Total
3900 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-26075 | 1 Samsung | 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more | 2025-02-27 | N/A | 7.6 HIGH |
|
An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Service Area List.
|
|||||
| CVE-2024-53379 | 2025-02-27 | N/A | 7.5 HIGH | ||
|
Heap buffer overflow in the server site handshake implementation in Real Time Logic LLC's SharkSSL version (from 05/05/24) commit 64808a5e12c83b38f85c943dee0112e428dc2a43 allows a remote attacker to trigger a Denial-of-Service via a malformed Client-Hello message.
|
|||||
| CVE-2020-27507 | 1 Kamailio | 1 Kamailio | 2025-02-27 | N/A | 9.8 CRITICAL |
|
The Kamailio SIP before 5.5.0 server mishandles INVITE requests with duplicated fields and overlength tag, leading to a buffer overflow that crashes the server or possibly have unspecified other impact.
|
|||||
| CVE-2023-52612 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-02-27 | N/A | 7.8 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
crypto: scomp - fix req->dst buffer overflow
The req->dst buffer size should be checked before copying from the
scomp_scratch->dst to avoid req->dst buffer overflow problem.
|
|||||
| CVE-2023-26768 | 1 Liblouis | 1 Liblouis | 2025-02-26 | N/A | 7.5 HIGH |
|
Buffer Overflow vulnerability found in Liblouis v.3.24.0 allows a remote attacker to cause a denial of service via the compileTranslationTable.c and lou_setDataPath functions.
|
|||||
| CVE-2024-2331 | 1 Razormist | 1 Tourist Reservation System | 2025-02-26 | 6.5 MEDIUM | 6.3 MEDIUM |
|
A vulnerability was found in SourceCodester Tourist Reservation System 1.0. It has been declared as critical. This vulnerability affects the function ad_writedata of the file System.cpp. The manipulation of the argument ad_code leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-256282 is the identifier assigned to this vulnerability.
|
|||||
| CVE-2023-46271 | 2025-02-20 | N/A | 9.8 CRITICAL | ||
|
Extreme Networks IQ Engine before 10.6r1a, and through 10.6r4 before 10.6r5, has a buffer overflow. This issue arises from the ah_webui service, which listens on TCP port 3009 by default.
|
|||||
| CVE-2024-6351 | 2025-02-18 | N/A | 4.3 MEDIUM | ||
|
A malformed packet can cause a buffer overflow in the NWK/APS layer of the Ember ZNet stack and lead to an assert
|
|||||
| CVE-2023-28508 | 2 Linux, Rocketsoftware | 3 Linux Kernel, Unidata, Universe | 2025-02-18 | N/A | 8.8 HIGH |
|
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a heap-based overflow vulnerability, where certain input can corrupt the heap and crash the forked process.
|
|||||
| CVE-2023-28502 | 2 Linux, Rocketsoftware | 3 Linux Kernel, Unidata, Universe | 2025-02-18 | N/A | 9.8 CRITICAL |
|
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow in the "udadmin" service that can lead to remote code execution as the root user.
|
|||||
| CVE-2025-25530 | 2025-02-18 | N/A | 9.8 CRITICAL | ||
|
Buffer overflow vulnerability in Digital China DCBI-Netlog-LAB Gateway 1.0 due to the lack of length verification, which is related to saving parental control configuration information. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.
|
|||||
| CVE-2024-50090 | 1 Linux | 1 Linux Kernel | 2025-02-18 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
drm/xe/oa: Fix overflow in oa batch buffer
By default xe_bb_create_job() appends a MI_BATCH_BUFFER_END to batch
buffer, this is not a problem if batch buffer is only used once but
oa reuses the batch buffer for the same metric and at each call
it appends a MI_BATCH_BUFFER_END, printing the warning below and then
overflowing.
[ 381.072016] ------------[ cut here ]------------
[ 381.072019] xe 0000:00:02.0: [drm] Assertion `b ...
Show More |
|||||
| CVE-2023-28506 | 2 Linux, Rocketsoftware | 3 Linux Kernel, Unidata, Universe | 2025-02-18 | N/A | 8.8 HIGH |
|
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow, where a string is copied into a buffer using a memcpy-like function and a user-provided length. This requires a valid login to exploit.
|
|||||
| CVE-2023-28505 | 2 Linux, Rocketsoftware | 3 Linux Kernel, Unidata, Universe | 2025-02-18 | N/A | 8.8 HIGH |
|
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a buffer overflow in an API function, where a string is copied into a caller-provided buffer without checking the length. This requires a valid login to exploit.
|
|||||
| CVE-2023-28504 | 2 Linux, Rocketsoftware | 3 Linux Kernel, Unidata, Universe | 2025-02-18 | N/A | 9.8 CRITICAL |
|
Rocket Software UniData versions prior to 8.2.4 build 3003 and UniVerse versions prior to 11.3.5 build 1001 or 12.2.1 build 2002 suffer from a stack-based buffer overflow that can lead to remote code execution as the root user.
|
|||||
| CVE-2023-39454 | 1 Elecom | 6 Wrc-x1800gs-b, Wrc-x1800gs-b Firmware, Wrc-x1800gsa-b and 3 more | 2025-02-17 | N/A | 9.8 CRITICAL |
|
Buffer overflow vulnerability exists in ELECOM wireless LAN routers, which may allow an unauthenticated attacker to execute arbitrary code.
|
|||||
| CVE-2021-47107 | 1 Linux | 1 Linux Kernel | 2025-02-14 | N/A | 7.8 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
NFSD: Fix READDIR buffer overflow
If a client sends a READDIR count argument that is too small (say,
zero), then the buffer size calculation in the new init_dirlist
helper functions results in an underflow, allowing the XDR stream
functions to write beyond the actual buffer.
This calculation has always been suspect. NFSD has never sanity-
checked the READDIR count argument, but the old entry encoders
managed the problem corre ...
Show More |
|||||
| CVE-2025-25529 | 2025-02-13 | N/A | 5.1 MEDIUM | ||
|
Buffer overflow vulnerability in Digital China DCBC Gateway 200-2.1.1 due to the lack of length verification, which is related to the configuration of static NAT rules. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.
|
|||||
| CVE-2025-25526 | 2025-02-13 | N/A | 5.1 MEDIUM | ||
|
Buffer overflow vulnerability in Mercury MIPC552W Camera v1.0 due to the lack of length verification, which is related to the configuration of the PPTP server. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.
|
|||||
| CVE-2025-25525 | 2025-02-13 | N/A | 5.1 MEDIUM | ||
|
Buffer overflow vulnerability in H3C FA3010L access points SWFA1B0V100R005 due to the lack of length verification, which is related to the setting of firewall rules. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands.
|
|||||
| CVE-2024-2452 | 1 Eclipse | 1 Threadx Netx Duo | 2025-02-13 | N/A | 7.0 HIGH |
|
In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control
parameters of __portable_aligned_alloc() could cause an integer
wrap-around and an allocation smaller than expected. This could cause
subsequent heap buffer overflows.
|
|||||
| CVE-2023-5753 | 1 Zephyrproject | 1 Zephyr | 2025-02-13 | N/A | 6.3 MEDIUM |
|
Potential buffer overflows in the Bluetooth subsystem due to asserts being disabled in /subsys/bluetooth/host/hci_core.c
|
|||||
| CVE-2023-5184 | 1 Zephyrproject | 1 Zephyr | 2025-02-13 | N/A | 7.0 HIGH |
|
Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers.
|
|||||
| CVE-2023-4264 | 1 Zephyrproject | 1 Zephyr | 2025-02-13 | N/A | 7.1 HIGH |
|
Potential buffer overflow vulnerabilities n the Zephyr Bluetooth subsystem.
|
|||||
| CVE-2023-4260 | 1 Zephyrproject | 1 Zephyr | 2025-02-13 | N/A | 6.3 MEDIUM |
|
Potential off-by-one buffer overflow vulnerability in the Zephyr fuse file system.
|
|||||
| CVE-2023-4163 | 1 Broadcom | 1 Fabric Operating System | 2025-02-13 | N/A | 4.4 MEDIUM |
|
In
Brocade Fabric OS before v9.2.0a, a local authenticated privileged user
can trigger a buffer overflow condition, leading to a kernel panic with
large input to buffers in the portcfgfportbuffers command.
|
|||||
| CVE-2023-3494 | 1 Freebsd | 1 Freebsd | 2025-02-13 | N/A | 8.8 HIGH |
|
The fwctl driver implements a state machine which is executed when a bhyve guest accesses certain x86 I/O ports. The interface lets the guest copy a string into a buffer resident in the bhyve process' memory. A bug in the state machine implementation can result in a buffer overflowing when copying this string. Malicious, privileged software running in a guest VM can exploit the buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root, m ...
Show More |
|||||
| CVE-2023-31431 | 1 Broadcom | 1 Brocade Fabric Operating System | 2025-02-13 | N/A | 5.5 MEDIUM |
|
A buffer overflow vulnerability in “diagstatus” command in Brocade Fabric OS before Brocade Fabric v9.2.0 and v9.1.1c could allow an authenticated user to crash the Brocade Fabric OS switch leading to a denial of service.
|
|||||
| CVE-2023-31430 | 1 Broadcom | 1 Brocade Fabric Operating System | 2025-02-13 | N/A | 5.5 MEDIUM |
|
A buffer overflow vulnerability in “secpolicydelete” command in Brocade Fabric OS before Brocade Fabric OS v9.1.1c and v9.2.0 could allow an authenticated privileged user to crash the Brocade Fabric OS switch leading to a denial of service.
|
|||||
| CVE-2020-23257 | 1 Espruino | 1 Espruino | 2025-02-13 | N/A | 7.5 HIGH |
|
Buffer Overflow vulnerability found in Espruino 2v05.41 allows an attacker to cause a denial of service via the function jsvGarbageCollectMarkUsed in file src/jsvar.c.
|
|||||
| CVE-2023-26733 | 1 Tinytiff Project | 1 Tinytiff | 2025-02-13 | N/A | 7.8 HIGH |
|
Buffer Overflow vulnerability found in tinyTIFF v.3.0 allows a local attacker to cause a denial of service via the TinyTiffReader_readNextFrame function in tinytiffreader.c file.
|
|||||
| CVE-2024-0144 | 2025-02-12 | N/A | 6.8 MEDIUM | ||
|
NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a buffer overflow issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to data tampering.
|
|||||
| CVE-2024-50664 | 1 Gpac | 1 Gpac | 2025-02-11 | N/A | 7.8 HIGH |
|
gpac 2.4 contains a heap-buffer-overflow at isomedia/sample_descs.c:1799 in gf_isom_new_mpha_description in gpac/MP4Box.
|
|||||
| CVE-2020-24736 | 1 Ghost | 1 Sqlite3 | 2025-02-11 | N/A | 5.5 MEDIUM |
|
Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script.
|
|||||
| CVE-2025-0303 | 1 Openatom | 1 Openharmony | 2025-02-11 | N/A | 8.8 HIGH |
|
in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through buffer overflow.
|
|||||
| CVE-2024-35106 | 2025-02-11 | N/A | 4.6 MEDIUM | ||
|
NEXTU FLETA AX1500 WIFI6 v1.0.3 was discovered to contain a buffer overflow at /boafrm/formIpQoS. This vulnerability allows attackers to cause a Denial of Service (DoS) or potentially arbitrary code execution via a crafted POST request.
|
|||||
| CVE-2022-47336 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-02-10 | N/A | 5.5 MEDIUM |
|
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
|
|||||
| CVE-2022-47335 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-02-10 | N/A | 5.5 MEDIUM |
|
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
|
|||||
| CVE-2022-47464 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-02-10 | N/A | 5.5 MEDIUM |
|
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
|
|||||
| CVE-2022-47463 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-02-10 | N/A | 5.5 MEDIUM |
|
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.
|
|||||