Total
6811 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-37377 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2025-07-02 | N/A | 7.5 HIGH |
| A heap-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service. | |||||
| CVE-2025-6654 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2025-07-01 | N/A | 7.8 HIGH |
| PDF-XChange Editor PRC File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PRC files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26729. | |||||
| CVE-2025-6651 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2025-07-01 | N/A | 7.8 HIGH |
| PDF-XChange Editor JP2 File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JP2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26713. | |||||
| CVE-2025-6647 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2025-07-01 | N/A | 7.8 HIGH |
| PDF-XChange Editor U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-26644. | |||||
| CVE-2025-0566 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-07-01 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Tenda AC15 15.13.07.13. This affects the function formSetDevNetName of the file /goform/SetDevNetName. The manipulation of the argument mac leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-39890 | 1 Samsung | 38 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 35 more | 2025-07-01 | N/A | 8.1 HIGH |
| An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 9820, 9825, 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300. The baseband software does not properly check the length specified by the CC (Call Control). This can lead to an Out-of-Bounds write. | |||||
| CVE-2024-55569 | 1 Samsung | 34 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 31 more | 2025-07-01 | N/A | 7.5 HIGH |
| An issue was discovered in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes. | |||||
| CVE-2024-23969 | 1 Chargepoint | 6 Home Flex Hardwired, Home Flex Hardwired Firmware, Home Flex Nema 14-50 Plug and 3 more | 2025-06-30 | N/A | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the wlanchnllst function. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root. | |||||
| CVE-2023-32154 | 1 Mikrotik | 1 Routeros | 2025-06-30 | N/A | 7.5 HIGH |
| Mikrotik RouterOS RADVD Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Mikrotik RouterOS. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Router Advertisement Daemon. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root. . Was ZDI-CAN-19797. | |||||
| CVE-2024-20308 | 1 Cisco | 2 Ios, Ios Xe | 2025-06-30 | N/A | 8.6 HIGH |
| A vulnerability in the IKEv1 fragmentation code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a heap underflow, resulting in an affected device reloading. This vulnerability exists because crafted, fragmented IKEv1 packets are not properly reassembled. An attacker could exploit this vulnerability by sending crafted UDP packets to an affected system. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Note: Only traffic that is directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered by IPv4 and IPv6 traffic.. | |||||
| CVE-2024-29218 | 1 Keyence | 6 Kv Replay Viewer, Kv Studio, Vt5-wx12 and 3 more | 2025-06-30 | N/A | 8.8 HIGH |
| Out-of-bounds write vulnerability exists in KV STUDIO Ver.11.64 and earlier, KV REPLAY VIEWER Ver.2.64 and earlier, and VT5-WX15/WX12 Ver.6.02 and earlier, which may lead to information disclosure or arbitrary code execution by having a user of the affected product open a specially crafted file. | |||||
| CVE-2023-34318 | 3 Fedoraproject, Redhat, Sound Exchange Project | 4 Extra Packages For Enterprise Linux, Fedora, Enterprise Linux and 1 more | 2025-06-27 | N/A | 7.8 HIGH |
| A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure. | |||||
| CVE-2023-34402 | 1 Mercedes-benz | 1 Headunit Ntg6 Mercedes-benz User Experience | 2025-06-27 | N/A | 7.7 HIGH |
| Mercedes-Benz head-unit NTG6 contains functions to import or export profile settings over USB. Inside file is encapsulate another file, which service will drop during processing. Due to missed checks, attacker can achieve Arbitrary File Write with service speech rights. | |||||
| CVE-2025-43575 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-06-27 | N/A | 7.8 HIGH |
| Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2023-50807 | 1 Samsung | 6 Exynos 9110, Exynos 9110 Firmware, Exynos Modem 5123 and 3 more | 2025-06-26 | N/A | 8.1 HIGH |
| A vulnerability was discovered in Samsung Wearable Processor and Modems with versions Exynos 9110, Exynos Modem 5123, Exynos Modem 5300 that allows an out-of-bounds write in the heap in 2G (no auth). | |||||
| CVE-2021-43304 | 2 Clickhouse, Debian | 2 Clickhouse, Debian Linux | 2025-06-25 | 6.5 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopy<copy_amount>(op, ip, copy_end), don’t exceed the destination buffer’s limits. | |||||
| CVE-2021-43305 | 2 Clickhouse, Debian | 2 Clickhouse, Debian Linux | 2025-06-25 | 6.5 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in Clickhouse's LZ4 compression codec when parsing a malicious query. There is no verification that the copy operations in the LZ4::decompressImpl loop and especially the arbitrary copy operation wildCopy<copy_amount>(op, ip, copy_end), don’t exceed the destination buffer’s limits. This issue is very similar to CVE-2021-43304, but the vulnerable copy operation is in a different wildCopy call. | |||||
| CVE-2025-26785 | 1 Samsung | 34 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 31 more | 2025-06-25 | N/A | 7.5 HIGH |
| An issue was discovered in NAS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, W920, W930, W1000, Modem 5123, Modem 5300, Modem 5400. The lack of a length check leads to out-of-bounds writes. | |||||
| CVE-2022-30176 | 1 Microsoft | 1 Azure Real Time Operating System Guix Studio | 2025-06-24 | N/A | 7.8 HIGH |
| Azure RTOS GUIX Studio Remote Code Execution Vulnerability | |||||
| CVE-2024-11691 | 2 Apple, Mozilla | 17 M1, M1 Max, M1 Pro and 14 more | 2025-06-24 | N/A | 8.8 HIGH |
| Certain WebGL operations on Apple silicon M series devices could have lead to an out-of-bounds write and memory corruption due to a flaw in Apple's GPU driver. *This bug only affected the application on Apple M series hardware. Other platforms were unaffected.* This vulnerability affects Firefox < 133, Firefox ESR < 128.5, Firefox ESR < 115.18, Thunderbird < 133, Thunderbird < 128.5, and Thunderbird < 115.18. | |||||