Export limit exceeded: 23552 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23552 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-43692 | 1 Malwarebytes | 1 Malwarebytes | 2026-04-15 | 7.5 High |
| An issue was discovered in Malwarebytes before 4.6.14.326 and before 5.1.5.116 (and Nebula 2020-10-21 and later). Out-of-bound reads in strings detection utilities lead to system crashes. | ||||
| CVE-2024-30164 | 3 Apple, Codesys, Microsoft | 3 Macos, Linux, Windows | 2026-04-15 | 6.7 Medium |
| Amazon AWS Client VPN has a buffer overflow that could potentially allow a local actor to execute arbitrary commands with elevated permissions. This is resolved in 3.11.1 on Windows, 3.9.1 on macOS, and 3.12.1 on Linux. NOTE: although the macOS resolution is the same as for CVE-2024-30165, this vulnerability on macOS is not the same as CVE-2024-30165. | ||||
| CVE-2024-31150 | 1 Intel | 1 Graphics Driver | 2026-04-15 | 3.8 Low |
| Out-of-bounds read for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable information disclosure via local access. | ||||
| CVE-2024-42011 | 1 Spotify | 1 Spotify App | 2026-04-15 | 7.5 High |
| The Spotify app 8.9.58 for iOS has a buffer overflow in its use of strcat. | ||||
| CVE-2025-62691 | 2 Intercom, Microsoft | 2 Malion, Windows | 2026-04-15 | N/A |
| Security Point (Windows) of MaLion and MaLionCloud contains a stack-based buffer overflow vulnerability in processing HTTP headers. Receiving a specially crafted request from a remote unauthenticated attacker could lead to arbitrary code execution with SYSTEM privilege. | ||||
| CVE-2025-11594 | 2026-04-15 | 5.3 Medium | ||
| A vulnerability has been found in ywxbear PHP-Bookstore-Website-Example and PHP Basic BookStore Website up to 0e0b9f542f7a2d90a8d7f8c83caca69294e234e4. This issue affects some unknown processing of the file /index.php of the component Quantity Handler. Such manipulation leads to improper validation of specified quantity in input. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. | ||||
| CVE-2024-35371 | 1 Ant-media | 1 Ant-media-server | 2026-04-15 | 7.5 High |
| Ant-Media-Serverv2.8.2 is affected by Improper Output Neutralization for Logs. The vulnerability stems from insufficient input sanitization in the logging mechanism. Without proper filtering or validation, user-controllable data, such as identifiers or other sensitive information, can be included in log entries without restrictions. | ||||
| CVE-2024-41882 | 2026-04-15 | N/A | ||
| Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. An attacker can cause a stack overflow by entering large data into URL parameters, which will result in a system reboot. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds. | ||||
| CVE-2025-32089 | 2 Broadcom, Dell | 2 Bcm5820x, Controlvault3 | 2026-04-15 | 8.8 High |
| A buffer overflow vulnerability exists in the CvManager_SBI functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to a arbitrary code execution. An attacker can issue an api call to trigger this vulnerability. | ||||
| CVE-2024-48806 | 2026-04-15 | 6.8 Medium | ||
| Buffer Overflow vulnerability in Neat Board NFC v.1.20240620.0015 allows a physically proximate attackers to escalate privileges via a crafted payload to the password field | ||||
| CVE-2024-27908 | 2026-04-15 | 4.9 Medium | ||
| A buffer overflow vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in denial of service. | ||||
| CVE-2024-3185 | 1 Rapid7 | 1 Insight Agent | 2026-04-15 | 6.8 Medium |
| A key used in logging.json does not follow the least privilege principle by default and is exposed to local users in the Rapid7 Platform. This allows an attacker with local access to a machine with the logging.json file to use that key to authenticate to the platform with high privileges. This was fixed in the Rapid7 platform starting 3 April 2024 via the introduction of a restricted role and the removal of automatic API key generation on installation of an agent. | ||||
| CVE-2024-48851 | 1 Abb | 1 Flxeon | 2026-04-15 | 7.2 High |
| Improper Validation of Specified Type of Input vulnerability in ABB FLXEON.A remote code execution is possible due to an improper input validation. This issue affects FLXEON: through 9.3.5. | ||||
| CVE-2024-30516 | 2 Saasproject, Wordpress | 2 Booking Package, Wordpress | 2026-04-15 | 7.5 High |
| Improper Validation of Specified Quantity in Input vulnerability in SaasProject Booking Package allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booking Package: from n/a through 1.6.27. | ||||
| CVE-2024-11217 | 1 Redhat | 1 Openshift | 2026-04-15 | 4.9 Medium |
| A vulnerability was found in the OAuth-server. OAuth-server logs the OAuth2 client secret when the logLevel is Debug higher for OIDC/GitHub/GitLab/Google IDPs login options. | ||||
| CVE-2025-7745 | 2026-04-15 | 5.8 Medium | ||
| Buffer Over-read vulnerability in ABB AC500 V2.This issue affects AC500 V2: through 2.5.2. | ||||
| CVE-2024-3100 | 1 Lenovo | 55 100w Gen 3 Firmware, 100w Gen 4 Firmware, 13w Yoga Firmware and 52 more | 2026-04-15 | 6.7 Medium |
| A potential buffer overflow vulnerability was reported in some Lenovo Notebook products that could allow a local attacker with elevated privileges to execute arbitrary code. | ||||
| CVE-2024-45162 | 1 Blu-castle | 1 Bcum221e | 2026-04-15 | 9.8 Critical |
| A stack-based buffer overflow issue was discovered in the phddns client in Blu-Castle BCUM221E 1.0.0P220507 via the password field. | ||||
| CVE-2024-48869 | 2026-04-15 | 6.1 Medium | ||
| Improper restriction of software interfaces to hardware features for some Intel(R) Xeon(R) 6 processor with E-cores when using Intel(R) Trust Domain Extensions (Intel(R) TDX) or Intel(R) Software Guard Extensions (Intel(R) SGX) may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-48871 | 1 Planet Technology Corp | 1 Wgs-804hpt Firmware | 2026-04-15 | 9.8 Critical |
| The affected product is vulnerable to a stack-based buffer overflow. An unauthenticated attacker could send a malicious HTTP request that the webserver fails to properly check input size before copying data to the stack, potentially allowing remote code execution. | ||||