Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-46878 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2025-04-15 | N/A | 8.8 HIGH |
| Mozilla developers Randell Jesup, Valentin Gosu, Olli Pettay, and the Mozilla Fuzzing Team reported memory safety bugs present in Thunderbird 102.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 108, Firefox ESR < 102.6, and Thunderbird < 102.6. | |||||
| CVE-2022-46563 | 1 Dlink | 2 Dir-882 A1, Dir-882 A1 Firmware | 2025-04-15 | N/A | 7.2 HIGH |
| D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetDynamicDNSSettings module. | |||||
| CVE-2022-46560 | 1 Dlink | 2 Dir-882 A1, Dir-882 A1 Firmware | 2025-04-15 | N/A | 7.2 HIGH |
| D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan2Settings module. | |||||
| CVE-2022-46561 | 1 Dlink | 2 Dir-882 A1, Dir-882 A1 Firmware | 2025-04-15 | N/A | 7.2 HIGH |
| D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWanSettings module. | |||||
| CVE-2022-46566 | 1 Dlink | 2 Dir-882 A1, Dir-882 A1 Firmware | 2025-04-15 | N/A | 7.2 HIGH |
| D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetQuickVPNSettings module. | |||||
| CVE-2022-46570 | 1 Dlink | 2 Dir-882 A1, Dir-882 A1 Firmware | 2025-04-15 | N/A | 7.2 HIGH |
| D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Password parameter in the SetWan3Settings module. | |||||
| CVE-2022-46562 | 1 Dlink | 2 Dir-882 A1, Dir-882 A1 Firmware | 2025-04-15 | N/A | 7.2 HIGH |
| D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the PSK parameter in the SetQuickVPNSettings module. | |||||
| CVE-2022-46568 | 1 Dlink | 2 Dir-882 A1, Dir-882 A1 Firmware | 2025-04-15 | N/A | 7.2 HIGH |
| D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the AccountPassword parameter in the SetSysEmailSettings module. | |||||
| CVE-2022-46569 | 1 Dlink | 2 Dir-882 A1, Dir-882 A1 Firmware | 2025-04-15 | N/A | 7.2 HIGH |
| D-Link DIR-882 DIR882A1_FW130B06, DIR-878 DIR_878_FW1.30B08 was discovered to contain a stack overflow via the Key parameter in the SetWLanRadioSecurity module. | |||||
| CVE-2022-46600 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-14 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the wps_sta_enrollee_pin parameter in the action set_sta_enrollee_pin_24g function. | |||||
| CVE-2025-27178 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-04-14 | N/A | 7.8 HIGH |
| InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-27177 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-04-14 | N/A | 7.8 HIGH |
| InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-21966 | 1 Linux | 1 Linux Kernel | 2025-04-14 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: dm-flakey: Fix memory corruption in optional corrupt_bio_byte feature Fix memory corruption due to incorrect parameter being passed to bio_init | |||||
| CVE-2022-46580 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the user_edit_page parameter in the wifi_captive_portal function. | |||||
| CVE-2014-125026 | 1 Cloudflare | 1 Golz4 | 2025-04-11 | N/A | 9.8 CRITICAL |
| LZ4 bindings use a deprecated C API that is vulnerable to memory corruption, which could lead to arbitrary code execution if called with untrusted user input. | |||||
| CVE-2022-46582 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the login_name parameter in the do_graph_auth (sub_4061E0) function. | |||||
| CVE-2022-46581 | 1 Trendnet | 2 Tew-755ap, Tew-755ap Firmware | 2025-04-11 | N/A | 9.8 CRITICAL |
| TRENDnet TEW755AP 1.13B01 was discovered to contain a stack overflow via the cameo.cameo.nslookup_target parameter in the tools_nslookup function. | |||||
| CVE-2025-1164 | 1 Code-projects | 1 Police Fir Record Management System | 2025-04-11 | N/A | 5.5 MEDIUM |
| A vulnerability, which was classified as problematic, has been found in code-projects Police FIR Record Management System 1.0. This issue affects some unknown processing of the component Add Record Handler. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-7991 | 1 Autodesk | 10 Autocad, Autocad Advance Steel, Autocad Architecture and 7 more | 2025-04-11 | N/A | 7.8 HIGH |
| A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | |||||
| CVE-2024-8600 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-11 | N/A | 7.8 HIGH |
| A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | |||||