Total
10912 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2011-0186 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2025-03-20 | 4.3 MEDIUM | N/A |
QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG2000 image. | |||||
CVE-2013-1032 | 1 Apple | 2 Mac Os X, Quicktime | 2025-03-20 | 6.8 MEDIUM | N/A |
QuickTime in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted idsc atom in a QuickTime movie file. | |||||
CVE-2024-29509 | 1 Artifex | 1 Ghostscript | 2025-03-20 | N/A | 8.8 HIGH |
Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword (e.g., for runpdf) has a \000 byte in the middle. | |||||
CVE-2025-2480 | 2025-03-20 | N/A | 7.8 HIGH | ||
Santesoft Sante DICOM Viewer Pro is vulnerable to an out-of-bounds write, which requires a user to open a malicious DCM file, resulting in execution of arbitrary code by a local attacker. | |||||
CVE-2022-4900 | 2 Php, Redhat | 3 Php, Enterprise Linux, Software Collections | 2025-03-20 | N/A | 6.2 MEDIUM |
A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow. | |||||
CVE-2023-1729 | 3 Fedoraproject, Libraw, Redhat | 3 Fedora, Libraw, Enterprise Linux | 2025-03-20 | N/A | 6.5 MEDIUM |
A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash. | |||||
CVE-2025-24201 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-03-20 | N/A | 8.8 HIGH |
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.). | |||||
CVE-2024-49749 | 2025-03-20 | N/A | 8.8 HIGH | ||
In DGifSlurp of dgif_lib.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
CVE-2024-57579 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the limitSpeedUp parameter in the formSetClientState function. | |||||
CVE-2020-5735 | 1 Amcrest | 36 1080-lite 8ch, 1080-lite 8ch Firmware, Amdv10814-h5 and 33 more | 2025-03-19 | 8.0 HIGH | 8.8 HIGH |
Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code. | |||||
CVE-2025-29386 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | |||||
CVE-2025-29385 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | |||||
CVE-2025-29384 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | |||||
CVE-2025-29031 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function. | |||||
CVE-2025-29030 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-19 | N/A | 9.8 CRITICAL |
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function. | |||||
CVE-2025-20636 | 2 Google, Mediatek | 45 Android, Mt6580, Mt6739 and 42 more | 2025-03-19 | N/A | 6.7 MEDIUM |
In secmem, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09403554; Issue ID: MSV-2431. | |||||
CVE-2024-41443 | 1 Dbohdan | 1 Hicolor | 2025-03-19 | N/A | 5.5 MEDIUM |
A stack overflow in the function cp_dynamic() (/vendor/cute_png.h) of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file. | |||||
CVE-2023-20949 | 1 Google | 1 Android | 2025-03-19 | N/A | 5.5 MEDIUM |
In s2mpg11_pmic_probe of s2mpg11-regulator.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-259323133References: N/A | |||||
CVE-2022-45587 | 1 Xpdfreader | 1 Xpdf | 2025-03-19 | N/A | 5.5 MEDIUM |
Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpdf 4.04, allows local attackers to cause a denial of service. | |||||
CVE-2022-45586 | 1 Xpdfreader | 1 Xpdf | 2025-03-19 | N/A | 5.5 MEDIUM |
Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in xpdf 4.04, allows local attackers to cause a denial of service. |