Total
11386 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-32402 | 1 Rt-labs | 1 P-net | 2025-05-13 | N/A | 7.5 HIGH |
| An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. | |||||
| CVE-2025-32401 | 1 Rt-labs | 1 P-net | 2025-05-13 | N/A | 4.8 MEDIUM |
| An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious RPC packet. | |||||
| CVE-2025-32400 | 1 Rt-labs | 1 P-net | 2025-05-13 | N/A | 7.5 HIGH |
| An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. | |||||
| CVE-2025-32397 | 1 Rt-labs | 1 P-net | 2025-05-13 | N/A | 7.5 HIGH |
| An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. | |||||
| CVE-2025-32396 | 1 Rt-labs | 1 P-net | 2025-05-13 | N/A | 7.5 HIGH |
| An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. | |||||
| CVE-2025-26598 | 3 Redhat, Tigervnc, X.org | 4 Enterprise Linux, Tigervnc, X Server and 1 more | 2025-05-13 | N/A | 7.8 HIGH |
| An out-of-bounds write flaw was found in X.Org and Xwayland. The function GetBarrierDevice() searches for the pointer device based on its device ID and returns the matching value, or supposedly NULL, if no match was found. However, the code will return the last element of the list if no matching device ID is found, which can lead to out-of-bounds memory access. | |||||
| CVE-2025-26596 | 3 Redhat, Tigervnc, X.org | 4 Enterprise Linux, Tigervnc, X Server and 1 more | 2025-05-13 | N/A | 7.8 HIGH |
| A heap overflow flaw was found in X.Org and Xwayland. The computation of the length in XkbSizeKeySyms() differs from what is written in XkbWriteKeySyms(), which may lead to a heap-based buffer overflow. | |||||
| CVE-2025-26595 | 3 Redhat, Tigervnc, X.org | 4 Enterprise Linux, Tigervnc, X Server and 1 more | 2025-05-13 | N/A | 7.8 HIGH |
| A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size. | |||||
| CVE-2025-0690 | 2025-05-13 | N/A | 6.1 MEDIUM | ||
| The read command is used to read the keyboard input from the user, while reads it keeps the input length in a 32-bit integer value which is further used to reallocate the line buffer to accept the next character. During this process, with a line big enough it's possible to make this variable to overflow leading to a out-of-bounds write in the heap based buffer. This flaw may be leveraged to corrupt grub's internal critical data and secure boot bypass is not discarded as consequence. | |||||
| CVE-2025-0677 | 2025-05-13 | N/A | 6.4 MEDIUM | ||
| A flaw was found in grub2. When performing a symlink lookup, the grub's UFS module checks the inode's data size to allocate the internal buffer to read the file content, however, it fails to check if the symlink data size has overflown. When this occurs, grub_malloc() may be called with a smaller value than needed. When further reading the data from the disk into the buffer, the grub_ufs_lookup_symlink() function will write past the end of the allocated size. An attack can leverage this by crafting a malicious filesystem, and as a result, it will corrupt data stored in the heap, allowing for arbitrary code execution used to by-pass secure boot mechanisms. | |||||
| CVE-2024-45781 | 2025-05-13 | N/A | 6.7 MEDIUM | ||
| A flaw was found in grub2. When reading a symbolic link's name from a UFS filesystem, grub2 fails to validate the string length taken as an input. The lack of validation may lead to a heap out-of-bounds write, causing data integrity issues and eventually allowing an attacker to circumvent secure boot protections. | |||||
| CVE-2024-45776 | 2025-05-13 | N/A | 6.7 MEDIUM | ||
| When reading the language .mo file in grub_mofile_open(), grub2 fails to verify an integer overflow when allocating its internal buffer. A crafted .mo file may lead the buffer size calculation to overflow, leading to out-of-bound reads and writes. This flaw allows an attacker to leak sensitive data or overwrite critical data, possibly circumventing secure boot protections. | |||||
| CVE-2024-45774 | 2025-05-13 | N/A | 6.7 MEDIUM | ||
| A flaw was found in grub2. A specially crafted JPEG file can cause the JPEG parser of grub2 to incorrectly check the bounds of its internal buffers, resulting in an out-of-bounds write. The possibility of overwriting sensitive information to bypass secure boot protections is not discarded. | |||||
| CVE-2022-43295 | 1 Xpdfreader | 1 Xpdf | 2025-05-13 | N/A | 5.5 MEDIUM |
| XPDF v4.04 was discovered to contain a stack overflow via the function FileStream::copy() at xpdf/Stream.cc:795. | |||||
| CVE-2022-42060 | 1 Tenda | 2 Ac1200 V-w15ev2, Ac1200 V-w15ev2 Firmware | 2025-05-13 | N/A | 7.5 HIGH |
| Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a stack overflow via the setWanPpoe function. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data. | |||||
| CVE-2025-30175 | 2025-05-13 | N/A | 7.5 HIGH | ||
| A vulnerability has been identified in SIMATIC PCS neo V4.1 (All versions), SIMATIC PCS neo V5.0 (All versions), SINEC NMS (All versions), SINEMA Remote Connect (All versions), Totally Integrated Automation Portal (TIA Portal) V17 (All versions), Totally Integrated Automation Portal (TIA Portal) V18 (All versions), Totally Integrated Automation Portal (TIA Portal) V19 (All versions), Totally Integrated Automation Portal (TIA Portal) V20 (All versions), User Management Component (UMC) (All versions < V2.15.1.1). Affected products contain a out of bound write buffer overflow vulnerability in the integrated UMC component. This could allow an unauthenticated remote attacker to cause a denial of service condition. | |||||
| CVE-2022-42166 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-05-13 | N/A | 9.8 CRITICAL |
| Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetSpeedWan. | |||||
| CVE-2022-42165 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-05-13 | N/A | 9.8 CRITICAL |
| Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetDeviceName. | |||||
| CVE-2023-44419 | 1 Dlink | 2 Dir-x3260, Dir-x3260 Firmware | 2025-05-13 | N/A | 8.8 HIGH |
| D-Link DIR-X3260 Prog.cgi Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd webserver. The issue results from the lack of proper validation of the length an user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20774. | |||||
| CVE-2023-44418 | 1 Dlink | 2 Dir-x3260, Dir-x3260 Firmware | 2025-05-13 | N/A | 8.8 HIGH |
| D-Link DIR-X3260 Prog.cgi Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd webserver. The issue results from the lack of proper validation of the length an user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20727. | |||||