Search Results (45971 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-1365 1 Elfutils Project 1 Elfutils 2025-11-04 5.3 Medium
A vulnerability, which was classified as critical, was found in GNU elfutils 0.192. This affects the function process_symtab of the file readelf.c of the component eu-readelf. The manipulation of the argument D/a leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 5e5c0394d82c53e97750fe7b18023e6f84157b81. It is recommended to apply a patch to fix this issue.
CVE-2024-3159 1 Google 1 Chrome 2025-11-04 8.8 High
Out of bounds memory access in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: High)
CVE-2024-3156 1 Google 1 Chrome 2025-11-04 8.8 High
Inappropriate implementation in V8 in Google Chrome prior to 123.0.6312.105 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
CVE-2024-28219 3 Debian, Python, Redhat 6 Debian Linux, Pillow, Ansible Automation Platform and 3 more 2025-11-04 6.7 Medium
In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.
CVE-2024-27351 2 Djangoproject, Redhat 6 Django, Ansible Automation Platform, Openstack and 3 more 2025-11-04 5.3 Medium
In Django 3.2 before 3.2.25, 4.2 before 4.2.11, and 5.0 before 5.0.3, the django.utils.text.Truncator.words() method (with html=True) and the truncatewords_html template filter are subject to a potential regular expression denial-of-service attack via a crafted string. NOTE: this issue exists because of an incomplete fix for CVE-2019-14232 and CVE-2023-43665.
CVE-2024-26817 2 Debian, Linux 2 Debian Linux, Linux Kernel 2025-11-04 5.5 Medium
In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing the multiplication which might overflow.
CVE-2024-26593 2 Linux, Redhat 2 Linux Kernel, Enterprise Linux 2025-11-04 7.1 High
In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Fix block process call transactions According to the Intel datasheets, software must reset the block buffer index twice for block process call transactions: once before writing the outgoing data to the buffer, and once again before reading the incoming data from the buffer. The driver is currently missing the second reset, causing the wrong portion of the block buffer to be read.
CVE-2024-25580 2 Qt, Redhat 2 Qt, Enterprise Linux 2025-11-04 6.2 Medium
An issue was discovered in gui/util/qktxhandler.cpp in Qt before 5.15.17, 6.x before 6.2.12, 6.3.x through 6.5.x before 6.5.5, and 6.6.x before 6.6.2. A buffer overflow and application crash can occur via a crafted KTX image file.
CVE-2024-25395 1 Rt-thread 1 Rt-thread 2025-11-04 8.8 High
A buffer overflow occurs in utilities/rt-link/src/rtlink.c in RT-Thread through 5.0.2.
CVE-2024-25394 1 Rt-thread 1 Rt-thread 2025-11-04 4.3 Medium
A buffer overflow occurs in utilities/ymodem/ry_sy.c in RT-Thread through 5.0.2 because of an incorrect sprintf call or a missing '\0' character.
CVE-2024-25393 1 Rt-thread 1 Rt-thread 2025-11-04 9.8 Critical
A stack buffer overflow occurs in net/at/src/at_server.c in RT-Thread through 5.0.2.
CVE-2024-25392 1 Rt-thread 1 Rt-thread 2025-11-04 5.9 Medium
An out-of-bounds access occurs in utilities/var_export/var_export.c in RT-Thread through 5.0.2.
CVE-2024-25391 1 Rt-thread 1 Rt-thread 2025-11-04 8.4 High
A stack buffer overflow occurs in libc/posix/ipc/mqueue.c in RT-Thread through 5.0.2.
CVE-2024-25390 1 Rt-thread 1 Rt-thread 2025-11-04 8.4 High
A heap buffer overflow occurs in finsh/msh_file.c and finsh/msh.c in RT-Thread through 5.0.2.
CVE-2024-25388 1 Rt-thread 1 Rt-thread 2025-11-04 8.4 High
drivers/wlan/wlan_mgmt,c in RT-Thread through 5.0.2 has an integer signedness error and resultant buffer overflow.
CVE-2024-24976 1 Openautomationsoftware 1 Open Automation Software 2025-11-04 4.9 Medium
A denial of service vulnerability exists in the OAS Engine File Data Source Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can cause the running program to stop. An attacker can send a sequence of requests to trigger this vulnerability.
CVE-2024-24479 2 Fedoraproject, Wireshark 2 Fedora, Wireshark 2025-11-04 7.5 High
A Buffer Overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the wsutil/to_str.c, and format_fractional_part_nsecs components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.
CVE-2024-24476 2 Fedoraproject, Wireshark 2 Fedora, Wireshark 2025-11-04 7.5 High
A buffer overflow in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the pan/addr_resolv.c, and ws_manuf_lookup_str(), size components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.
CVE-2024-24335 1 Rt-thread 1 Rt-thread 2025-11-04 8.4 High
A heap buffer overflow occurs in the dfs_v2 romfs filesystem RT-Thread through 5.0.2.
CVE-2024-23851 1 Linux 1 Linux Kernel 2025-11-04 5.5 Medium
copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing param_kernel->data_size check. This is related to ctl_ioctl.