Total
13300 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-22391 | 2 Fedoraproject, Grassroots Dicom Project | 2 Fedora, Grassroots Dicom | 2025-11-04 | N/A | 7.7 HIGH |
| A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2024-22373 | 2 Fedoraproject, Grassroots Dicom Project | 2 Fedora, Grassroots Dicom | 2025-11-04 | N/A | 8.1 HIGH |
| An out-of-bounds write vulnerability exists in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2024-11495 | 1 Ollydbg | 1 Ollydbg | 2025-11-04 | N/A | 7.5 HIGH |
| Buffer overflow vulnerability in OllyDbg, version 1.10, which could allow a local attacker to execute arbitrary code due to lack of proper bounds checking. | |||||
| CVE-2025-43447 | 1 Apple | 4 Ipados, Iphone Os, Visionos and 1 more | 2025-11-04 | N/A | 5.5 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS 26.1 and iPadOS 26.1, visionOS 26.1. An app may be able to cause unexpected system termination or corrupt kernel memory. | |||||
| CVE-2024-27879 | 1 Apple | 2 Ipados, Iphone Os | 2025-11-04 | N/A | 7.5 HIGH |
| The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18. An attacker may be able to cause unexpected app termination. | |||||
| CVE-2025-43373 | 1 Apple | 1 Macos | 2025-11-04 | N/A | 7.5 HIGH |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to cause unexpected system termination or corrupt kernel memory. | |||||
| CVE-2025-43504 | 1 Apple | 1 Xcode | 2025-11-04 | N/A | 4.9 MEDIUM |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in Xcode 26.1. A user in a privileged network position may be able to cause a denial-of-service. | |||||
| CVE-2022-26129 | 1 Frrouting | 1 Frrouting | 2025-11-04 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the subtlv length in the functions, parse_hello_subtlv, parse_ihu_subtlv, and parse_update_subtlv in babeld/message.c. | |||||
| CVE-2022-26126 | 2 Fedoraproject, Frrouting | 2 Fedora, Frrouting | 2025-11-04 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to the use of strdup with a non-zero-terminated binary string in isis_nb_notifications.c. | |||||
| CVE-2025-26781 | 1 Samsung | 26 Exynos 1080, Exynos 1080 Firmware, Exynos 1330 and 23 more | 2025-11-04 | N/A | 7.5 HIGH |
| An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 9110, W920, W930, Modem 5123, and Modem 5300. Incorrect handling of RLC AM PDUs leads to a Denial of Service. | |||||
| CVE-2024-9401 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-11-03 | N/A | 9.8 CRITICAL |
| Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Firefox ESR < 115.16, Thunderbird < 128.3, and Thunderbird < 131. | |||||
| CVE-2025-30437 | 1 Apple | 1 Macos | 2025-11-03 | N/A | 7.4 HIGH |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.4. An app may be able to corrupt coprocessor memory. | |||||
| CVE-2025-26597 | 3 Redhat, Tigervnc, X.org | 4 Enterprise Linux, Tigervnc, X Server and 1 more | 2025-11-03 | N/A | 7.8 HIGH |
| A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of the wrong size. | |||||
| CVE-2024-40988 | 1 Linux | 1 Linux Kernel | 2025-11-03 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: drm/radeon: fix UBSAN warning in kv_dpm.c Adds bounds check for sumo_vid_mapping_entry. | |||||
| CVE-2023-7104 | 2 Fedoraproject, Sqlite | 2 Fedora, Sqlite | 2025-11-03 | 5.2 MEDIUM | 5.5 MEDIUM |
| A vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified as critical. This issue affects the function sessionReadRecord of the file ext/session/sqlite3session.c of the component make alltest Handler. The manipulation leads to heap-based buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-248999. | |||||
| CVE-2023-40661 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2025-11-03 | N/A | 5.4 MEDIUM |
| Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a custom-crafted USB device or smart card to manipulate responses to APDUs. This manipulation can potentially allow compromise key generation, certificate loading, and other card management operations during enrollment. | |||||
| CVE-2022-3559 | 2 Exim, Fedoraproject | 2 Exim, Fedora | 2025-11-03 | N/A | 4.6 MEDIUM |
| A vulnerability was found in Exim and classified as problematic. This issue affects some unknown processing of the component Regex Handler. The manipulation leads to use after free. The name of the patch is 4e9ed49f8f12eb331b29bd5b6dc3693c520fddc2. It is recommended to apply a patch to fix this issue. The identifier VDB-211073 was assigned to this vulnerability. | |||||
| CVE-2018-20574 | 1 Yaml-cpp Project | 1 Yaml-cpp | 2025-11-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file. | |||||
| CVE-2018-20573 | 1 Yaml-cpp Project | 1 Yaml-cpp | 2025-11-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file. | |||||
| CVE-2017-7938 | 1 Mor-pah.net | 1 Dmitry Deepmagic Information Gathering Tool | 2025-11-03 | 7.5 HIGH | 6.6 MEDIUM |
| Stack-based buffer overflow in DMitry (Deepmagic Information Gathering Tool) version 1.3a (Unix) allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a long argument. An example threat model is automated execution of DMitry with hostname strings found in local log files. | |||||