Total
11419 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-32605 | 2 Google, Mediatek | 4 Android, Mt6879, Mt6895 and 1 more | 2025-05-02 | N/A | 6.7 MEDIUM |
| In isp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07213898; Issue ID: ALPS07213898. | |||||
| CVE-2022-32603 | 2 Google, Mediatek | 7 Android, Mt6879, Mt6893 and 4 more | 2025-05-02 | N/A | 6.7 MEDIUM |
| In gpu drm, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310704; Issue ID: ALPS07310704. | |||||
| CVE-2022-37903 | 1 Arubanetworks | 12 7005, 7008, 7010 and 9 more | 2025-05-02 | N/A | 7.2 HIGH |
| A vulnerability exists that allows an authenticated attacker to overwrite an arbitrary file with attacker-controlled content via the web interface. Successful exploitation of this vulnerability could lead to full compromise the underlying host operating system. | |||||
| CVE-2025-35975 | 2025-05-02 | N/A | 8.8 HIGH | ||
| MicroDicom DICOM Viewer is vulnerable to an out-of-bounds write which may allow an attacker to execute arbitrary code. The user must open a malicious DCM file for exploitation. | |||||
| CVE-2024-46774 | 1 Linux | 1 Linux Kernel | 2025-05-02 | N/A | 7.1 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() Smatch warns: arch/powerpc/kernel/rtas.c:1932 __do_sys_rtas() warn: potential spectre issue 'args.args' [r] (local cap) The 'nargs' and 'nret' locals come directly from a user-supplied buffer and are used as indexes into a small stack-based array and as inputs to copy_to_user() after they are subject to bounds checks. Use array_index_nospec() after the bounds checks to clamp these values for speculative execution. | |||||
| CVE-2024-44938 | 1 Linux | 1 Linux Kernel | 2025-05-02 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: jfs: Fix shift-out-of-bounds in dbDiscardAG When searching for the next smaller log2 block, BLKSTOL2() returned 0, causing shift exponent -1 to be negative. This patch fixes the issue by exiting the loop directly when negative shift is found. | |||||
| CVE-2023-5168 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2025-05-01 | N/A | 9.8 CRITICAL |
| A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. | |||||
| CVE-2022-32611 | 2 Google, Mediatek | 4 Android, Mt6879, Mt6895 and 1 more | 2025-05-01 | N/A | 6.7 MEDIUM |
| In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07340373; Issue ID: ALPS07340373. | |||||
| CVE-2022-44319 | 1 Picoc Project | 1 Picoc | 2025-05-01 | N/A | 5.5 MEDIUM |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StdioBasePrintf function in cstdlib/string.c when called from ExpressionParseFunctionCall. | |||||
| CVE-2022-44312 | 1 Picoc Project | 1 Picoc | 2025-05-01 | N/A | 5.5 MEDIUM |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionCoerceInteger function in expression.c when called from ExpressionInfixOperator. | |||||
| CVE-2024-29131 | 3 Apache, Fedoraproject, Netapp | 4 Commons Configuration, Fedora, Ontap Tools and 1 more | 2025-05-01 | N/A | 7.3 HIGH |
| Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue. | |||||
| CVE-2024-29133 | 2 Apache, Fedoraproject | 2 Commons Configuration, Fedora | 2025-05-01 | N/A | 5.4 MEDIUM |
| Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue. | |||||
| CVE-2023-5474 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-05-01 | N/A | 8.8 HIGH |
| Heap buffer overflow in PDF in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) | |||||
| CVE-2023-5176 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2025-05-01 | N/A | 9.8 CRITICAL |
| Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. | |||||
| CVE-2022-44321 | 1 Picoc Project | 1 Picoc | 2025-05-01 | N/A | 5.5 MEDIUM |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the LexSkipComment function in lex.c when called from LexScanGetToken. | |||||
| CVE-2022-44320 | 1 Picoc Project | 1 Picoc | 2025-05-01 | N/A | 5.5 MEDIUM |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionCoerceFP function in expression.c when called from ExpressionParseFunctionCall. | |||||
| CVE-2022-44316 | 1 Picoc Project | 1 Picoc | 2025-05-01 | N/A | 5.5 MEDIUM |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the LexGetStringConstant function in lex.c when called from LexScanGetToken. | |||||
| CVE-2022-44315 | 1 Picoc Project | 1 Picoc | 2025-05-01 | N/A | 5.5 MEDIUM |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionAssign function in expression.c when called from ExpressionParseFunctionCall. | |||||
| CVE-2022-44314 | 1 Picoc Project | 1 Picoc | 2025-05-01 | N/A | 5.5 MEDIUM |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StringStrncpy function in cstdlib/string.c when called from ExpressionParseFunctionCall. | |||||
| CVE-2022-44313 | 1 Picoc Project | 1 Picoc | 2025-05-01 | N/A | 5.5 MEDIUM |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionCoerceUnsignedInteger function in expression.c when called from ExpressionParseFunctionCall. | |||||