Total
2602 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-47095 | 1 Gpac | 1 Gpac | 2025-04-09 | N/A | 7.8 HIGH |
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c | |||||
| CVE-2022-47656 | 1 Gpac | 1 Gpac | 2025-04-09 | N/A | 7.8 HIGH |
| GPAC MP4box 2.1-DEV-rev617-g85ce76efd is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8273 | |||||
| CVE-2022-33276 | 1 Qualcomm | 268 Ar8035, Ar8035 Firmware, Ar9380 and 265 more | 2025-04-09 | N/A | 7.8 HIGH |
| Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command. | |||||
| CVE-2022-25746 | 1 Qualcomm | 196 Aqt1000, Aqt1000 Firmware, Ar8035 and 193 more | 2025-04-09 | N/A | 7.8 HIGH |
| Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping. | |||||
| CVE-2021-26409 | 1 Amd | 2 Milanpi, Milanpi Firmware | 2025-04-09 | N/A | 7.8 HIGH |
| Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table (RMP) memory, potentially resulting in a loss of SNP (Secure Nested Paging) memory integrity. | |||||
| CVE-2024-26915 | 1 Linux | 1 Linux Kernel | 2025-04-08 | N/A | N/A |
| In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Reset IH OVERFLOW_CLEAR bit Allows us to detect subsequent IH ring buffer overflows as well. | |||||
| CVE-2022-3628 | 1 Linux | 1 Linux Kernel | 2025-04-08 | N/A | 6.6 MEDIUM |
| A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges. | |||||
| CVE-2016-0099 | 1 Microsoft | 7 Windows 10 1507, Windows 10 1511, Windows 7 and 4 more | 2025-04-07 | 7.2 HIGH | 7.8 HIGH |
| The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 does not properly process request handles, which allows local users to gain privileges via a crafted application, aka "Secondary Logon Elevation of Privilege Vulnerability." | |||||
| CVE-2013-1331 | 1 Microsoft | 1 Office | 2025-04-04 | 9.3 HIGH | 7.8 HIGH |
| Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability." | |||||
| CVE-2020-15069 | 1 Sophos | 2 Xg Firewall, Xg Firewall Firmware | 2025-04-03 | 7.5 HIGH | 9.8 CRITICAL |
| Sophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow and remote code execution via the HTTP/S Bookmarks feature for clientless access. Hotfix HF062020.1 was published for all firewalls running v17.x. | |||||
| CVE-2025-1852 | 1 Totolink | 2 Ex1800t, Ex1800t Firmware | 2025-04-03 | N/A | 9.8 CRITICAL |
| A vulnerability has been found in Totolink EX1800T 9.1.0cu.2112_B20220316 and classified as critical. This vulnerability affects the function loginAuth of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument password leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-23143 | 1 Gpac | 1 Gpac | 2025-04-03 | N/A | 7.8 HIGH |
| Buffer overflow vulnerability in function avc_parse_slice in file media_tools/av_parsers.c. GPAC version 2.3-DEV-rev1-g4669ba229-master. | |||||
| CVE-2024-10559 | 1 Razormist | 1 Airport Booking Management System | 2025-04-03 | N/A | 7.8 HIGH |
| A vulnerability was found in SourceCodester Airport Booking Management System 1.0 and classified as critical. Affected by this issue is the function Details. The manipulation of the argument passport/name leads to buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | |||||
| CVE-2020-5135 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2025-04-02 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0. | |||||
| CVE-2006-2492 | 1 Microsoft | 2 Office, Works Suite | 2025-04-02 | 7.6 HIGH | 8.8 HIGH |
| Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object pointer, as originally reported by ISC on 20060519 for a zero-day attack. | |||||
| CVE-2024-38576 | 1 Linux | 1 Linux Kernel | 2025-04-01 | N/A | N/A |
| In the Linux kernel, the following vulnerability has been resolved: rcu: Fix buffer overflow in print_cpu_stall_info() The rcuc-starvation output from print_cpu_stall_info() might overflow the buffer if there is a huge difference in jiffies difference. The situation might seem improbable, but computers sometimes get very confused about time, which can result in full-sized integers, and, in this case, buffer overflow. Also, the unsigned jiffies difference is printed using %ld, which is normally for signed integers. This is intentional for debugging purposes, but it is not obvious from the code. This commit therefore changes sprintf() to snprintf() and adds a clarifying comment about intention of %ld format. Found by Linux Verification Center (linuxtesting.org) with SVACE. | |||||
| CVE-2022-47035 | 1 Dlink | 2 Dir-825, Dir-825 Firmware | 2025-03-27 | N/A | 9.8 CRITICAL |
| Buffer Overflow Vulnerability in D-Link DIR-825 v1.33.0.44ebdd4-embedded and below allows attacker to execute arbitrary code via the GetConfig method to the /CPE endpoint. | |||||
| CVE-2021-45429 | 1 Virustotal | 1 Yara | 2025-03-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c362f47ba7 via yr_set_configuration in yara/libyara/libyara.c, which could cause a Denial of Service. | |||||
| CVE-2021-37311 | 1 Fcitx 5 Project | 1 Fcitx 5 | 2025-03-26 | N/A | 7.5 HIGH |
| Buffer Overflow vulnerability in fcitx5 5.0.8 allows attackers to cause a denial of service via crafted message to the application's listening port. | |||||
| CVE-2010-2572 | 1 Microsoft | 1 Powerpoint | 2025-03-26 | 9.3 HIGH | 7.8 HIGH |
| Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint 95 document, aka "PowerPoint Parsing Buffer Overflow Vulnerability." | |||||