2 Dir-853, Dir-853 Firmware | 2025-03-05 | N/A | 9.8 CRITICAL |
| D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the Password parameter in the SetDynamicDNSSettings module. | |||||
| CVE-2025-25742 | 1 Dlink | 2 Dir-853, Dir-853 Firmware | 2025-03-05 | N/A | 9.8 CRITICAL |
| D-Link DIR-853 A1 FW1.20B07 was discovered to contain a stack-based buffer overflow vulnerability via the AccountPassword parameter in the SetSysEmailSettings module. | |||||
| CVE-2025-1471 | 1 Eclipse | 1 Omr | 2025-03-05 | N/A | 7.8 HIGH |
| In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print functions use a constant length buffer for string conversion. If the input format string and arguments are larger than the buffer size then buffer overflow occurs. Beginning in version 0.5.0, the conversion buffers are sized correctly and checked appropriately to prevent buffer overflows. | |||||
| CVE-2020-16291 | 3 Artifex, Canonical, Debian | 3 Ghostscript, Ubuntu Linux, Debian Linux | 2025-03-04 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | |||||
| CVE-2024-54094 | 1 Siemens | 1 Solid Edge Se2024 | 2025-03-04 | N/A | 7.8 HIGH |
| A vulnerability has been identified in Solid Edge SE2024 (All versions < V224.0 Update 5). The affected application is vulnerable to heap-based buffer overflow while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2025-23420 | 1 Openatom | 1 Openharmony | 2025-03-04 | N/A | 3.8 LOW |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios. | |||||
| CVE-2025-24309 | 1 Openatom | 1 Openharmony | 2025-03-04 | N/A | 3.8 LOW |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios. | |||||
| CVE-2025-0840 | 1 Gnu | 1 Binutils | 2025-03-04 | 5.1 MEDIUM | 5.0 MEDIUM |
| A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemble_bytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.44 is able to address this issue. The identifier of the patch is baac6c221e9d69335bf41366a1c7d87d8ab2f893. It is recommended to upgrade the affected component. | |||||