Total
14148 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-29030 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-19 | 9.8 Critical |
| Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function. | ||||
| CVE-2023-24990 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-03-19 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19812) | ||||
| CVE-2023-24991 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-03-19 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19813) | ||||
| CVE-2023-24994 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-03-19 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19816) | ||||
| CVE-2023-24995 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-03-19 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19817) | ||||
| CVE-2025-20636 | 2 Google, Mediatek | 45 Android, Mt6580, Mt6739 and 42 more | 2025-03-19 | 6.7 Medium |
| In secmem, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09403554; Issue ID: MSV-2431. | ||||
| CVE-2024-41443 | 1 Dbohdan | 1 Hicolor | 2025-03-19 | 5.5 Medium |
| A stack overflow in the function cp_dynamic() (/vendor/cute_png.h) of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file. | ||||
| CVE-2023-20949 | 1 Google | 1 Android | 2025-03-19 | 5.5 Medium |
| In s2mpg11_pmic_probe of s2mpg11-regulator.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-259323133References: N/A | ||||
| CVE-2022-45587 | 1 Xpdfreader | 1 Xpdf | 2025-03-19 | 5.5 Medium |
| Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpdf 4.04, allows local attackers to cause a denial of service. | ||||
| CVE-2022-45586 | 1 Xpdfreader | 1 Xpdf | 2025-03-19 | 5.5 Medium |
| Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in xpdf 4.04, allows local attackers to cause a denial of service. | ||||
| CVE-2023-40110 | 1 Google | 1 Android | 2025-03-19 | 6.2 Medium |
| In multiple functions of MtpPacket.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2023-24996 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-03-19 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19818) | ||||
| CVE-2022-40080 | 1 Acer | 2 Aspire E5-475g, Aspire E5-475g Firmware | 2025-03-19 | 7.8 High |
| Stack overflow vulnerability in Aspire E5-475G 's BIOS firmware, in the FpGui module, a second call to GetVariable services allows local attackers to execute arbitrary code in the UEFI DXE phase and gain escalated privileges. | ||||
| CVE-2021-43529 | 2 Mozilla, Redhat | 3 Thunderbird, Enterprise Linux, Rhel Eus | 2025-03-19 | 9.8 Critical |
| Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures. | ||||
| CVE-2021-32142 | 2 Libraw, Redhat | 2 Libraw, Enterprise Linux | 2025-03-19 | 7.8 High |
| Buffer Overflow vulnerability in LibRaw linux/unix v0.20.0 allows attacker to escalate privileges via the LibRaw_buffer_datastream::gets(char*, int) in /src/libraw/src/libraw_datastream.cpp. | ||||
| CVE-2024-24422 | 1 Linuxfoundation | 1 Magma | 2025-03-19 | 7.5 High |
| The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a stack overflow in the decode_protocol_configuration_options function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet. | ||||
| CVE-2022-23815 | 1 Amd | 36 Athlon 3000g, Athlon Gold 3150g, Athlon Gold 3150g Firmware and 33 more | 2025-03-18 | 7.5 High |
| Improper bounds checking in APCB firmware may allow an attacker to perform an out of bounds write, corrupting the APCB entry, potentially leading to arbitrary code execution. | ||||
| CVE-2024-44552 | 1 Tenda | 2 Ax1806, Ax1806 Firmware | 2025-03-18 | 6.6 Medium |
| Tenda AX1806 v1.0.0.1 contains a stack overflow via the adv.iptv.stballvlans parameter in the function formGetIptv. | ||||
| CVE-2024-27383 | 1 Samsung | 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more | 2025-03-18 | 6.7 Medium |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_get_scan_extra_ies(), there is no input validation check on default_ies coming from userspace, which can lead to a heap overwrite. | ||||
| CVE-2021-32419 | 1 Schismtracker | 1 Schism Tracker | 2025-03-18 | 5.3 Medium |
| An issue in Schism Tracker v20200412 fixed in v.20200412 allows attacker to obtain sensitive information via the fmt_mtm_load_song function in fmt/mtm.c. | ||||