Export limit exceeded: 23574 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23574 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-53320 | 2026-04-15 | 9.8 Critical | ||
| Qualisys C++ SDK commit a32a21a was discovered to contain multiple stack buffer overflows via the GetCurrentFrame, SaveCapture, and LoadProject functions. | ||||
| CVE-2025-12385 | 1 The Qt Company | 1 Qt | 2026-04-15 | N/A |
| Allocation of Resources Without Limits or Throttling, Improper Validation of Specified Quantity in Input vulnerability in The Qt Company Qt on Windows, MacOS, Linux, iOS, Android, x86, ARM, 64 bit, 32 bit allows Excessive Allocation. This issue affects users of the Text component in Qt Quick. Missing validation of the width and height in the <img> tag could cause an application to become unresponsive. This issue affects Qt: from 5.0.0 through 6.5.10, from 6.6.0 through 6.8.5, from 6.9.0 through 6.10.0. | ||||
| CVE-2024-26304 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-04-15 | 9.8 Critical |
| There is a buffer overflow vulnerability in the underlying L2/L3 Management service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2024-26305 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2026-04-15 | 9.8 Critical |
| There is a buffer overflow vulnerability in the underlying Utility daemon that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI (Aruba's access point management protocol) UDP port (8211). Successful exploitation of this vulnerability results in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2024-0149 | 2026-04-15 | 3.3 Low | ||
| NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker unauthorized access to files. A successful exploit of this vulnerability might lead to limited information disclosure. | ||||
| CVE-2024-56908 | 2026-04-15 | 6.8 Medium | ||
| In Perfex Crm < 3.2.1, an authenticated attacker can send a crafted HTTP POST request to the affected upload_sales_file endpoint. By providing malicious input in the rel_id parameter, combined with improper input validation, the attacker can bypass restrictions and upload arbitrary files to directories of their choice, potentially leading to remote code execution or server compromise. | ||||
| CVE-2025-0831 | 2026-04-15 | 7.8 High | ||
| Out-Of-Bounds Read vulnerability exists in the JT file reading procedure in SOLIDWORKS eDrawings on Release SOLIDWORKS Desktop 2025. This vulnerability could allow an attacker to execute arbitrary code while opening a specially crafted JT file. | ||||
| CVE-2025-0373 | 2 Freebsd, Netapp | 2 Freebsd, Ontap | 2026-04-15 | 6 Medium |
| On 64-bit systems, the implementation of VOP_VPTOFH() in the cd9660, tarfs and ext2fs filesystems overflows the destination FID buffer by 4 bytes, a stack buffer overflow. A NFS server that exports a cd9660, tarfs, or ext2fs file system can be made to panic by mounting and accessing the export with an NFS client. Further exploitation (e.g., bypassing file permission checking or remote kernel code execution) is potentially possible, though this has not been demonstrated. In particular, release kernels are compiled with stack protection enabled, and some instances of the overflow are caught by this mechanism, causing a panic. | ||||
| CVE-2025-12056 | 1 Shelly | 1 Pro 3em | 2026-04-15 | N/A |
| Out-of-bounds Read in Shelly Pro 3EM (before v1.4.4) allows Overread Buffers. | ||||
| CVE-2025-0960 | 2026-04-15 | 9.8 Critical | ||
| AutomationDirect C-more EA9 HMI contains a function with bounds checks that can be skipped, which could result in an attacker abusing the function to cause a denial-of-service condition or achieving remote code execution on the affected device. | ||||
| CVE-2024-52545 | 1 Lorextechnology | 1 W461asc-e Firmware | 2026-04-15 | 6.5 Medium |
| An unauthenticated attacker can perform an out of bounds heap read in the IQ Service (TCP port 9876). This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111. | ||||
| CVE-2024-52544 | 1 Lorextechnology | 1 W461asc-e Firmware | 2026-04-15 | 9.8 Critical |
| An unauthenticated attacker can trigger a stack based buffer overflow in the DP Service (TCP port 3500). This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111. | ||||
| CVE-2024-8403 | 1 Mitsubishi Electric | 2 Melsec Iq-f Series Fx5-enet, Melsec Iq-f Series Fx5-enet Ip | 2026-04-15 | 7.5 High |
| Improper Validation of Specified Type of Input vulnerability in Mitsubishi Electric Corporation MELSEC iQ-F Series FX5-ENET versions 1.100 to 1.200 and FX5-ENET/IP versions 1.100 to 1.104 allows a remote attacker to cause a Denial of Service condition in Ethernet communication of the products by sending specially crafted SLMP packets. | ||||
| CVE-2024-45351 | 2026-04-15 | 7.8 High | ||
| A code execution vulnerability exists in the Xiaomi Game center application product. The vulnerability is caused by improper input validation and can be exploited by attackers to execute malicious code. | ||||
| CVE-2025-20149 | 1 Cisco | 2 Ios, Ios Xe Software | 2026-04-15 | 6.5 Medium |
| A vulnerability in the CLI of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to a buffer overflow. An attacker with a low-privileged account could exploit this vulnerability by using crafted commands at the CLI prompt. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. | ||||
| CVE-2024-51562 | 1 Freebsd | 1 Freebsd | 2026-04-15 | 6.5 Medium |
| The NVMe driver function nvme_opc_get_log_page is vulnerable to a buffer over-read from a guest-controlled value. | ||||
| CVE-2025-22889 | 1 Intel | 3 Processor, Xeon, Xeon Processors | 2026-04-15 | 7.9 High |
| Improper handling of overlap between protected memory ranges for some Intel(R) Xeon(R) 6 processor with Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2025-9316 | 1 N-able | 1 N-central | 2026-04-15 | N/A |
| N-central < 2025.4 can generate sessionIDs for unauthenticated users This issue affects N-central: before 2025.4. | ||||
| CVE-2025-14187 | 1 Ugreen | 1 Dh2100+ | 2026-04-15 | 7.2 High |
| A weakness has been identified in UGREEN DH2100+ up to 5.3.0.251125. This affects the function handler_file_backup_create of the file /v1/file/backup/create of the component nas_svr. Executing a manipulation of the argument path can lead to buffer overflow. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. It is recommended to upgrade the affected component. | ||||
| CVE-2025-23388 | 1 Suse | 1 Rancher | 2026-04-15 | 8.2 High |
| A Stack-based Buffer Overflow vulnerability in SUSE rancher allows for denial of service.This issue affects rancher: from 2.8.0 before 2.8.13, from 2.9.0 before 2.9.7, from 2.10.0 before 2.10.3. | ||||