Export limit exceeded: 346705 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 20111 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20111 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-27598 | 1 Sixlabors | 1 Imagesharp | 2025-03-24 | 7.5 High |
| ImageSharp is a 2D graphics API. An Out-of-bounds Write vulnerability has been found in the ImageSharp gif decoder, allowing attackers to cause a crash using a specially crafted gif. This can potentially lead to denial of service. The problem has been patched. All users are advised to upgrade to v3.1.7 or v2.1.10. | ||||
| CVE-2022-34454 | 1 Dell | 1 Emc Powerscale Onefs | 2025-03-24 | 6.7 Medium |
| Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a heap-based buffer overflow. A local privileged malicious user could potentially exploit this vulnerability, leading to system takeover. This impacts compliance mode clusters. | ||||
| CVE-2022-45766 | 1 Keystorage | 1 Global Facilities Management Software | 2025-03-24 | 9.1 Critical |
| Hardcoded credentials in Global Facilities Management Software (GFMS) Version 3 software distributed by Key Systems Management permits remote attackers to impact availability, confidentiality, accessibility and dependability of electronic key boxes. | ||||
| CVE-2022-45104 | 1 Dell | 3 Evasa Provider Virtual Appliance, Solutions Enabler Virtual Appliance, Unisphere For Powermax Virtual Appliance | 2025-03-24 | 8.8 High |
| Dell Unisphere for PowerMax vApp, VASA Provider vApp, and Solution Enabler vApp version 9.2.3.x contain a command execution vulnerability. A low privileged remote attacker could potentially exploit this vulnerability, leading to execute arbitrary commands on the underlying system. | ||||
| CVE-2024-32901 | 1 Google | 1 Android | 2025-03-24 | 7.8 High |
| In v4l2_smfc_qbuf of smfc-v4l2-ioctls.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-24351 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 9.8 Critical |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the FILECODE parameter at /goform/formLogin. | ||||
| CVE-2023-24350 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 9.8 Critical |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the config.smtp_email_subject parameter at /goform/formSetEmail. | ||||
| CVE-2023-24349 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 9.8 Critical |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetRoute. | ||||
| CVE-2024-57016 | 1 Totolink | 2 X5000r, X5000r Firmware | 2025-03-24 | 8.8 High |
| TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "user" parameter in setVpnAccountCfg. | ||||
| CVE-2023-24352 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 9.8 Critical |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWPS. | ||||
| CVE-2022-46649 | 1 Sierrawireless | 9 Aleos, Es450, Gx450 and 6 more | 2025-03-24 | 8.8 High |
| Acemanager in ALEOS before version 4.16 allows a user with valid credentials to manipulate the IP logging operation to execute arbitrary shell commands on the device. | ||||
| CVE-2023-0782 | 1 Tenda | 2 Ac23, Ac23 Firmware | 2025-03-24 | 7.2 High |
| A vulnerability was found in Tenda AC23 16.03.07.45 and classified as critical. Affected by this issue is the function formSetSysToolDDNS/formGetSysToolDDNS of the file /bin/httpd. The manipulation leads to out-of-bounds write. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-220640. | ||||
| CVE-2024-41311 | 2 Debian, Struktur | 2 Debian Linux, Libheif | 2025-03-24 | 8.1 High |
| In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write. | ||||
| CVE-2024-13903 | 1 Quickjs-ng | 1 Quickjs | 2025-03-24 | 4.3 Medium |
| A vulnerability was found in quickjs-ng QuickJS up to 0.8.0. It has been declared as problematic. Affected by this vulnerability is the function JS_GetRuntime of the file quickjs.c of the component qjs. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. Upgrading to version 0.9.0 is able to address this issue. The patch is named 99c02eb45170775a9a679c32b45dd4000ea67aff. It is recommended to upgrade the affected component. | ||||
| CVE-2024-57582 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-22 | 9.8 Critical |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the startIP parameter in the formSetPPTPServer function. | ||||
| CVE-2025-0349 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-22 | 8.8 High |
| A vulnerability classified as critical has been found in Tenda AC6 15.03.05.16. Affected is the function GetParentControlInfo of the file /goform/GetParentControlInfo. The manipulation of the argument src/mac leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | ||||
| CVE-2024-2173 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-03-21 | 6.8 Medium |
| Out of bounds memory access in V8 in Google Chrome prior to 122.0.6261.111 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-22345 | 1 Jtekt | 1 Screen Creator Advance 2 | 2025-03-21 | 7.8 High |
| Out-of-bound write vulnerability exists in Screen Creator Advance 2 Ver.0.1.1.4 Build01 and earlier due to lack of error handling process when out of specification errors are detected. Having a user of Screen Creator Advance 2 to open a specially crafted project file may lead to information disclosure and/or arbitrary code execution. | ||||
| CVE-2023-20945 | 1 Google | 1 Android | 2025-03-21 | 7.8 High |
| In phNciNfc_MfCreateXchgDataHdr of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-246932269 | ||||
| CVE-2023-0803 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-03-21 | 6.8 Medium |
| LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. | ||||