Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-38413 | 1 Qualcomm | 14 Fastconnect 7800, Fastconnect 7800 Firmware, Snapdragon 8 Gen 3 Mobile and 11 more | 2025-02-05 | N/A | 7.8 HIGH |
| Memory corruption while processing frame packets. | |||||
| CVE-2021-21148 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-02-05 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2024-38420 | 1 Qualcomm | 320 Aqt1000, Aqt1000 Firmware, Ar8035 and 317 more | 2025-02-05 | N/A | 7.8 HIGH |
| Memory corruption while configuring a Hypervisor based input virtual device. | |||||
| CVE-2021-38427 | 1 Rti | 2 Connext Professional, Connext Secure | 2025-02-05 | 4.6 MEDIUM | 7.8 HIGH |
| RTI Connext DDS Professional and Connext DDS Secure Versions 4.2.x to 6.1.0 are vulnerable to a stack-based buffer overflow, which may allow a local attacker to execute arbitrary code. | |||||
| CVE-2023-39943 | 2025-02-04 | N/A | N/A | ||
| In Ashlar-Vellum Cobalt versions prior to v12 SP2 Build (1204.200), the affected application lacks proper validation of user-supplied data when parsing XE files. This could lead to an out-of-bounds write. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2024-54509 | 1 Apple | 1 Macos | 2025-02-04 | N/A | 7.8 HIGH |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.7.2, macOS Sequoia 15.2, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory. | |||||
| CVE-2023-30368 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2025-02-04 | N/A | 9.8 CRITICAL |
| Tenda AC5 V15.03.06.28 is vulnerable to Buffer Overflow via the initWebs function. | |||||
| CVE-2023-30369 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-02-04 | N/A | 9.8 CRITICAL |
| Tenda AC15 V15.03.05.19 is vulnerable to Buffer Overflow. | |||||
| CVE-2023-30371 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-02-04 | N/A | 9.8 CRITICAL |
| In Tenda AC15 V15.03.05.19, the function "sub_ED14" contains a stack-based buffer overflow vulnerability. | |||||
| CVE-2023-30370 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-02-04 | N/A | 9.8 CRITICAL |
| In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability. | |||||
| CVE-2014-4404 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2025-02-04 | 9.3 HIGH | 7.8 HIGH |
| Heap-based buffer overflow in IOHIDFamily in Apple iOS before 8 and Apple TV before 7 allows attackers to execute arbitrary code in a privileged context via an application that provides crafted key-mapping properties. | |||||
| CVE-2023-30414 | 1 Jerryscript | 1 Jerryscript | 2025-02-04 | N/A | 5.5 MEDIUM |
| Jerryscript commit 1a2c047 was discovered to contain a stack overflow via the component vm_loop at /jerry-core/vm/vm.c. | |||||
| CVE-2023-30373 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-02-04 | N/A | 9.8 CRITICAL |
| In Tenda AC15 V15.03.05.19, the function "xian_pppoe_user" contains a stack-based buffer overflow vulnerability. | |||||
| CVE-2023-30372 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2025-02-04 | N/A | 9.8 CRITICAL |
| In Tenda AC15 V15.03.05.19, The function "xkjs_ver32" contains a stack-based buffer overflow vulnerability. | |||||
| CVE-2023-24819 | 1 Riot-os | 1 Riot | 2025-02-04 | N/A | 9.8 CRITICAL |
| RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be used to corrupt other packets and the allocator metadata. Corrupting a pointer will easily lead to denial of service. While carefully manipulating the allocator metadata gives an attacker the possibility to write data to arbitrary locations and thus execute arbitrary code. Version 2022.10 fixes this issue. As a workaround, disable support for fragmented IP datagrams or apply the patches manually. | |||||
| CVE-2020-16010 | 1 Google | 2 Android, Chrome | 2025-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||||
| CVE-2019-5825 | 1 Google | 1 Chrome | 2025-02-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2023-20869 | 1 Vmware | 2 Fusion, Workstation | 2025-02-04 | N/A | 8.2 HIGH |
| VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. | |||||
| CVE-2024-32039 | 2 Fedoraproject, Freerdp | 2 Fedora, Freerdp | 2025-02-04 | N/A | 9.8 CRITICAL |
| FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` options (e.g. deactivate with `/bpp:32` or `/rfx` as it is on by default). | |||||
| CVE-2024-25942 | 1 Dell | 50 Nx3230, Nx3230 Firmware, Nx3330 and 47 more | 2025-02-04 | N/A | 6.8 MEDIUM |
| Dell PowerEdge Server BIOS contains an Improper SMM communication buffer verification vulnerability. A physical high privileged attacker could potentially exploit this vulnerability leading to arbitrary writes to SMRAM. | |||||