Total
12256 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-43250 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2025-05-02 | N/A | 6.5 MEDIUM |
| Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_qpel_0_0_fallback_16 in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||||
| CVE-2022-43249 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2025-05-02 | N/A | 6.5 MEDIUM |
| Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_hv_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||||
| CVE-2022-43248 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2025-05-02 | N/A | 6.5 MEDIUM |
| Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_weighted_pred_avg_16_fallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||||
| CVE-2022-43237 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2025-05-02 | N/A | 6.5 MEDIUM |
| Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via void put_epel_hv_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||||
| CVE-2022-43236 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2025-05-02 | N/A | 6.5 MEDIUM |
| Libde265 v1.0.8 was discovered to contain a stack-buffer-overflow vulnerability via put_qpel_fallback<unsigned short> in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||||
| CVE-2022-43235 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2025-05-02 | N/A | 6.5 MEDIUM |
| Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via ff_hevc_put_hevc_epel_pixels_8_sse in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted video file. | |||||
| CVE-2021-37789 | 2 Debian, Stb Project | 2 Debian Linux, Stb | 2025-05-02 | N/A | 8.1 HIGH |
| stb_image.h 2.27 has a heap-based buffer over in stbi__jpeg_load, leading to Information Disclosure or Denial of Service. | |||||
| CVE-2022-43107 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2025-05-02 | N/A | 9.8 CRITICAL |
| Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the time parameter in the setSmartPowerManagement function. | |||||
| CVE-2022-43106 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2025-05-02 | N/A | 9.8 CRITICAL |
| Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the schedStartTime parameter in the setSchedWifi function. | |||||
| CVE-2022-43101 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2025-05-02 | N/A | 9.8 CRITICAL |
| Tenda AC23 V16.03.07.45_cn was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function. | |||||
| CVE-2022-38582 | 1 Watchdog | 1 Anti-virus | 2025-05-02 | N/A | 6.5 MEDIUM |
| Incorrect access control in the anti-virus driver wsdkd.sys of Watchdog Antivirus v1.4.158 allows attackers to write arbitrary files. | |||||
| CVE-2022-32605 | 2 Google, Mediatek | 4 Android, Mt6879, Mt6895 and 1 more | 2025-05-02 | N/A | 6.7 MEDIUM |
| In isp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07213898; Issue ID: ALPS07213898. | |||||
| CVE-2022-32603 | 2 Google, Mediatek | 7 Android, Mt6879, Mt6893 and 4 more | 2025-05-02 | N/A | 6.7 MEDIUM |
| In gpu drm, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310704; Issue ID: ALPS07310704. | |||||
| CVE-2022-37903 | 1 Arubanetworks | 12 7005, 7008, 7010 and 9 more | 2025-05-02 | N/A | 7.2 HIGH |
| A vulnerability exists that allows an authenticated attacker to overwrite an arbitrary file with attacker-controlled content via the web interface. Successful exploitation of this vulnerability could lead to full compromise the underlying host operating system. | |||||
| CVE-2025-35975 | 2025-05-02 | N/A | 8.8 HIGH | ||
| MicroDicom DICOM Viewer is vulnerable to an out-of-bounds write which may allow an attacker to execute arbitrary code. The user must open a malicious DCM file for exploitation. | |||||
| CVE-2024-46774 | 1 Linux | 1 Linux Kernel | 2025-05-02 | N/A | 7.1 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() Smatch warns: arch/powerpc/kernel/rtas.c:1932 __do_sys_rtas() warn: potential spectre issue 'args.args' [r] (local cap) The 'nargs' and 'nret' locals come directly from a user-supplied buffer and are used as indexes into a small stack-based array and as inputs to copy_to_user() after they are subject to bounds checks. Use array_index_nospec() after the bounds checks to clamp these values for speculative execution. | |||||
| CVE-2024-44938 | 1 Linux | 1 Linux Kernel | 2025-05-02 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: jfs: Fix shift-out-of-bounds in dbDiscardAG When searching for the next smaller log2 block, BLKSTOL2() returned 0, causing shift exponent -1 to be negative. This patch fixes the issue by exiting the loop directly when negative shift is found. | |||||
| CVE-2023-5168 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2025-05-01 | N/A | 9.8 CRITICAL |
| A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. | |||||
| CVE-2022-32611 | 2 Google, Mediatek | 4 Android, Mt6879, Mt6895 and 1 more | 2025-05-01 | N/A | 6.7 MEDIUM |
| In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07340373; Issue ID: ALPS07340373. | |||||
| CVE-2022-44319 | 1 Picoc Project | 1 Picoc | 2025-05-01 | N/A | 5.5 MEDIUM |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StdioBasePrintf function in cstdlib/string.c when called from ExpressionParseFunctionCall. | |||||