Export limit exceeded: 20907 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20907 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-29769 | 2 Debian, Libvips | 2 Debian Linux, Libvips | 2025-10-09 | 5.5 Medium |
| libvips is a demand-driven, horizontally threaded image processing library. The heifsave operation could incorrectly determine the presence of an alpha channel in an input when it was not possible to determine the colour interpretation, known internally within libvips as "multiband". There aren't many ways to create a "multiband" input, but it is possible with a well-crafted TIFF image. If a "multiband" TIFF input image had 4 channels and HEIF-based output was requested, this led to libvips creating a 3 channel HEIF image without an alpha channel but then attempting to write 4 channels of data. This caused a heap buffer overflow, which could crash the process. This vulnerability is fixed in 8.16.1. | ||||
| CVE-2023-36028 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2025-10-09 | 9.8 Critical |
| Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | ||||
| CVE-2023-36042 | 1 Microsoft | 2 Visual Studio 2019, Visual Studio 2022 | 2025-10-08 | 6.2 Medium |
| Visual Studio Denial of Service Vulnerability | ||||
| CVE-2023-36392 | 1 Microsoft | 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more | 2025-10-08 | 7.5 High |
| DHCP Server Service Denial of Service Vulnerability | ||||
| CVE-2023-36397 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-10-08 | 9.8 Critical |
| Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | ||||
| CVE-2023-36400 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2025-10-08 | 8.8 High |
| Windows HMAC Key Derivation Elevation of Privilege Vulnerability | ||||
| CVE-2023-36402 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-10-08 | 8.8 High |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2023-36408 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2025-10-08 | 7.8 High |
| Windows Hyper-V Elevation of Privilege Vulnerability | ||||
| CVE-2023-36423 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-10-08 | 8.8 High |
| Microsoft Remote Registry Service Remote Code Execution Vulnerability | ||||
| CVE-2023-36424 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-10-08 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2023-36425 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-10-08 | 8 High |
| Windows Distributed File System (DFS) Remote Code Execution Vulnerability | ||||
| CVE-2023-36428 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-10-08 | 5.5 Medium |
| Microsoft Local Security Authority Subsystem Service Information Disclosure Vulnerability | ||||
| CVE-2025-0038 | 1 Amd | 1 Zynq Ultrascale+ | 2025-10-08 | 6.6 Medium |
| In AMD Zynq UltraScale+ devices, the lack of address validation when executing CSU runtime services through the PMU Firmware can allow access to isolated or protected memory spaces resulting in the loss of integrity and confidentiality. | ||||
| CVE-2025-10792 | 2 D-link, Dlink | 3 Dir-513, Dir-513, Dir-513 Firmware | 2025-10-08 | 8.8 High |
| A security vulnerability has been detected in D-Link DIR-513 A1FW110. Affected is an unknown function of the file /goform/formWPS. Such manipulation of the argument webpage leads to buffer overflow. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-56394 | 1 Free5gc | 1 Free5gc | 2025-10-08 | 7.5 High |
| Free5gc 4.0.1 is vulnerable to Buffer Overflow. The AMF incorrectly validates the 5GS mobile identity, resulting in slice reference overflow. | ||||
| CVE-2025-51005 | 2 Appneta, Broadcom | 2 Tcpreplay, Tcpreplay | 2025-10-08 | 7.5 High |
| A heap-buffer-overflow vulnerability exists in the tcpliveplay utility of the tcpreplay-4.5.1. When a crafted pcap file is processed, the program incorrectly handles memory in the checksum calculation logic at do_checksum_math_liveplay in tcpliveplay.c, leading to a possible denial of service. | ||||
| CVE-2024-46718 | 1 Linux | 1 Linux Kernel | 2025-10-08 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't overmap identity VRAM mapping Overmapping the identity VRAM mapping is triggering hardware bugs on certain platforms. Use 2M pages for the last unaligned (to 1G) VRAM chunk. v2: - Always use 2M pages for last chunk (Fei Yang) - break loop when 2M pages are used - Add assert for usable_size being 2M aligned v3: - Fix checkpatch | ||||
| CVE-2024-36468 | 1 Zabbix | 1 Zabbix | 2025-10-08 | 3 Low |
| The reported vulnerability is a stack buffer overflow in the zbx_snmp_cache_handle_engineid function within the Zabbix server/proxy code. This issue occurs when copying data from session->securityEngineID to local_record.engineid without proper bounds checking. | ||||
| CVE-2025-25528 | 1 Wavlink | 2 Wl-wn575a3, Wl-wn575a3 Firmware | 2025-10-07 | 5.1 Medium |
| Multiple buffer overflow vulnerabilities in Wavlink WL-WN575A3 RPT75A3.V4300, which are caused by not performing strict length checks on user-controlled data. By successfully exploiting the vulnerabilities, attackers can crash the remote devices or execute arbitrary commands without any authorization verification. | ||||
| CVE-2024-41018 | 1 Linux | 1 Linux Kernel | 2025-10-07 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add a check for attr_names and oatbl Added out-of-bound checking for *ane (ATTR_NAME_ENTRY). | ||||