Export limit exceeded: 348823 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 348823 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 21836 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21836 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-42516 | 1 Google | 1 Android | 2025-04-17 | 4.4 Medium |
| In ProtocolSimBuilderLegacy::BuildSimGetGbaAuth of protocolsimbuilderlegacy.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763577References: N/A | ||||
| CVE-2022-42515 | 1 Google | 1 Android | 2025-04-17 | 4.4 Medium |
| In MiscService::DoOemSetRtpPktlossThreshold of miscservice.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763503References: N/A | ||||
| CVE-2022-42514 | 1 Google | 1 Android | 2025-04-17 | 4.4 Medium |
| In ProtocolImsBuilder::BuildSetConfig of protocolimsbuilder.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-241763298References: N/A | ||||
| CVE-2023-49552 | 1 Cesanta | 1 Mjs | 2025-04-17 | 7.5 High |
| An Out of Bounds Write in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_op_json_stringify function in the msj.c file. | ||||
| CVE-2022-42530 | 1 Google | 1 Android | 2025-04-17 | 4.4 Medium |
| In Pixel firmware, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242331893References: N/A | ||||
| CVE-2022-1740 | 1 Dominionvoting | 2 Democracy Suite, Imagecast X | 2025-04-17 | 4.6 Medium |
| The tested version of Dominion Voting Systems ImageCast X’s on-screen application hash display feature, audit log export, and application export functionality rely on self-attestation mechanisms. An attacker could leverage this vulnerability to disguise malicious applications on a device. | ||||
| CVE-2023-33025 | 1 Qualcomm | 48 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 45 more | 2025-04-17 | 9.8 Critical |
| Memory corruption in Data Modem when a non-standard SDP body, during a VOLTE call. | ||||
| CVE-2022-42543 | 1 Google | 1 Android | 2025-04-17 | 4.4 Medium |
| In fdt_path_offset_namelen of fdt_ro.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-249998113References: N/A | ||||
| CVE-2023-51439 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2025-04-17 | 7.8 High |
| A vulnerability has been identified in JT2Go (All versions < V14.3.0.6), Teamcenter Visualization V13.3 (All versions < V13.3.0.13), Teamcenter Visualization V14.1 (All versions < V14.1.0.12), Teamcenter Visualization V14.2 (All versions < V14.2.0.9), Teamcenter Visualization V14.3 (All versions < V14.3.0.6). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted CGM files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2023-48264 | 1 Bosch | 21 Nexo-os, Nexo Cordless Nutrunner Nxa011s-36v-b \(0608842012\), Nexo Cordless Nutrunner Nxa011s-36v \(0608842011\) and 18 more | 2025-04-17 | 8.1 High |
| The vulnerability allows an unauthenticated remote attacker to perform a Denial-of-Service (DoS) attack or, possibly, obtain Remote Code Execution (RCE) via a crafted network request. | ||||
| CVE-2022-47520 | 3 Debian, Linux, Netapp | 12 Debian Linux, Linux Kernel, H300s and 9 more | 2025-04-17 | 7.1 High |
| An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) information element from a Netlink packet. | ||||
| CVE-2022-44940 | 1 Patchelf Project | 1 Patchelf | 2025-04-17 | 9.1 Critical |
| Patchelf v0.9 was discovered to contain an out-of-bounds read via the function modifyRPath at src/patchelf.cc. | ||||
| CVE-2022-42946 | 1 Autodesk | 1 Maya | 2025-04-17 | 7.1 High |
| Parsing a maliciously crafted X_B and PRT file can force Autodesk Maya 2023 and 2022 to read beyond allocated buffer. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | ||||
| CVE-2022-45666 | 1 Tenda | 2 I22, I22 Firmware | 2025-04-17 | 7.5 High |
| Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDset function. | ||||
| CVE-2022-45665 | 1 Tenda | 2 I22, I22 Firmware | 2025-04-17 | 7.5 High |
| Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the funcpara1 parameter in the formSetCfm function. | ||||
| CVE-2024-54808 | 1 Netgear | 2 Wnr854t, Wnr854t Firmware | 2025-04-17 | 9.8 Critical |
| Netgear WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the SetDefaultConnectionService function due to an unconstrained use of sscanf. The vulnerability allows for control of the program counter and can be utilized to achieve arbitrary code execution. | ||||
| CVE-2024-54809 | 1 Netgear | 2 Wnr854t, Wnr854t Firmware | 2025-04-17 | 9.8 Critical |
| Netgear Inc WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the parse_st_header function due to use of a request header parameter in a strncpy where size is determined based on the input specified. By sending a specially crafted packet, an attacker can take control of the program counter and hijack control flow of the program to execute arbitrary system commands. | ||||
| CVE-2025-3015 | 1 Assimp | 1 Assimp | 2025-04-17 | 6.3 Medium |
| A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::ASEImporter::BuildUniqueRepresentation of the file code/AssetLib/ASE/ASELoader.cpp of the component ASE File Handler. The manipulation of the argument mIndices leads to out-of-bounds read. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 6.0 is able to address this issue. The patch is named 7c705fde418d68cca4e8eff56be01b2617b0d6fe. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2022-46536 | 1 Tenda | 2 F1203, F1203 Firmware | 2025-04-16 | 7.5 High |
| Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the limitSpeedUp parameter at /goform/SetClientState. | ||||
| CVE-2019-11851 | 1 Sierrawireless | 13 Aleos, Es440, Es450 and 10 more | 2025-04-16 | 9.8 Critical |
| The ACENet service in Sierra Wireless ALEOS before 4.4.9, 4.5.x through 4.9.x before 4.9.5, and 4.10.x through 4.13.x before 4.14.0 allows remote attackers to execute arbitrary code via a buffer overflow. | ||||