Export limit exceeded: 14263 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 42196 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (42196 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-47328 | 1 Qualcomm | 135 Fastconnect 7800, Fastconnect 7800 Firmware, Immersive Home 3210 Platform and 132 more | 2025-09-25 | 7.5 High |
| Transient DOS while processing power control requests with invalid antenna or stream values. | ||||
| CVE-2025-47326 | 1 Qualcomm | 241 Ar8035, Ar8035 Firmware, Csr8811 and 238 more | 2025-09-25 | 7.5 High |
| Transient DOS while handling command data during power control processing. | ||||
| CVE-2025-58319 | 2 Delta Electronics, Deltaww | 2 Cncsoft-g2, Cncsoft-g2 | 2025-09-25 | 7.8 High |
| Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. | ||||
| CVE-2014-0789 | 1 Schneider-electric | 5 Opc Factory Server Tlxcdlfofs, Opc Factory Server Tlxcdltofs, Opc Factory Server Tlxcdluofs and 2 more | 2025-09-25 | N/A |
| Multiple buffer overflows in the OPC Automation 2.0 Server Object ActiveX control in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 3.5 and earlier, TLXCDSTOFS33 3.5 and earlier, TLXCDLUOFS33 3.5 and earlier, TLXCDLTOFS33 3.5 and earlier, and TLXCDLFOFS33 3.5 and earlier allow remote attackers to cause a denial of service via long arguments to unspecified functions. | ||||
| CVE-2014-0787 | 1 Wellintech | 1 Kingscada | 2025-09-25 | N/A |
| Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet. | ||||
| CVE-2014-0784 | 1 Yokogawa | 1 Centum Cs 3000 | 2025-09-25 | N/A |
| Stack-based buffer overflow in BKBCopyD.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via a crafted TCP packet. | ||||
| CVE-2014-0783 | 1 Yokogawa | 1 Centum Cs 3000 | 2025-09-25 | N/A |
| Stack-based buffer overflow in BKHOdeq.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via a crafted TCP packet. | ||||
| CVE-2014-0782 | 1 Yokogawa | 15 B\/m9000 Vp, B\/m9000 Vp Software, B\/m9000cs and 12 more | 2025-09-25 | N/A |
| Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test Functions package in Yokogawa CENTUM CS 1000, CENTUM CS 3000 Entry Class R3.09.50 and earlier, CENTUM VP R5.03.00 and earlier, CENTUM VP Entry Class R5.03.00 and earlier, Exaopc R3.71.02 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier allows remote attackers to execute arbitrary code via a crafted packet. | ||||
| CVE-2014-0781 | 1 Yokogawa | 1 Centum Cs 3000 | 2025-09-25 | N/A |
| Heap-based buffer overflow in BKCLogSvr.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via crafted UDP packets. | ||||
| CVE-2025-10815 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2025-09-25 | 8.8 High |
| A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this issue is the function strcpy of the file /goform/SetPptpServerCfg of the component HTTP POST Request Handler. Such manipulation of the argument startIp leads to buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used. | ||||
| CVE-2025-27042 | 1 Qualcomm | 689 215 Mobile, 215 Mobile Firmware, 315 5g Iot Modem and 686 more | 2025-09-25 | 7.8 High |
| Memory corruption while processing video packets received from video firmware. | ||||
| CVE-2025-27057 | 1 Qualcomm | 422 Ar8035, Ar8035 Firmware, Csr8811 and 419 more | 2025-09-25 | 7.5 High |
| Transient DOS while handling beacon frames with invalid IE header length. | ||||
| CVE-2023-52704 | 1 Linux | 1 Linux Kernel | 2025-09-25 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: freezer,umh: Fix call_usermode_helper_exec() vs SIGKILL Tetsuo-San noted that commit f5d39b020809 ("freezer,sched: Rewrite core freezer logic") broke call_usermodehelper_exec() for the KILLABLE case. Specifically it was missed that the second, unconditional, wait_for_completion() was not optional and ensures the on-stack completion is unused before going out-of-scope. | ||||
| CVE-2023-52676 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2025-09-25 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: bpf: Guard stack limits against 32bit overflow This patch promotes the arithmetic around checking stack bounds to be done in the 64-bit domain, instead of the current 32bit. The arithmetic implies adding together a 64-bit register with a int offset. The register was checked to be below 1<<29 when it was variable, but not when it was fixed. The offset either comes from an instruction (in which case it is 16 bit), from another register (in which case the caller checked it to be below 1<<29 [1]), or from the size of an argument to a kfunc (in which case it can be a u32 [2]). Between the register being inconsistently checked to be below 1<<29, and the offset being up to an u32, it appears that we were open to overflowing the `int`s which were currently used for arithmetic. [1] https://github.com/torvalds/linux/blob/815fb87b753055df2d9e50f6cd80eb10235fe3e9/kernel/bpf/verifier.c#L7494-L7498 [2] https://github.com/torvalds/linux/blob/815fb87b753055df2d9e50f6cd80eb10235fe3e9/kernel/bpf/verifier.c#L11904 | ||||
| CVE-2025-57638 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-09-25 | 7.5 High |
| Buffer overflow vulnerability in Tenda AC9 1.0 via the user supplied sys.vendor configuration value. | ||||
| CVE-2025-57637 | 1 Dlink | 2 Di-7100g, Di-7100g Firmware | 2025-09-25 | 7.5 High |
| Buffer overflow vulnerability in D-Link DI-7100G 2020-02-21 in the sub_451754 function of the jhttpd service in the viav4 parameter allowing attackers to cause a denial of service or execute arbitrary code. | ||||
| CVE-2025-27030 | 1 Qualcomm | 83 C-v2x 9150, C-v2x 9150 Firmware, Qam8295p and 80 more | 2025-09-25 | 6.1 Medium |
| information disclosure while invoking calibration data from user space to update firmware size. | ||||
| CVE-2025-27033 | 1 Qualcomm | 65 Qca6698aq, Qca6698aq Firmware, Qcm5430 and 62 more | 2025-09-25 | 6.1 Medium |
| Information disclosure while running video usecase having rogue firmware. | ||||
| CVE-2025-27036 | 1 Qualcomm | 43 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 40 more | 2025-09-25 | 6.1 Medium |
| Information disclosure when Video engine escape input data is less than expected minimum size. | ||||
| CVE-2025-10890 | 4 Apple, Google, Linux and 1 more | 5 Macos, Chrome, V8 and 2 more | 2025-09-25 | 9.1 Critical |
| Side-channel information leakage in V8 in Google Chrome prior to 140.0.7339.207 allowed a remote attacker to leak cross-origin data via a crafted HTML page. (Chromium security severity: High) | ||||