Export limit exceeded: 34736 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (42196 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-32356 | 1 Apple | 1 Macos | 2025-05-01 | 7.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | ||||
| CVE-2023-28215 | 1 Apple | 1 Macos | 2025-05-01 | 7.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | ||||
| CVE-2023-28209 | 1 Apple | 1 Macos | 2025-05-01 | 7.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory. | ||||
| CVE-2022-44311 | 1 Html2xhtml Project | 1 Html2xhtml | 2025-05-01 | 8.1 High |
| html2xhtml v1.3 was discovered to contain an Out-Of-Bounds read in the function static void elm_close(tree_node_t *nodo) at procesador.c. This vulnerability allows attackers to access sensitive files or cause a Denial of Service (DoS) via a crafted html file. | ||||
| CVE-2022-43945 | 3 Linux, Netapp, Redhat | 14 Linux Kernel, Active Iq Unified Manager, H300s and 11 more | 2025-05-01 | 7.5 High |
| The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send buffers of a remote procedure call (RPC) into a single array of pages. A client can force the send buffer to shrink by sending an RPC message over TCP with garbage data added at the end of the message. The RPC message with garbage data is still correctly formed according to the specification and is passed forward to handlers. Vulnerable code in NFSD is not expecting the oversized request and writes beyond the allocated buffer space. CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H | ||||
| CVE-2022-43343 | 1 N-prolog Project | 1 N-prolog | 2025-05-01 | 7.5 High |
| N-Prolog v1.91 was discovered to contain a global buffer overflow vulnerability in the function gettoken() at Main.c. | ||||
| CVE-2022-41757 | 1 Arm | 1 Valhall Gpu Kernel Driver | 2025-05-01 | 8.8 High |
| An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU processing operations to obtain write access to read-only memory, or obtain access to already freed memory. This affects Valhall r29p0 through r38p1 before r38p2, and r39p0 before r40p0. | ||||
| CVE-2022-32618 | 2 Google, Mediatek | 5 Android, Mt6833, Mt6873 and 2 more | 2025-05-01 | 6.8 Medium |
| In typec, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262454; Issue ID: ALPS07262454. | ||||
| CVE-2022-32617 | 2 Google, Mediatek | 6 Android, Mt6789, Mt6855 and 3 more | 2025-05-01 | 6.8 Medium |
| In typec, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262364; Issue ID: ALPS07262364. | ||||
| CVE-2022-32602 | 2 Google, Mediatek | 17 Android, Mt6833, Mt6883 and 14 more | 2025-05-01 | 5.5 Medium |
| In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388790; Issue ID: ALPS07388790. | ||||
| CVE-2024-29131 | 4 Apache, Fedoraproject, Netapp and 1 more | 7 Commons Configuration, Fedora, Ontap Tools and 4 more | 2025-05-01 | 7.3 High |
| Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue. | ||||
| CVE-2024-29133 | 3 Apache, Fedoraproject, Redhat | 5 Commons Configuration, Fedora, Amq Broker and 2 more | 2025-05-01 | 5.4 Medium |
| Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue. | ||||
| CVE-2024-50997 | 1 Netgear | 9 R6400 Firmware, R6400v2, R6400v2 Firmware and 6 more | 2025-05-01 | 5.7 Medium |
| Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were discovered to contain a stack overflow via the pptp_user_ip parameter at pptp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request. | ||||
| CVE-2023-5176 | 3 Debian, Mozilla, Redhat | 9 Debian Linux, Firefox, Firefox Esr and 6 more | 2025-05-01 | 9.8 Critical |
| Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. | ||||
| CVE-2022-20454 | 1 Google | 1 Android | 2025-05-01 | 6.7 Medium |
| In fdt_next_tag of fdt.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-242096164 | ||||
| CVE-2024-3865 | 1 Mozilla | 1 Firefox | 2025-05-01 | 8.1 High |
| Memory safety bugs present in Firefox 124. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 125. | ||||
| CVE-2021-36160 | 7 Apache, Broadcom, Debian and 4 more | 16 Http Server, Brocade Fabric Operating System Firmware, Debian Linux and 13 more | 2025-05-01 | 7.5 High |
| A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive). | ||||
| CVE-2022-23943 | 5 Apache, Debian, Fedoraproject and 2 more | 8 Http Server, Debian Linux, Fedora and 5 more | 2025-05-01 | 9.8 Critical |
| Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions. | ||||
| CVE-2023-27522 | 4 Apache, Debian, Redhat and 1 more | 6 Http Server, Debian Linux, Enterprise Linux and 3 more | 2025-05-01 | 7.5 High |
| HTTP Response Smuggling vulnerability in Apache HTTP Server via mod_proxy_uwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client. | ||||
| CVE-2024-31951 | 1 Frrouting | 1 Frrouting | 2025-05-01 | 6.5 Medium |
| In the Opaque LSA Extended Link parser in FRRouting (FRR) through 9.1, there can be a buffer overflow and daemon crash in ospf_te_parse_ext_link for OSPF LSA packets during an attempt to read Segment Routing Adjacency SID subTLVs (lengths are not validated). | ||||