Total
12745 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-4544 | 1 Dlink | 2 Di-8100, Di-8100 Firmware | 2025-05-22 | 6.8 MEDIUM | 6.6 MEDIUM |
| A vulnerability was found in D-Link DI-8100 up to 16.07.26A1 and classified as critical. This issue affects some unknown processing of the file /ddos.asp of the component jhttpd. The manipulation of the argument def_max/def_time/def_tcp_max/def_tcp_time/def_udp_max/def_udp_time/def_icmp_max leads to stack-based buffer overflow. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. | |||||
| CVE-2024-0517 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-22 | N/A | 8.8 HIGH |
| Out of bounds write in V8 in Google Chrome prior to 120.0.6099.224 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2022-40103 | 1 Tenda | 2 I9, I9 Firmware | 2025-05-22 | N/A | 5.5 MEDIUM |
| Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formSetAutoPing function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string. | |||||
| CVE-2022-40102 | 1 Tenda | 2 I9, I9 Firmware | 2025-05-22 | N/A | 7.5 HIGH |
| Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formwrlSSIDset function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string. | |||||
| CVE-2022-40101 | 1 Tenda | 2 I9, I9 Firmware | 2025-05-22 | N/A | 7.5 HIGH |
| Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formWifiMacFilterSet function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string. | |||||
| CVE-2022-32821 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-22 | N/A | 7.8 HIGH |
| A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.7, tvOS 15.6, iOS 15.6 and iPadOS 15.6, macOS Monterey 12.5. An app may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2020-36773 | 1 Artifex | 1 Ghostscript | 2025-05-22 | N/A | 9.8 CRITICAL |
| Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a single character code in a PDF document can map to more than one Unicode code point (e.g., for a ligature). | |||||
| CVE-2022-40106 | 1 Tenda | 2 I9, I9 Firmware | 2025-05-22 | N/A | 7.5 HIGH |
| Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the set_local_time function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string. | |||||
| CVE-2022-32798 | 1 Apple | 1 Macos | 2025-05-22 | N/A | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.5. An app may be able to gain elevated privileges. | |||||
| CVE-2022-40107 | 1 Tenda | 2 I9, I9 Firmware | 2025-05-22 | N/A | 7.5 HIGH |
| Tenda i9 v1.0.0.8(3828) was discovered to contain a buffer overflow via the formexeCommand function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted string. | |||||
| CVE-2022-3195 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-22 | N/A | 8.8 HIGH |
| Out of bounds write in Storage in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2022-2853 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2025-05-22 | N/A | 8.8 HIGH |
| Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-22629 | 1 Apple | 7 Ipados, Iphone Os, Itunes and 4 more | 2025-05-22 | N/A | 8.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2022-40784 | 1 Mipcm | 2 Mipc Camera, Mipc Camera Firmware | 2025-05-22 | N/A | 8.8 HIGH |
| Unlimited strcpy on user input when setting a locale file leads to stack buffer overflow in mIPC camera firmware 5.3.1.2003161406. | |||||
| CVE-2022-3045 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-22 | N/A | 8.8 HIGH |
| Insufficient validation of untrusted input in V8 in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2024-50203 | 1 Linux | 1 Linux Kernel | 2025-05-22 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix address emission with tag-based KASAN enabled When BPF_TRAMP_F_CALL_ORIG is enabled, the address of a bpf_tramp_image struct on the stack is passed during the size calculation pass and an address on the heap is passed during code generation. This may cause a heap buffer overflow if the heap address is tagged because emit_a64_mov_i64() will emit longer code than it did during the size calculation pass. The same problem could occur without tag-based KASAN if one of the 16-bit words of the stack address happened to be all-ones during the size calculation pass. Fix the problem by assuming the worst case (4 instructions) when calculating the size of the bpf_tramp_image address emission. | |||||
| CVE-2025-20963 | 1 Samsung | 1 Android | 2025-05-21 | N/A | 6.6 MEDIUM |
| Out-of-bounds write in memory initialization in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory. | |||||
| CVE-2025-20964 | 1 Samsung | 1 Android | 2025-05-21 | N/A | 6.6 MEDIUM |
| Out-of-bounds write in parsing media files in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory. | |||||
| CVE-2025-4883 | 1 Dlink | 2 Di-8100g, Di-8100g Firmware | 2025-05-21 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been declared as critical. This vulnerability affects the function ctxz_asp of the file /ctxz.asp of the component Connection Limit Page. The manipulation of the argument def/defTcp/defUdp/defIcmp/defOther leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-3052 | 2 Fedoraproject, Google | 4 Fedora, Chrome, Chrome Os and 1 more | 2025-05-21 | N/A | 8.8 HIGH |
| Heap buffer overflow in Window Manager in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. | |||||