Search Results (23175 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-35371 1 Ant-media 1 Ant-media-server 2026-04-15 7.5 High
Ant-Media-Serverv2.8.2 is affected by Improper Output Neutralization for Logs. The vulnerability stems from insufficient input sanitization in the logging mechanism. Without proper filtering or validation, user-controllable data, such as identifiers or other sensitive information, can be included in log entries without restrictions.
CVE-2025-3007 2026-04-15 5.5 Medium
A vulnerability was found in Novastar CX40 up to 2.44.0. It has been rated as critical. This issue affects the function getopt of the file /usr/nova/bin/netconfig of the component NetFilter Utility. The manipulation of the argument cmd/netmask/pipeout/nettask leads to stack-based buffer overflow. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-37310 1 Everest 1 Everest-core 2026-04-15 9.1 Critical
EVerest is an EV charging software stack. An integer overflow in the "v2g_incoming_v2gtp" function in the v2g_server.cpp implementation can allow a remote attacker to overflow the process' heap. This vulnerability is fixed in 2024.3.1 and 2024.6.0.
CVE-2025-31354 2026-04-15 4.3 Medium
Subnet Solutions PowerSYSTEM Center's SMTPS notification service can be affected by importing an EC certificate with crafted F2m parameters, which can lead to excessive CPU consumption during the evaluation of the curve parameters.
CVE-2024-2824 2026-04-15 6.3 Medium
A vulnerability was found in Matthias-Wandel jhead 3.08 and classified as critical. This issue affects the function PrintFormatNumber of the file exif.c. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-257711.
CVE-2024-21971 2026-04-15 5.5 Medium
Improper input validation in AMD Crash Defender could allow an attacker to provide the Windows® system process ID to a kernel-mode driver, resulting in an operating system crash, potentially leading to denial of service.
CVE-2024-51566 1 Freebsd 1 Freebsd 2026-04-15 6.5 Medium
The NVMe driver queue processing is vulernable to guest-induced infinite loops.
CVE-2024-51564 2026-04-15 7.5 High
A guest can trigger an infinite loop in the hda audio driver.
CVE-2025-13878 1 Isc 1 Bind 2026-04-15 7.5 High
Malformed BRID/HHIT records can cause `named` to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9.21.12 through 9.21.16, 9.18.40-S1 through 9.18.43-S1, and 9.20.13-S1 through 9.20.17-S1.
CVE-2025-53418 2026-04-15 8.6 High
Delta Electronics COMMGR has Stack-based Buffer Overflow vulnerability.
CVE-2020-37177 1 Weird Solutions 1 Bootpturbo 2026-04-15 7.5 High
BOOTP Turbo 2.0 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the Structured Exception Handler (SEH). Attackers can generate a malicious payload of 2196 bytes with specific byte patterns to trigger an application crash and corrupt the SEH chain.
CVE-2025-54515 2 Amd, Arm 4 Alveo, Versal, Cortex-a and 1 more 2026-04-15 N/A
The Secure Flag passed to Versal™ Adaptive SoC’s Trusted Firmware for Cortex®-A processors (TF-A) for Arm’s Power State Coordination Interface (PSCI) commands were incorrectly set to secure instead of using the processor’s actual security state. This would allow the PSCI requests to appear they were from processors in the secure state instead of the non-secure state.
CVE-2024-0114 2026-04-15 8.1 High
NVIDIA Hopper HGX for 8-GPU contains a vulnerability in the HGX Management Controller (HMC) that may allow a malicious actor with administrative access on the BMC to access the HMC as an administrator. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering.
CVE-2020-37184 1 Allok Soft 1 Allok Video Converter 2026-04-15 9.8 Critical
Allok Video Converter 4.6.1217 contains a stack overflow vulnerability in the License Name input field that allows attackers to execute arbitrary code. Attackers can craft a specially designed payload to overwrite SEH handlers and execute system commands by injecting malicious bytecode into the input field.
CVE-2020-37185 1 Nsauditor 1 Backup Key Recovery 2026-04-15 7.5 High
Backup Key Recovery 2.2.5 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the 'Name' input field. Attackers can generate a 1000-character payload and paste it into the registration name field to trigger an application crash.
CVE-2023-45733 1 Redhat 1 Enterprise Linux 2026-04-15 2.8 Low
Hardware logic contains race conditions in some Intel(R) Processors may allow an authenticated user to potentially enable partial information disclosure via local access.
CVE-2019-25232 1 Netpclinker 1 Netpclinker 2026-04-15 9.8 Critical
NetPCLinker 1.0.0.0 contains a buffer overflow vulnerability in the Clients Control Panel DNS/IP field that allows attackers to execute arbitrary shellcode. Attackers can craft a malicious payload in the DNS/IP input to overwrite SEH handlers and execute shellcode when adding a new client.
CVE-2019-25319 1 Internet-soft 1 Domain Quester Pro 2026-04-15 9.8 Critical
Domain Quester Pro 6.02 contains a stack overflow vulnerability that allows remote attackers to execute arbitrary code by overwriting Structured Exception Handler (SEH) registers. Attackers can craft a malicious payload targeting the 'Domain Name Keywords' input field to trigger an access violation and execute a bind shell on port 9999.
CVE-2024-52564 1 Iodata 2 Ud-lt1\/ex Firmware, Ud-lt1 Firmware 2026-04-15 N/A
Inclusion of undocumented features or chicken bits issue exists in UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier. A remote attacker may disable the firewall function of the affected products. As a result, an arbitrary OS command may be executed and/or configuration settings of the device may be altered.
CVE-2023-43683 1 Malwarebytes 1 Malwarebytes 2026-04-15 6.5 Medium
An issue was discovered in Malwarebytes 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). A Stack buffer out-of-bounds access exists because of an integer underflow when handling newline characters.