Total
1979 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-4501 | 1 Fabian | 1 Album Management System | 2025-10-23 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as critical, was found in code-projects Album Management System 1.0. This affects the function searchalbum of the component Search Albums. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4499 | 1 Fabian | 1 Simple Hospital Management System | 2025-10-23 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability classified as critical was found in code-projects Simple Hospital Management System 1.0. Affected by this vulnerability is the function Add of the component Add Information. The manipulation of the argument x[i].name/x[i].disease leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4890 | 1 Fabian | 1 Tourism Management System | 2025-10-23 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in code-projects Tourism Management System 1.0 and classified as critical. This issue affects the function LoginUser of the component Login User. The manipulation of the argument username/password leads to stack-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4068 | 1 Fabian | 1 Simple Movie Ticket Booking System | 2025-10-23 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability classified as critical was found in code-projects Simple Movie Ticket Booking System 1.0. Affected by this vulnerability is the function changeprize. The manipulation of the argument prize leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4472 | 1 Fabian | 1 Departmental Store Management System | 2025-10-23 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in code-projects Departmental Store Management System 1.0. It has been classified as critical. Affected is the function bill. The manipulation of the argument Item Code leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4480 | 1 Fabian | 1 Simple College Management System | 2025-10-23 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability was found in code-projects Simple College Management System 1.0. It has been declared as critical. This vulnerability affects the function input of the component Add New Student. The manipulation of the argument name/branch leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-4498 | 1 Fabian | 1 Simple Bus Reservation System | 2025-10-23 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability classified as critical has been found in code-projects Simple Bus Reservation System 1.0. Affected is the function a::install of the component Install Bus. The manipulation of the argument bus leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-0529 | 1 Fabian | 1 Train Ticket Reservation System | 2025-10-23 | 4.3 MEDIUM | 5.3 MEDIUM |
| A vulnerability, which was classified as critical, was found in code-projects Train Ticket Reservation System 1.0. This affects an unknown part of the component Login Form. The manipulation of the argument username leads to stack-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-60342 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-10-23 | N/A | 7.5 HIGH |
| Tenda AC6 V2.0 15.03.06.50 was discovered to contain a stack overflow in the page parameter in the addressNat function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | |||||
| CVE-2025-5278 | 2025-10-22 | N/A | 4.4 MEDIUM | ||
| A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data. | |||||
| CVE-2014-9163 | 4 Adobe, Apple, Linux and 1 more | 4 Flash Player, Mac Os X, Linux Kernel and 1 more | 2025-10-22 | 10.0 HIGH | 9.8 CRITICAL |
| Stack-based buffer overflow in Adobe Flash Player before 13.0.0.259 and 14.x and 15.x before 15.0.0.246 on Windows and OS X and before 11.2.202.425 on Linux allows attackers to execute arbitrary code via unspecified vectors, as exploited in the wild in December 2014. | |||||
| CVE-2013-2597 | 1 Codeaurora | 1 Android-msm | 2025-10-22 | 7.2 HIGH | 8.4 HIGH |
| Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that leverages /dev/msm_acdb access and provides a large size value in an ioctl argument. | |||||
| CVE-2009-0927 | 1 Adobe | 1 Acrobat Reader | 2025-10-22 | 9.3 HIGH | 8.8 HIGH |
| Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658. | |||||
| CVE-2025-60751 | 2025-10-21 | N/A | 7.5 HIGH | ||
| GeographicLib 2.5 is vulnerable to Buffer Overflow in GeoConvert DMS::InternalDecode. | |||||
| CVE-2025-5555 | 2025-10-21 | 6.8 MEDIUM | 7.8 HIGH | ||
| A vulnerability has been found in Nixdorf Wincor PORT IO Driver up to 1.0.0.1. This affects the function sub_11100 in the library wnport.sys of the component IOCTL Handler. Such manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Upgrading to version 3.0.0.1 is able to mitigate this issue. Upgrading the affected component is recommended. The vendor was contacted beforehand and was able to provide a patch very early. | |||||
| CVE-2025-11678 | 2025-10-21 | N/A | N/A | ||
| Stack-based Buffer Overflow in lws_adns_parse_label in warmcat libwebsockets allows, when the LWS_WITH_SYS_ASYNC_DNS flag is enabled during compilation, to overflow the label_stack, when the attacker is able to sniff a DNS request in order to craft a response with a matching id containing a label longer than the maximum. | |||||
| CVE-2025-46405 | 1 F5 | 1 Big-ip Access Policy Manager | 2025-10-21 | N/A | 7.5 HIGH |
| When Network Access is configured on a BIG-IP APM virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-47347 | 1 Qualcomm | 74 Qam8255p, Qam8255p Firmware, Qam8295p and 71 more | 2025-10-21 | N/A | 7.8 HIGH |
| Memory corruption while processing control commands in the virtual memory management interface. | |||||
| CVE-2025-46397 | 2 Fig2dev Project, Redhat | 2 Fig2dev, Enterprise Linux | 2025-10-21 | N/A | 4.7 MEDIUM |
| In xfig diagramming tool, a stack-overflow while running fig2dev allows memory corruption via local input manipulation at the bezier_spline function. | |||||
| CVE-2025-8958 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-10-21 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was identified in Tenda TX3 16.03.13.11_multi_TDE01. Affected by this vulnerability is an unknown functionality of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | |||||