Export limit exceeded: 347829 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 21730 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21730 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-28579 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | 6.2 Medium |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to cause a denial of service (DoS) via the FreeImage_Unload() function when reading images in HDR format. | ||||
| CVE-2024-28580 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | 8.4 High |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the ReadData() function when reading images in RAS format. | ||||
| CVE-2024-28581 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | 8.4 High |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the _assignPixel<>() function when reading images in TARGA format. | ||||
| CVE-2024-28582 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | 8.4 High |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the rgbe_RGBEToFloat() function when reading images in HDR format. | ||||
| CVE-2024-28583 | 1 Freeimage Project | 1 Freeimage | 2025-03-28 | 7.8 High |
| Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the readLine() function when reading images in XPM format. | ||||
| CVE-2022-48303 | 3 Fedoraproject, Gnu, Redhat | 4 Fedora, Tar, Enterprise Linux and 1 more | 2025-03-27 | 5.5 Medium |
| GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters. | ||||
| CVE-2022-42403 | 1 Pdf-xchange | 1 Pdf-xchange Editor | 2025-03-27 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18892. | ||||
| CVE-2024-32894 | 1 Google | 1 Android | 2025-03-27 | 7.5 High |
| In bc_get_converted_received_bearer of bc_utilities.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2022-47035 | 1 Dlink | 2 Dir-825, Dir-825 Firmware | 2025-03-27 | 9.8 Critical |
| Buffer Overflow Vulnerability in D-Link DIR-825 v1.33.0.44ebdd4-embedded and below allows attacker to execute arbitrary code via the GetConfig method to the /CPE endpoint. | ||||
| CVE-2022-39061 | 1 Changingtec | 1 Megaservisignadapter | 2025-03-27 | 6.5 Medium |
| ChangingTech MegaServiSignAdapter component has a vulnerability of Out-of-bounds Read due to insufficient validation for parameter length. An unauthenticated remote attacker can exploit this vulnerability to access partial sensitive content in memory and disrupts partial services. | ||||
| CVE-2024-29778 | 1 Google | 1 Android | 2025-03-27 | 4.7 Medium |
| In ProtocolPsDedicatedBearInfoAdapter::processQosSession of protocolpsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation. | ||||
| CVE-2025-26336 | 1 Dell | 4 Chassis Management Controller For Poweredge Fx2, Chassis Management Controller For Poweredge Fx2 Firmware, Chassis Management Controller For Poweredge Vrtx and 1 more | 2025-03-27 | 8.3 High |
| Dell Chassis Management Controller Firmware for Dell PowerEdge FX2, version(s) prior to 2.40.200.202101130302, and Dell Chassis Management Controller Firmware for Dell PowerEdge VRTX version(s) prior to 3.41.200.202209300499, contain(s) a Stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution. | ||||
| CVE-2022-40134 | 1 Lenovo | 650 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 647 more | 2025-03-27 | 4.4 Medium |
| An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory. | ||||
| CVE-2022-40135 | 1 Lenovo | 269 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 266 more | 2025-03-27 | 4.4 Medium |
| An information leak vulnerability in the Smart USB Protection SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory. | ||||
| CVE-2025-29149 | 1 Tenda | 2 I12, I12 Firmware | 2025-03-27 | 7.5 High |
| Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function. | ||||
| CVE-2022-40136 | 1 Lenovo | 291 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 288 more | 2025-03-27 | 4.4 Medium |
| An information leak vulnerability in SMI Handler used to configure platform settings over WMI in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory. | ||||
| CVE-2022-40137 | 1 Lenovo | 571 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 568 more | 2025-03-27 | 6.7 Medium |
| A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code. | ||||
| CVE-2022-34884 | 1 Lenovo | 196 Thinkagile Hx1021, Thinkagile Hx1021 Firmware, Thinkagile Hx1320 and 193 more | 2025-03-27 | 7.2 High |
| A buffer overflow exists in the Remote Presence subsystem which can potentially allow valid, authenticated users to cause a recoverable subsystem denial of service. | ||||
| CVE-2021-45429 | 1 Virustotal | 1 Yara | 2025-03-27 | 5.5 Medium |
| A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c362f47ba7 via yr_set_configuration in yara/libyara/libyara.c, which could cause a Denial of Service. | ||||
| CVE-2024-1553 | 3 Debian, Mozilla, Redhat | 9 Debian Linux, Firefox, Firefox Esr and 6 more | 2025-03-27 | 8.1 High |
| Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8. | ||||