Total
13459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-32911 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-29 | N/A | 7.8 HIGH |
|
The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to execute arbitrary code with kernel privileges.
|
|||||
| CVE-2022-32908 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-29 | N/A | 7.8 HIGH |
|
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. A user may be able to elevate privileges.
|
|||||
| CVE-2022-32886 | 3 Apple, Debian, Fedoraproject | 5 Ipados, Iphone Os, Safari and 2 more | 2025-05-29 | N/A | 8.8 HIGH |
|
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.
|
|||||
| CVE-2023-32854 | 2 Google, Mediatek | 20 Android, Mt6835, Mt6879 and 17 more | 2025-05-29 | N/A | 6.7 MEDIUM |
|
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08240132; Issue ID: ALPS08240132.
|
|||||
| CVE-2024-12988 | 1 Netgear | 4 R6900p, R6900p Firmware, R7000p and 1 more | 2025-05-28 | 7.5 HIGH | 7.3 HIGH |
|
A vulnerability has been found in Netgear R6900P and R7000P 1.3.3.154 and classified as critical. Affected by this vulnerability is the function sub_16C4C of the component HTTP Header Handler. The manipulation of the argument Host leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
|
|||||
| CVE-2025-4050 | 1 Google | 1 Chrome | 2025-05-28 | N/A | 8.8 HIGH |
|
Out of bounds memory access in DevTools in Google Chrome prior to 136.0.7103.59 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Medium)
|
|||||
| CVE-2022-40250 | 2 Ami, Intel | 5 Aptio V, Nuc M15 Laptop Kit Lapbc510, Nuc M15 Laptop Kit Lapbc510 Firmware and 2 more | 2025-05-28 | N/A | 8.8 HIGH |
|
An attacker can exploit this vulnerability to elevate privileges from ring 0 to ring -2, execute arbitrary code in System Management Mode - an environment more privileged than operating system (OS) and completely isolated from it. Running arbitrary code in SMM additionally bypasses SMM-based SPI flash protections against modifications, which can help an attacker to install a firmware backdoor/implant into BIOS. Such a malicious firmware code in BIOS could persist across operating system re-insta ...
Show More |
|||||
| CVE-2022-40246 | 1 Intel | 4 Nuc M15 Laptop Kit Lapbc510, Nuc M15 Laptop Kit Lapbc510 Firmware, Nuc M15 Laptop Kit Lapbc710 and 1 more | 2025-05-28 | N/A | 7.2 HIGH |
|
A potential attacker can write one byte by arbitrary address at the time of the PEI phase (only during S3 resume boot mode) and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines (VMs) and bypassing memory isolation and confidential computing boundaries. Additionally, an attacker can build a payload which can be injected into the SMRAM memory. This issue affects: Module name: Sb ...
Show More |
|||||
| CVE-2025-2151 | 1 Assimp | 1 Assimp | 2025-05-28 | 7.5 HIGH | 6.3 MEDIUM |
|
A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function Assimp::GetNextLine in the library ParsingUtils.h of the component File Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-2308 | 1 Hdfgroup | 1 Hdf5 | 2025-05-28 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability, which was classified as critical, was found in HDF5 1.14.6. This affects the function H5Z__scaleoffset_decompress_one_byte of the component Scale-Offset Filter. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release.
|
|||||
| CVE-2025-2309 | 1 Hdfgroup | 1 Hdf5 | 2025-05-28 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability has been found in HDF5 1.14.6 and classified as critical. This vulnerability affects the function H5T__bit_copy of the component Type Conversion Logic. The manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release.
|
|||||
| CVE-2025-2310 | 1 Hdfgroup | 1 Hdf5 | 2025-05-28 | 4.3 MEDIUM | 5.3 MEDIUM |
|
A vulnerability was found in HDF5 1.14.6 and classified as critical. This issue affects the function H5MM_strndup of the component Metadata Attribute Decoder. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor plans to fix this issue in an upcoming release.
|
|||||
| CVE-2024-25423 | 1 Nemetschek | 1 Cinema 4d | 2025-05-28 | N/A | 7.0 HIGH |
|
An issue in MAXON CINEMA 4D R2024.2.0 allows a local attacker to execute arbitrary code via a crafted c4d_base.xdl64 file.
|
|||||
| CVE-2023-49404 | 1 Tenda | 2 W30e, W30e Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
|
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formAdvancedSetListSet.
|
|||||
| CVE-2022-40008 | 1 Swftools | 1 Swftools | 2025-05-28 | N/A | 9.8 CRITICAL |
|
SWFTools commit 772e55a was discovered to contain a heap-buffer overflow via the function readU8 at /lib/ttf.c.
|
|||||
| CVE-2022-35090 | 1 Swftools | 1 Swftools | 2025-05-28 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a heap-buffer overflow via __asan_memcpy at /asan/asan_interceptors_memintrinsics.cpp:.
|
|||||
| CVE-2022-35088 | 1 Swftools | 1 Swftools | 2025-05-28 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a heap buffer-overflow via getGifDelayTime at /home/bupt/Desktop/swftools/src/src/gif2swf.c.
|
|||||
| CVE-2022-35087 | 1 Swftools | 1 Swftools | 2025-05-28 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via MovieAddFrame at /src/gif2swf.c.
|
|||||
| CVE-2022-35086 | 1 Swftools | 1 Swftools | 2025-05-28 | N/A | 5.5 MEDIUM |
|
SWFTools commit 772e55a2 was discovered to contain a segmentation violation via /multiarch/memmove-vec-unaligned-erms.S.
|
|||||
| CVE-2020-36602 | 1 Huawei | 16 576up005 Hota-cm-h-shark-bd, 576up005 Hota-cm-h-shark-bd Firmware, 577hota-cm-h-shark-bd and 13 more | 2025-05-28 | N/A | 6.1 MEDIUM |
|
There is an out-of-bounds read and write vulnerability in some headset products. An unauthenticated attacker gets the device physically and crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause out-of-bounds read and write.
|
|||||
| CVE-2025-3136 | 1 Linuxfoundation | 1 Pytorch | 2025-05-28 | 1.7 LOW | 3.3 LOW |
|
A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0. This issue affects the function torch.cuda.memory.caching_allocator_delete of the file c10/cuda/CUDACachingAllocator.cpp. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used.
|
|||||
| CVE-2025-41649 | 2025-05-28 | N/A | 7.5 HIGH | ||
|
An unauthenticated remote attacker can exploit insufficient input validation to write data beyond the bounds of a buffer, potentially leading to a denial-of-service condition for the devices.
|
|||||
| CVE-2024-52274 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
|
Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoubleL2tpConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50
|
|||||
| CVE-2024-52273 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
|
Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (setDoublePppoeConfig->guest_ip_check(overflow arg: mask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50
|
|||||
| CVE-2024-52272 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
|
Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromAdvSetLanip(overflow arg:lanMask) modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50
|
|||||
| CVE-2024-52275 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-05-28 | N/A | 9.8 CRITICAL |
|
Stack-based Buffer Overflow vulnerability in Shenzhen Tenda Technology Co Tenda AC6V2 (fromWizardHandle modules) allows Overflow Buffers.This issue affects Tenda AC6V2: through 15.03.06.50.
|
|||||
| CVE-2024-7139 | 2025-05-28 | N/A | 6.5 MEDIUM | ||
|
Due to an unchecked buffer length, a specially crafted L2CAP packet can cause a buffer overflow. This buffer overflow triggers an assert, which results in a temporary denial of service.
If a watchdog timer is not enabled, a hard reset is required to recover the device.
|
|||||
| CVE-2024-7137 | 2025-05-28 | N/A | 6.5 MEDIUM | ||
|
The L2CAP receive data buffer for L2CAP packets is restricted to packet sizes smaller than the maximum supported packet size. Receiving a packet that exceeds the restricted buffer length may cause a crash. A hard reset is required to recover the crashed device.
|
|||||
| CVE-2024-4291 | 1 Tenda | 2 A301, A301 Firmware | 2025-05-28 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability was found in Tenda A301 15.13.08.12_multi_TDE01. It has been rated as critical. This issue affects the function formAddMacfilterRule of the file /goform/setBlackRule. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-262223. NOTE: The vendor was contacted early about this disclosure but did not r ...
Show More |
|||||
| CVE-2022-32843 | 1 Apple | 2 Mac Os X, Macos | 2025-05-27 | N/A | 7.1 HIGH |
|
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Security Update 2022-005 Catalina, macOS Big Sur 11.6.8, macOS Monterey 12.5. Processing a maliciously crafted Postscript file may result in unexpected app termination or disclosure of process memory.
|
|||||
| CVE-2022-40262 | 2 Ami, Intel | 3 Aptio V, Server Board M10jnp2sb, Server Board M10jnp2sb Firmware | 2025-05-27 | N/A | 8.2 HIGH |
|
A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines (VMs) and bypassing memory isolation and confidential computing boundaries. Additionally, an attacker can build a payload which can be injected into the SMRAM memory. This issue affects: Module name: S3Resume2Pei SHA256: 7bb29f05534a8a1e010443213 ...
Show More |
|||||
| CVE-2022-26873 | 2 Ami, Intel | 5 Aptio V, Nuc M15 Laptop Kit Lapbc510, Nuc M15 Laptop Kit Lapbc510 Firmware and 2 more | 2025-05-27 | N/A | 8.2 HIGH |
|
A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosure, discovery of any secrets from any Virtual Machines (VMs) and bypassing memory isolation and confidential computing boundaries. Additionally, an attacker can build a payload which can be injected into the SMRAM memory. This issue affects: Module name: PlatformInitAdvancedPreMem SHA256: 644044fdb8d ...
Show More |
|||||
| CVE-2023-32216 | 1 Mozilla | 1 Firefox | 2025-05-27 | N/A | 9.8 CRITICAL |
|
Mozilla developers and community members Ronald Crane, Andrew McCreight, Randell Jesup and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 112. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 113.
|
|||||
| CVE-2023-32215 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2025-05-27 | N/A | 8.8 HIGH |
|
Mozilla developers and community members Gabriele Svelto, Andrew Osmond, Emily McDonough, Sebastian Hengst, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 112 and Firefox ESR 102.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11.
|
|||||
| CVE-2023-48421 | 1 Google | 1 Android | 2025-05-27 | N/A | 7.8 HIGH |
|
In gpu_pixel_handle_buffer_liveness_update_ioctl of private/google-modules/gpu/mali_kbase/platform/pixel/pixel_gpu_slc.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2023-46932 | 1 Gpac | 1 Gpac | 2025-05-27 | N/A | 9.8 CRITICAL |
|
Heap Buffer Overflow vulnerability in GPAC version 2.3-DEV-rev617-g671976fcc-master, allows attackers to execute arbitrary code and cause a denial of service (DoS) via str2ulong class in src/media_tools/avilib.c in gpac/MP4Box.
|
|||||
| CVE-2022-35039 | 1 Otfcc Project | 1 Otfcc | 2025-05-27 | N/A | 6.5 MEDIUM |
|
OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e20a0.
|
|||||
| CVE-2022-35038 | 1 Otfcc Project | 1 Otfcc | 2025-05-27 | N/A | 6.5 MEDIUM |
|
OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b064d.
|
|||||
| CVE-2022-35037 | 1 Otfcc Project | 1 Otfcc | 2025-05-27 | N/A | 6.5 MEDIUM |
|
OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6adb1e.
|
|||||
| CVE-2022-35036 | 1 Otfcc Project | 1 Otfcc | 2025-05-27 | N/A | 6.5 MEDIUM |
|
OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6e1fc8.
|
|||||