Export limit exceeded: 14527 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (14527 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-25217 2 Rttsoftware, Speed Software 2 Pdf Explorer, Explorer 2026-03-27 8.4 High
PDF Explorer 1.5.66.2 contains a structured exception handler (SEH) overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH records with malicious data. Attackers can craft a payload with buffer overflow, NSEH jump, and ROP gadget chains that execute when the Custom fields settings dialog processes the malicious input in the Label field.
CVE-2020-37140 3 Aida64, Finalwire, Linuxfoundation 3 Aida64, Everest, Everest 2026-03-27 5.5 Medium
Everest, later referred to as AIDA64, 5.50.2100 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating file open functionality. Attackers can generate a 450-byte buffer of repeated characters and paste it into the file open dialog to trigger an application crash.
CVE-2025-5601 1 Wireshark 1 Wireshark 2026-03-27 7.8 High
Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file
CVE-2024-8250 1 Wireshark 1 Wireshark 2026-03-27 7.8 High
NTLMSSP dissector crash in Wireshark 4.2.0 to 4.0.6 and 4.0.0 to 4.0.16 allows denial of service via packet injection or crafted capture file
CVE-2024-4853 2 Fedoraproject, Wireshark 2 Fedora, Wireshark 2026-03-27 3.6 Low
Memory handling issue in editcap could cause denial of service via crafted capture file
CVE-2019-25648 1 Ivideogo 1 Myvideoconverter Pro 2026-03-27 6.2 Medium
MyVideoConverter Pro 3.14 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying an excessively long string to the registration code input field. Attackers can paste a malicious payload containing 10000 bytes into the 'Copy and Paste Registration Code' field to trigger a denial of service condition.
CVE-2019-25649 1 Riverpast 1 River Past Audio Converter 2026-03-27 5.5 Medium
River Past Audio Converter 7.7.16 contains a local buffer overflow vulnerability in the activation code field that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a large payload of repeated characters into the 'E-Mail and Activation Code' field and click 'Activate' to trigger a denial of service condition.
CVE-2019-25650 1 Riverpast 1 River Past Camdo 2026-03-27 8.4 High
River Past CamDo 3.7.6 contains a structured exception handler (SEH) buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lame_enc.dll name field. Attackers can craft a payload with a 280-byte buffer, NSEH jump instruction, and SEH handler address pointing to a pop-pop-ret gadget to trigger code execution and establish a bind shell on port 3110.
CVE-2026-33854 1 Molotovcherry 1 Android-imagemagick7 2026-03-27 8.8 High
Out-of-bounds Write vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-10.
CVE-2026-4756 1 Molotovcherry 1 Android-imagemagick7 2026-03-27 7.8 High
Out-of-bounds Write vulnerability in MolotovCherry Android-ImageMagick7.This issue affects Android-ImageMagick7: before 7.1.2-11.
CVE-2019-25633 1 Aida64 2 Aida64, Aida64 Extreme 2026-03-27 8.4 High
AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input through the email preferences and report wizard interfaces. Attackers can inject crafted payloads into the Display name field and Load from file parameter to trigger the overflow and execute shellcode with application privileges.
CVE-2019-25646 1 Tabslab 1 Mailcarrier 2026-03-26 9.8 Critical
Tabs Mail Carrier 2.5.1 contains a buffer overflow vulnerability in the MAIL FROM SMTP command that allows remote attackers to execute arbitrary code by sending a crafted MAIL FROM parameter. Attackers can connect to the SMTP service on port 25 and send a malicious MAIL FROM command with an oversized buffer to overwrite the EIP register and execute a bind shell payload.
CVE-2023-43010 2 Apple, Redhat 11 Ios And Ipados, Ipados, Iphone Os and 8 more 2026-03-25 8.8 High
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.2 and iPadOS 17.2, macOS Sonoma 14.2, Safari 17.2, iOS 16.7.15 and iPadOS 16.7.15, iOS 15.8.7 and iPadOS 15.8.7. Processing maliciously crafted web content may lead to memory corruption.
CVE-2026-4673 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-03-25 8.8 High
Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
CVE-2026-4675 4 Apple, Google, Linux and 1 more 4 Macos, Chrome, Linux Kernel and 1 more 2026-03-25 8.8 High
Heap buffer overflow in WebGL in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
CVE-2026-4746 1 Timeplus-io 1 Proton 2026-03-25 N/A
Out-of-bounds Write vulnerability in timeplus-io proton (base/poco/Foundation/src‎ modules). This vulnerability is associated with program files inflate.C. This issue affects proton: before 1.6.16.
CVE-2026-33850 1 Wujekfoliarz 1 Dualsensey-v2 2026-03-25 7.8 High
Out-of-bounds Write vulnerability in WujekFoliarz DualSenseY-v2.This issue affects DualSenseY-v2: before 54.
CVE-2019-25628 1 Speedbit 1 Download Accelerator Plus 2026-03-25 9.8 Critical
Download Accelerator Plus DAP 10.0.6.0 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by crafting malicious URLs. Attackers can create specially crafted URLs with overflowing buffer data that overwrites SEH pointers and executes embedded shellcode when imported through the application's web page import functionality.
CVE-2019-25637 1 Freshsoftware 1 Netstat Pro 2026-03-25 8.4 High
X-NetStat Pro 5.63 contains a local buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting the EIP register through a 264-byte buffer overflow. Attackers can inject shellcode into memory and use an egg hunter technique to locate and execute the payload when the application processes malicious input through HTTP Client or Rules functionality.
CVE-2025-71109 1 Linux 1 Linux Kernel 2026-03-25 5.5 Medium
In the Linux kernel, the following vulnerability has been resolved: MIPS: ftrace: Fix memory corruption when kernel is located beyond 32 bits Since commit e424054000878 ("MIPS: Tracing: Reduce the overhead of dynamic Function Tracer"), the macro UASM_i_LA_mostly has been used, and this macro can generate more than 2 instructions. At the same time, the code in ftrace assumes that no more than 2 instructions can be generated, which is why it stores them in an int[2] array. However, as previously noted, the macro UASM_i_LA_mostly (and now UASM_i_LA) causes a buffer overflow when _mcount is beyond 32 bits. This leads to corruption of the variables located in the __read_mostly section. This corruption was observed because the variable __cpu_primary_thread_mask was corrupted, causing a hang very early during boot. This fix prevents the corruption by avoiding the generation of instructions if they could exceed 2 instructions in length. Fortunately, insn_la_mcount is only used if the instrumented code is located outside the kernel code section, so dynamic ftrace can still be used, albeit in a more limited scope. This is still preferable to corrupting memory and/or crashing the kernel.