Total
13459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-28488 | 1 Intel | 1 Connman | 2025-02-08 | N/A | 6.5 MEDIUM |
|
client.c in gdhcp in ConnMan through 1.41 could be used by network-adjacent attackers (operating a crafted DHCP server) to cause a stack-based buffer overflow and denial of service, terminating the connman process.
|
|||||
| CVE-2023-29086 | 1 Samsung | 12 Exynos 1080, Exynos 1080 Firmware, Exynos 5123 and 9 more | 2025-02-07 | N/A | 6.8 MEDIUM |
|
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Min-SE header.
|
|||||
| CVE-2023-29085 | 1 Samsung | 12 Exynos 1080, Exynos 1080 Firmware, Exynos 5123 and 9 more | 2025-02-07 | N/A | 6.8 MEDIUM |
|
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP status line.
|
|||||
| CVE-2024-39556 | 1 Juniper | 2 Junos, Junos Os Evolved | 2025-02-07 | N/A | 6.4 MEDIUM |
|
A Stack-Based Buffer Overflow vulnerability in Juniper Networks Junos OS and Juniper Networks Junos OS Evolved may allow a local, low-privileged attacker with access to the CLI the ability to load a malicious certificate file, leading to a limited Denial of Service (DoS) or privileged code execution.
By exploiting the 'set security certificates' command with a crafted certificate file, a malicious attacker with access to the CLI could cause a crash of the command management daemon (mgd), limite ...
Show More |
|||||
| CVE-2024-53296 | 1 Dell | 1 Data Domain Operating System | 2025-02-07 | N/A | 2.7 LOW |
|
Dell PowerProtect DD versions prior to 7.10.1.50 and 7.13.1.20 contain a Stack-based Buffer Overflow vulnerability in the RestAPI. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service.
|
|||||
| CVE-2024-20844 | 1 Samsung | 1 Android | 2025-02-07 | N/A | 8.4 HIGH |
|
Out-of-bounds write vulnerability while parsing remaining codewords in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.
|
|||||
| CVE-2024-20845 | 1 Samsung | 1 Android | 2025-02-07 | N/A | 8.4 HIGH |
|
Out-of-bounds write vulnerability while releasing memory in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.
|
|||||
| CVE-2024-20846 | 1 Samsung | 1 Android | 2025-02-07 | N/A | 5.9 MEDIUM |
|
Out-of-bounds write vulnerability while decoding hcr of libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code.
|
|||||
| CVE-2024-20848 | 1 Samsung | 1 Android | 2025-02-07 | N/A | 4.0 MEDIUM |
|
Improper Input Validation vulnerability in text parsing implementation of libsdffextractor prior to SMR Apr-2024 Release 1 allows local attackers to write out-of-bounds memory.
|
|||||
| CVE-2024-20849 | 1 Samsung | 1 Android | 2025-02-07 | N/A | 7.3 HIGH |
|
Out-of-bound Write vulnerability in chunk parsing implementation of libsdffextractor prior to SMR Apr-2023 Release 1 allows local attackers to execute arbitrary code.
|
|||||
| CVE-2024-20842 | 1 Samsung | 1 Android | 2025-02-07 | N/A | 4.2 MEDIUM |
|
Improper Input Validation vulnerability in handling apdu of libsec-ril prior to SMR Apr-2024 Release 1 allows local privileged attackers to write out-of-bounds memory.
|
|||||
| CVE-2024-20843 | 1 Samsung | 1 Android | 2025-02-07 | N/A | 5.6 MEDIUM |
|
Out-of-bound write vulnerability in command parsing implementation of libIfaaCa prior to SMR Apr-2024 Release 1 allows local privileged attackers to execute arbitrary code.
|
|||||
| CVE-2023-29090 | 1 Samsung | 12 Exynos 1080, Exynos 1080 Firmware, Exynos 5123 and 9 more | 2025-02-07 | N/A | 6.8 MEDIUM |
|
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Via header.
|
|||||
| CVE-2023-29088 | 1 Samsung | 12 Exynos 1080, Exynos 1080 Firmware, Exynos 5123 and 9 more | 2025-02-07 | N/A | 6.8 MEDIUM |
|
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Session-Expires header.
|
|||||
| CVE-2023-29087 | 1 Samsung | 12 Exynos 1080, Exynos 1080 Firmware, Exynos 5123 and 9 more | 2025-02-07 | N/A | 6.8 MEDIUM |
|
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Retry-After header.
|
|||||
| CVE-2024-3909 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2025-02-07 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability classified as critical was found in Tenda AC500 2.0.1.9(1307). Affected by this vulnerability is the function formexeCommand of the file /goform/execCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-261145 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any ...
Show More |
|||||
| CVE-2023-29584 | 1 Mp4v2 Project | 1 Mp4v2 | 2025-02-06 | N/A | 8.8 HIGH |
|
mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the MP4GetVideoProfileLevel function at /src/mp4.cpp.
|
|||||
| CVE-2023-29091 | 1 Samsung | 12 Exynos 1080, Exynos 1080 Firmware, Exynos 5123 and 9 more | 2025-02-06 | N/A | 6.8 MEDIUM |
|
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP URI.
|
|||||
| CVE-2025-1020 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-02-06 | N/A | 9.8 CRITICAL |
|
Memory safety bugs present in Firefox 134 and Thunderbird 134. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 135 and Thunderbird < 135.
|
|||||
| CVE-2023-29067 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2025-02-06 | N/A | 7.8 HIGH |
|
A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
|
|||||
| CVE-2023-27915 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2025-02-06 | N/A | 7.8 HIGH |
|
A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 could lead to memory corruption vulnerability by read access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process.
|
|||||
| CVE-2023-27914 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2025-02-06 | N/A | 7.8 HIGH |
|
A maliciously crafted X_B file when parsed through Autodesk® AutoCAD® 2023 can be used to write beyond the allocated buffer causing a Stack Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash or read sensitive data or execute arbitrary code in the context of the current process.
|
|||||
| CVE-2024-30394 | 1 Juniper | 2 Junos, Junos Os Evolved | 2025-02-06 | N/A | 7.5 HIGH |
|
A Stack-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) component of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an rpd crash, leading to Denial of Service (DoS).
On all Junos OS and Junos OS Evolved platforms, when EVPN is configured, and a specific EVPN type-5 route is received via BGP, rpd crashes and restarts. Continuous receipt of this specific route will lead to a sustained Denial of Service (DoS) condition.
This issue ...
Show More |
|||||
| CVE-2022-44512 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-02-06 | N/A | 7.8 HIGH |
|
Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2022-44513 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-02-06 | N/A | 7.8 HIGH |
|
Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2023-7272 | 1 Eclipse | 1 Parsson | 2025-02-06 | N/A | 8.6 HIGH |
|
In Eclipse Parsson before 1.0.4 and 1.1.3, a document with a large depth of nested objects can allow an attacker to cause a Java stack overflow exception and denial of service. Eclipse Parsson allows processing (e.g. parse, generate, transform and query) JSON documents.
|
|||||
| CVE-2023-29665 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2025-02-06 | N/A | 9.8 CRITICAL |
|
D-Link DIR823G_V1.0.2B05 was discovered to contain a stack overflow via the NewPassword parameters in SetPasswdSettings.
|
|||||
| CVE-2023-27909 | 1 Autodesk | 1 Fbx Software Development Kit | 2025-02-06 | N/A | 7.8 HIGH |
|
An Out-Of-Bounds Write Vulnerability in Autodesk® FBX® SDK version 2020 or prior may lead to code execution through maliciously crafted FBX files or information disclosure.
|
|||||
| CVE-2023-27907 | 1 Autodesk | 1 Maya Usd | 2025-02-06 | N/A | 7.8 HIGH |
|
A malicious actor may convince a victim to open a malicious USD file that may trigger an out-of-bounds write vulnerability which may result in code execution.
|
|||||
| CVE-2022-48312 | 1 Huawei | 2 Emui, Harmonyos | 2025-02-06 | N/A | 9.1 CRITICAL |
|
The HwPCAssistant module has the out-of-bounds read/write vulnerability. Successful exploitation of this vulnerability may affect confidentiality and integrity.
|
|||||
| CVE-2024-54522 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-02-06 | N/A | 7.8 HIGH |
|
The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory.
|
|||||
| CVE-2023-27911 | 1 Autodesk | 1 Fbx Software Development Kit | 2025-02-06 | N/A | 7.8 HIGH |
|
A user may be tricked into opening a malicious FBX file that may exploit a heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to code execution.
|
|||||
| CVE-2023-27910 | 1 Autodesk | 1 Fbx Software Development Kit | 2025-02-06 | N/A | 7.8 HIGH |
|
A user may be tricked into opening a malicious FBX file that may exploit a stack buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior which may lead to code execution.
|
|||||
| CVE-2021-45464 | 1 Kvmtool Project | 1 Kvmtool | 2025-02-06 | N/A | 8.8 HIGH |
|
kvmtool through 39181fc allows an out-of-bounds write, related to virtio/balloon.c and virtio/pci.c. This allows a guest OS user to execute arbitrary code on the host machine.
|
|||||
| CVE-2021-43612 | 2 Fedoraproject, Lldpd Project | 2 Fedora, Lldpd | 2025-02-06 | N/A | 7.5 HIGH |
|
In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets.
|
|||||
| CVE-2022-26513 | 1 Intel | 2 Xmm 7560, Xmm 7560 Firmware | 2025-02-05 | N/A | 8.0 HIGH |
|
Out-of-bounds write in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
|
|||||
| CVE-2021-23165 | 1 Htmldoc Project | 1 Htmldoc | 2025-02-05 | 10.0 HIGH | 9.8 CRITICAL |
|
A flaw was found in htmldoc before v1.9.12. Heap buffer overflow in pspdf_prepare_outpages(), in ps-pdf.cxx may lead to execute arbitrary code and denial of service.
|
|||||
| CVE-2022-28085 | 1 Htmldoc Project | 1 Htmldoc | 2025-02-05 | 6.8 MEDIUM | 7.8 HIGH |
|
A flaw was found in htmldoc commit 31f7804. A heap buffer overflow in the function pdf_write_names in ps-pdf.cxx may lead to arbitrary code execution and Denial of Service (DoS).
|
|||||
| CVE-2023-29916 | 1 H3c | 1 Magic R200 Firmware | 2025-02-05 | N/A | 4.9 MEDIUM |
|
H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via the UpdateWanParams interface at /goform/aspForm.
|
|||||
| CVE-2023-29915 | 1 H3c | 1 Magic R200 Firmware | 2025-02-05 | N/A | 4.9 MEDIUM |
|
H3C Magic R200 version R200V100R004 was discovered to contain a stack overflow via CMD parameter at /goform/aspForm.
|
|||||