Export limit exceeded: 14285 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14285 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-53711 | 1 Tp-link | 5 Tl-wr841n, Tl-wr841n(eu), Tl-wr841n Firmware and 2 more | 2026-03-19 | 7.5 High |
| A vulnerability has been found in TP-Link TL-WR841N v11, TL-WR842ND v2 and TL-WR494N v3. The vulnerability exists in the /userRpm/WlanNetworkRpm.htm file due to missing input parameter validation, which may lead to the buffer overflow to cause a crash of the web service and result in a denial-of-service (DoS) condition. The attack may be launched remotely. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-43213 | 1 Apple | 9 Ios, Ipados, Iphone Os and 6 more | 2026-03-18 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, macOS Sequoia 15.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, watchOS 11.6, visionOS 2.6. Processing maliciously crafted web content may lead to an unexpected Safari crash. | ||||
| CVE-2025-43214 | 1 Apple | 9 Ios, Ipados, Iphone Os and 6 more | 2026-03-18 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, watchOS 11.6, iOS 18.6 and iPadOS 18.6, tvOS 18.6, macOS Sequoia 15.6, visionOS 2.6. Processing maliciously crafted web content may lead to an unexpected Safari crash. | ||||
| CVE-2026-20636 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-03-18 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in iOS 26.3 and iPadOS 26.3, Safari 26.3, macOS Tahoe 26.3, visionOS 26.3. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2026-20644 | 1 Apple | 6 Ios And Ipados, Ipados, Iphone Os and 3 more | 2026-03-18 | 6.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Tahoe 26.3, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2025-31223 | 2 Apple, Redhat | 14 Ipados, Iphone Os, Macos and 11 more | 2026-03-18 | 8 High |
| The issue was addressed with improved checks. This issue is fixed in watchOS 11.5, tvOS 18.5, iOS 18.5 and iPadOS 18.5, macOS Sequoia 15.5, visionOS 2.5, Safari 18.5. Processing maliciously crafted web content may lead to memory corruption. | ||||
| CVE-2026-20635 | 1 Apple | 8 Ios And Ipados, Ipados, Iphone Os and 5 more | 2026-03-18 | 4.3 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, iOS 18.7.5 and iPadOS 18.7.5, visionOS 26.3, iOS 26.3 and iPadOS 26.3, Safari 26.3. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2025-43433 | 2 Apple, Redhat | 14 Ios, Ipados, Iphone Os and 11 more | 2026-03-18 | 8.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, visionOS 26.1. Processing maliciously crafted web content may lead to memory corruption. | ||||
| CVE-2025-43441 | 2 Apple, Redhat | 14 Ios, Ipad Os, Ipados and 11 more | 2026-03-18 | 4.3 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, Safari 26.1, iOS 18.7.2 and iPadOS 18.7.2, visionOS 26.1. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2015-0797 | 6 Debian, Gstreamer, Linux and 3 more | 16 Debian Linux, Gstreamer, Linux Kernel and 13 more | 2026-03-17 | N/A |
| GStreamer before 1.4.5, as used in Mozilla Firefox before 38.0, Firefox ESR 31.x before 31.7, and Thunderbird before 31.7 on Linux, allows remote attackers to cause a denial of service (buffer over-read and application crash) or possibly execute arbitrary code via crafted H.264 video data in an m4v file. | ||||
| CVE-2021-3498 | 3 Debian, Gstreamer, Redhat | 3 Debian Linux, Gstreamer, Enterprise Linux | 2026-03-17 | 7.8 High |
| GStreamer before 1.18.4 might cause heap corruption when parsing certain malformed Matroska files. | ||||
| CVE-2026-3606 | 2 Ettercap, Ettercap-project | 2 Ettercap, Ettercap | 2026-03-16 | 3.3 Low |
| A vulnerability has been found in Ettercap 0.8.4-Garofalo. Affected by this vulnerability is the function add_data_segment of the file src/ettercap/utils/etterfilter/ef_output.c of the component etterfilter. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2025-43424 | 1 Apple | 3 Ios, Ipados, Iphone Os | 2026-03-13 | 6.5 Medium |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1. A malicious HID device may cause an unexpected process crash. | ||||
| CVE-2026-30883 | 1 Imagemagick | 1 Imagemagick | 2026-03-13 | 5.7 Medium |
| ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-16 and 6.9.13-41, an extremely large image profile could result in a heap overflow when encoding a PNG image. This vulnerability is fixed in 7.1.2-16 and 6.9.13-41. | ||||
| CVE-2026-3393 | 2 Jarikomppa, Solhsa | 2 Soloud, Soloud | 2026-03-13 | 3.3 Low |
| A security vulnerability has been detected in jarikomppa soloud up to 20200207. The impacted element is the function SoLoud::Wav::loadflac of the file src/audiosource/wav/soloud_wav.cpp of the component Audio File Handler. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2025-20005 | 1 Intel | 1 Uefi Firmware | 2026-03-13 | N/A |
| Improper buffer restrictions in some UEFI firmware for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (high) and availability (low) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | ||||
| CVE-2025-20073 | 1 Intel | 1 Uefi Firmware | 2026-03-13 | N/A |
| Improper buffer restrictions in the UEFI DXE module for some Intel(R) Reference Platforms within UEFI may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | ||||
| CVE-2026-3972 | 1 Tenda | 1 W3 | 2026-03-12 | 8.8 High |
| A vulnerability was found in Tenda W3 1.0.0.3(2204). Affected by this issue is the function formSetCfm of the file /goform/setcfm of the component HTTP Handler. The manipulation of the argument funcpara1 results in stack-based buffer overflow. The attack can only be performed from the local network. The exploit has been made public and could be used. | ||||
| CVE-2026-3731 | 1 Libssh | 1 Libssh | 2026-03-12 | 5.3 Medium |
| A weakness has been identified in libssh up to 0.11.3. The impacted element is the function sftp_extensions_get_name/sftp_extensions_get_data of the file src/sftp.c of the component SFTP Extension Name Handler. Executing a manipulation of the argument idx can lead to out-of-bounds read. The attack may be performed from remote. Upgrading to version 0.11.4 and 0.12.0 is sufficient to resolve this issue. This patch is called 855a0853ad3abd4a6cd85ce06fce6d8d4c7a0b60. You should upgrade the affected component. | ||||
| CVE-2026-3732 | 1 Tenda | 2 F453, F453 Firmware | 2026-03-11 | 8.8 High |
| A security vulnerability has been detected in Tenda F453 1.0.0.3. This affects the function strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. | ||||