Export limit exceeded: 361889 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45791 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-66045 | 2 Libbiosig Project, The Biosig Project | 2 Libbiosig, Libbiosig | 2025-12-17 | 9.8 Critical |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 65 | ||||
| CVE-2025-66046 | 2 Libbiosig Project, The Biosig Project | 2 Libbiosig, Libbiosig | 2025-12-17 | 9.8 Critical |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 67 | ||||
| CVE-2025-66047 | 2 Libbiosig Project, The Biosig Project | 2 Libbiosig, Libbiosig | 2025-12-17 | 9.8 Critical |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 131 | ||||
| CVE-2025-66048 | 2 Libbiosig Project, The Biosig Project | 2 Libbiosig, Libbiosig | 2025-12-17 | 9.8 Critical |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 133 | ||||
| CVE-2025-38004 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-12-17 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: can: bcm: add locking for bcm_op runtime updates The CAN broadcast manager (CAN BCM) can send a sequence of CAN frames via hrtimer. The content and also the length of the sequence can be changed resp reduced at runtime where the 'currframe' counter is then set to zero. Although this appeared to be a safe operation the updates of 'currframe' can be triggered from user space and hrtimer context in bcm_can_tx(). Anderson Nascimento created a proof of concept that triggered a KASAN slab-out-of-bounds read access which can be prevented with a spin_lock_bh. At the rework of bcm_can_tx() the 'count' variable has been moved into the protected section as this variable can be modified from both contexts too. | ||||
| CVE-2025-65803 | 1 Freeimage Project | 1 Freeimage | 2025-12-17 | 6.5 Medium |
| An integer overflow in the psdParser::ReadImageData function of FreeImage v3.18.0 and before allows attackers to cause a Denial of Service (DoS) via supplying a crafted PSD file. | ||||
| CVE-2025-38088 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-12-17 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the allocated region size. | ||||
| CVE-2024-32406 | 2 Inducer, Inducer | 2 Relate, Relate | 2025-12-17 | 7.5 High |
| Server-Side Template Injection (SSTI) vulnerability in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Batch-Issue Exam Tickets function. | ||||
| CVE-2024-27623 | 1 Cmsmadesimple | 1 Cms Made Simple | 2025-12-17 | 5.9 Medium |
| CMS Made Simple version 2.2.19 is vulnerable to Server-Side Template Injection (SSTI). The vulnerability exists within the Design Manager, particularly when editing the Breadcrumbs. | ||||
| CVE-2025-67492 | 1 Weblate | 1 Weblate | 2025-12-17 | 5.3 Medium |
| Weblate is a web based localization tool. In versions prior to 5.15, it was possible to trigger repository updates for many repositories via a crafted webhook payload. Version 5.15 fixes the issue. As a workaround, disabling webhooks completely using ENABLE_HOOKS avoids this vulnerability. | ||||
| CVE-2025-48622 | 1 Google | 1 Android | 2025-12-17 | 5.5 Medium |
| In ProcessArea of dng_misc_opcodes.cpp, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48621 | 1 Google | 1 Android | 2025-12-17 | 7.3 High |
| In DefaultTransitionHandler.java, there is a possible way to enable a tapjacking attack due to a insecure default. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2025-48592 | 1 Google | 1 Android | 2025-12-17 | 6.5 Medium |
| In initDecoder of C2SoftDav1dDec.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-66456 | 1 Elysiajs | 1 Elysia | 2025-12-17 | 9.8 Critical |
| Elysia is a Typescript framework for request validation, type inference, OpenAPI documentation and client-server communication. Versions 1.4.0 through 1.4.16 contain a prototype pollution vulnerability in `mergeDeep` after merging results of two standard schema validations with the same key. Due to the ordering of merging, there must be an any type that is set as a standalone guard, to allow for the `__proto__ prop` to be merged. When combined with GHSA-8vch-m3f4-q8jf this allows for a full RCE by an attacker. This issue is fixed in version 1.4.17. To workaround, remove the `__proto__ key` from body. | ||||
| CVE-2024-36017 | 3 Debian, Linux, Redhat | 7 Debian Linux, Linux Kernel, Enterprise Linux and 4 more | 2025-12-17 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation Each attribute inside a nested IFLA_VF_VLAN_LIST is assumed to be a struct ifla_vf_vlan_info so the size of such attribute needs to be at least of sizeof(struct ifla_vf_vlan_info) which is 14 bytes. The current size validation in do_setvfinfo is against NLA_HDRLEN (4 bytes) which is less than sizeof(struct ifla_vf_vlan_info) so this validation is not enough and a too small attribute might be cast to a struct ifla_vf_vlan_info, this might result in an out of bands read access when accessing the saved (casted) entry in ivvl. | ||||
| CVE-2025-53960 | 1 Apache | 1 Streampark | 2025-12-16 | 5.9 Medium |
| When issuing JSON Web Tokens (JWT), Apache StreamPark directly uses the user's password as the HMAC signing key (e.g., with the HS256 algorithm). An attacker can exploit this vulnerability to perform offline brute-force attacks on the user's password using a captured JWT, or to arbitrarily forge identity tokens for the user if the password is already known, ultimately leading to complete account takeover. This issue affects Apache StreamPark: from 2.0.0 before 2.1.7. Users are recommended to upgrade to version 2.1.7, which fixes the issue. | ||||
| CVE-2025-50360 | 2 Dannyvankooten, Pepper-lang | 2 Pepper, Compiler | 2025-12-16 | 8.4 High |
| A heap buffer overflow in compiler.c and compiler.h in Pepper language 0.1.1commit 961a5d9988c5986d563310275adad3fd181b2bb7. Malicious execution of a pepper source file(.pr) could lead to arbitrary code execution or Denial of Service. | ||||
| CVE-2025-54303 | 1 Thermofisher | 2 Torrent Suite, Torrent Suite Software | 2025-12-16 | 9.8 Critical |
| The Thermo Fisher Torrent Suite Django application 5.18.1 has weak default credentials, which are stored as fixtures for the Django ORM API. The ionadmin user account can be used to authenticate to default deployments with the password ionadmin. The user guide recommends changing default credentials; however, a password change policy for default administrative accounts is not enforced. Many deployments may retain default credentials, in which case an attacker is likely to be able to successfully authenticate with administrative privileges. | ||||
| CVE-2023-49621 | 1 Siemens | 2 Simatic Cn 4100, Simatic Cn 4100 Firmware | 2025-12-16 | 9.8 Critical |
| A vulnerability has been identified in SIMATIC CN 4100 (All versions < V2.7). The "intermediate installation" system state of the affected application uses default credential with admin privileges. An attacker could use the credentials to gain complete control of the affected device. | ||||
| CVE-2024-22391 | 3 Fedoraproject, Grassroot, Malaterre | 3 Fedora, Grassroot Platform, Grassroots Dicom | 2025-12-16 | 7.7 High |
| A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | ||||