Vulnerabilities (CVE)

Filtered by CWE-787
Total 10912 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-0186 1 Apple 3 Mac Os X, Mac Os X Server, Quicktime 2025-03-20 4.3 MEDIUM N/A
QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG2000 image.
CVE-2013-1032 1 Apple 2 Mac Os X, Quicktime 2025-03-20 6.8 MEDIUM N/A
QuickTime in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted idsc atom in a QuickTime movie file.
CVE-2024-29509 1 Artifex 1 Ghostscript 2025-03-20 N/A 8.8 HIGH
Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword (e.g., for runpdf) has a \000 byte in the middle.
CVE-2025-2480 2025-03-20 N/A 7.8 HIGH
Santesoft Sante DICOM Viewer Pro is vulnerable to an out-of-bounds write, which requires a user to open a malicious DCM file, resulting in execution of arbitrary code by a local attacker.
CVE-2022-4900 2 Php, Redhat 3 Php, Enterprise Linux, Software Collections 2025-03-20 N/A 6.2 MEDIUM
A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.
CVE-2023-1729 3 Fedoraproject, Libraw, Redhat 3 Fedora, Libraw, Enterprise Linux 2025-03-20 N/A 6.5 MEDIUM
A flaw was found in LibRaw. A heap-buffer-overflow in raw2image_ex() caused by a maliciously crafted file may lead to an application crash.
CVE-2025-24201 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2025-03-20 N/A 8.8 HIGH
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 17.2.).
CVE-2024-49749 2025-03-20 N/A 8.8 HIGH
In DGifSlurp of dgif_lib.c, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2024-57579 1 Tenda 2 Ac18, Ac18 Firmware 2025-03-19 N/A 9.8 CRITICAL
Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the limitSpeedUp parameter in the formSetClientState function.
CVE-2020-5735 1 Amcrest 36 1080-lite 8ch, 1080-lite 8ch Firmware, Amdv10814-h5 and 33 more 2025-03-19 8.0 HIGH 8.8 HIGH
Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code.
CVE-2025-29386 1 Tenda 2 Ac9, Ac9 Firmware 2025-03-19 N/A 9.8 CRITICAL
In Tenda AC9 v1.0 V15.03.05.14_multi, the mac parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
CVE-2025-29385 1 Tenda 2 Ac9, Ac9 Firmware 2025-03-19 N/A 9.8 CRITICAL
In Tenda AC9 v1.0 V15.03.05.14_multi, the cloneType parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
CVE-2025-29384 1 Tenda 2 Ac9, Ac9 Firmware 2025-03-19 N/A 9.8 CRITICAL
In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
CVE-2025-29031 1 Tenda 2 Ac6, Ac6 Firmware 2025-03-19 N/A 9.8 CRITICAL
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function.
CVE-2025-29030 1 Tenda 2 Ac6, Ac6 Firmware 2025-03-19 N/A 9.8 CRITICAL
Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function.
CVE-2025-20636 2 Google, Mediatek 45 Android, Mt6580, Mt6739 and 42 more 2025-03-19 N/A 6.7 MEDIUM
In secmem, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09403554; Issue ID: MSV-2431.
CVE-2024-41443 1 Dbohdan 1 Hicolor 2025-03-19 N/A 5.5 MEDIUM
A stack overflow in the function cp_dynamic() (/vendor/cute_png.h) of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file.
CVE-2023-20949 1 Google 1 Android 2025-03-19 N/A 5.5 MEDIUM
In s2mpg11_pmic_probe of s2mpg11-regulator.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-259323133References: N/A
CVE-2022-45587 1 Xpdfreader 1 Xpdf 2025-03-19 N/A 5.5 MEDIUM
Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpdf 4.04, allows local attackers to cause a denial of service.
CVE-2022-45586 1 Xpdfreader 1 Xpdf 2025-03-19 N/A 5.5 MEDIUM
Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in xpdf 4.04, allows local attackers to cause a denial of service.