Export limit exceeded: 44189 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44189 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-42418 | 1 Pdf-xchange | 1 Pdf-xchange Editor | 2025-03-31 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18677. | ||||
| CVE-2024-3855 | 1 Mozilla | 1 Firefox | 2025-03-31 | 6.5 Medium |
| In certain cases the JIT incorrectly optimized MSubstr operations, which led to out-of-bounds reads. This vulnerability affects Firefox < 125. | ||||
| CVE-2024-55627 | 1 Oisf | 1 Suricata | 2025-03-31 | 5.9 Medium |
| Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a specially crafted TCP stream can lead to a very large buffer overflow while being zero-filled during initialization with memset due to an unsigned integer underflow. The issue has been addressed in Suricata 7.0.8. | ||||
| CVE-2024-4950 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-03-28 | 5.3 Medium |
| Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low) | ||||
| CVE-2025-29121 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-28 | 7.5 High |
| A vulnerability was found in Tenda AC6 V15.03.05.16. The vulnerability affects the functionality of the /goform/fast_setting_wifi_set file form_fast_setting_wifi_set. Using the timeZone parameter causes a stack-based buffer overflow. | ||||
| CVE-2025-23058 | 1 Arubanetworks | 1 Clearpass Policy Manager | 2025-03-28 | 8.8 High |
| A vulnerability in the ClearPass Policy Manager web-based management interface allows a low-privileged (read-only) authenticated remote attacker to gain unauthorized access to data and the ability to execute functions that should be restricted to administrators only with read/write privileges. Successful exploitation could enable a low-privileged user to execute administrative functions leading to an escalation of privileges. | ||||
| CVE-2023-24169 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-28 | 9.8 Critical |
| Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via /goform/FUN_0007343c. | ||||
| CVE-2024-54954 | 1 Zhyd | 1 Oneblog | 2025-03-28 | 8 High |
| OneBlog v2.3.6 was discovered to contain a template injection vulnerability via the template management department. | ||||
| CVE-2024-6354 | 1 Devolutions | 1 Remote Desktop Manager | 2025-03-28 | 7.2 High |
| Improper access control in PAM dashboard in Devolutions Remote Desktop Manager 2024.2.11 and earlier on Windows allows an authenticated user to bypass the execute permission via the use of the PAM dashboard. | ||||
| CVE-2024-28563 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | 5.9 Medium |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the Imf_2_2::DwaCompressor::Classifier::Classifier() function when reading images in EXR format. | ||||
| CVE-2024-28564 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | 6.2 Medium |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the Imf_2_2::CharPtrIO::readChars() function when reading images in EXR format. | ||||
| CVE-2024-28565 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | 5.5 Medium |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the psdParser::ReadImageData() function when reading images in PSD format. | ||||
| CVE-2024-28566 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | 8.4 High |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the AssignPixel() function when reading images in TIFF format. | ||||
| CVE-2024-28567 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | 6.2 Medium |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the FreeImage_CreateICCProfile() function when reading images in TIFF format. | ||||
| CVE-2024-28568 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | 6.2 Medium |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the read_iptc_profile() function when reading images in TIFF format. | ||||
| CVE-2024-28569 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | 7.8 High |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the Imf_2_2::Xdr::read() function when reading images in EXR format. | ||||
| CVE-2024-28570 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | 5.5 Medium |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the processMakerNote() function when reading images in JPEG format. | ||||
| CVE-2024-28571 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | 5.5 Medium |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the fill_input_buffer() function when reading images in JPEG format. | ||||
| CVE-2024-28572 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | 6.2 Medium |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the FreeImage_SetTagValue() function when reading images in JPEG format. | ||||
| CVE-2024-28573 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | 6.2 Medium |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the jpeg_read_exif_profile() function when reading images in JPEG format. | ||||