Export limit exceeded: 13878 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19955 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19955 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-4062 | 1 Fabian | 1 Theater Seat Booking System | 2025-05-09 | 5.3 Medium |
| A vulnerability has been found in code-projects Theater Seat Booking System 1.0 and classified as critical. Affected by this vulnerability is the function cancel. The manipulation of the argument cancelcustomername leads to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-46585 | 1 Huawei | 1 Harmonyos | 2025-05-09 | 7.5 High |
| Out-of-bounds array read/write vulnerability in the kernel module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2024-45563 | 1 Qualcomm | 28 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 25 more | 2025-05-09 | 6.6 Medium |
| Memory corruption while handling schedule request in Camera Request Manager(CRM) due to invalid link count in the corresponding session. | ||||
| CVE-2022-33185 | 1 Broadcom | 1 Fabric Operating System | 2025-05-09 | 7.8 High |
| Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer overflows, allowing arbitrary code execution as the root user account. | ||||
| CVE-2025-27132 | 1 Openatom | 1 Openharmony | 2025-05-09 | 3.8 Low |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios. | ||||
| CVE-2024-24924 | 1 Siemens | 1 Simcenter Femap | 2025-05-09 | 7.8 High |
| A vulnerability has been identified in Simcenter Femap (All versions < V2306.0000). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-22059) | ||||
| CVE-2024-23803 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-05-09 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions), Tecnomatix Plant Simulation V2302 (All versions < V2302.0007). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2024-23795 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-05-09 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0012), Tecnomatix Plant Simulation V2302 (All versions < V2302.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted WRL file. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2016-20016 | 1 Mvpower | 4 Tv-7104he, Tv-7104he Firmware, Tv7108he and 1 more | 2025-05-09 | 9.8 Critical |
| MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell that is accessible via a /shell URI. A remote unauthenticated attacker can execute arbitrary operating system commands as root. This vulnerability has also been referred to as the "JAWS webserver RCE" because of the easily identifying HTTP response server field. Other firmware versions, at least from 2014 through 2019, can be affected. This was exploited in the wild in 2017 through 2022. | ||||
| CVE-2022-43045 | 1 Gpac | 1 Gpac | 2025-05-09 | 5.5 Medium |
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_dump_vrml_sffield at /scene_manager/scene_dump.c. | ||||
| CVE-2022-43044 | 1 Gpac | 1 Gpac | 2025-05-09 | 5.5 Medium |
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_isom_get_meta_item_info at /isomedia/meta.c. | ||||
| CVE-2022-43042 | 1 Gpac | 1 Gpac | 2025-05-09 | 7.8 High |
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a heap buffer overflow via the function FixSDTPInTRAF at isomedia/isom_intern.c. | ||||
| CVE-2022-43040 | 1 Gpac | 1 Gpac | 2025-05-09 | 7.8 High |
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a heap buffer overflow via the function gf_isom_box_dump_start_ex at /isomedia/box_funcs.c. | ||||
| CVE-2022-43026 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-05-09 | 9.8 Critical |
| Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the endIp parameter at /goform/SetPptpServerCfg. | ||||
| CVE-2022-43025 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-05-09 | 9.8 Critical |
| Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the startIp parameter at /goform/SetPptpServerCfg. | ||||
| CVE-2022-43024 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-05-09 | 9.8 Critical |
| Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the list parameter at /goform/SetVirtualServerCfg. | ||||
| CVE-2022-41415 | 1 Acer | 2 Altos W2000h-w570h F4, Altos W2000h-w570h F4 Firmware | 2025-05-08 | 9.8 Critical |
| Acer Altos W2000h-W570h F4 R01.03.0018 was discovered to contain a stack overflow in the RevserveMem component. This vulnerability allows attackers to cause a Denial of Service (DoS) via injecting crafted shellcode into the NVRAM variable. | ||||
| CVE-2022-43281 | 1 Webassembly | 1 Wasm | 2025-05-08 | 7.8 High |
| wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector<wabt::Type, std::allocator<wabt::Type>>::size() at /bits/stl_vector.h. | ||||
| CVE-2022-43184 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2025-05-08 | 9.8 Critical |
| D-Link DIR878 1.30B08 Hotfix_04 was discovered to contain a command injection vulnerability via the component /bin/proc.cgi. | ||||
| CVE-2022-43039 | 1 Gpac | 1 Gpac | 2025-05-08 | 5.5 Medium |
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_isom_meta_restore_items_ref at /isomedia/meta.c. | ||||