Export limit exceeded: 10143 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19553 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19553 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-3855 | 8 Apple, Debian, Fedoraproject and 5 more | 18 Xcode, Debian Linux, Fedora and 15 more | 2025-12-17 | 8.8 High |
| An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server. | ||||
| CVE-2025-43539 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2025-12-17 | 8.8 High |
| The issue was addressed with improved bounds checks. This issue is fixed in watchOS 26.2, macOS Sonoma 14.8.3, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, macOS Sequoia 15.7.3, visionOS 26.2, tvOS 26.2. Processing a file may lead to memory corruption. | ||||
| CVE-2025-43421 | 1 Apple | 5 Ios, Ipados, Iphone Os and 2 more | 2025-12-17 | 4.3 Medium |
| Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, Safari 26.1. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2025-43373 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2025-12-17 | 7.5 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1, macOS Sonoma 14.8.2. An app may be able to cause unexpected system termination or corrupt kernel memory. | ||||
| CVE-2025-66043 | 2 Libbiosig Project, The Biosig Project | 2 Libbiosig, Libbiosig | 2025-12-17 | 9.8 Critical |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 3 | ||||
| CVE-2025-66044 | 2 Libbiosig Project, The Biosig Project | 2 Libbiosig, Libbiosig | 2025-12-17 | 9.8 Critical |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 64 | ||||
| CVE-2025-66045 | 2 Libbiosig Project, The Biosig Project | 2 Libbiosig, Libbiosig | 2025-12-17 | 9.8 Critical |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 65 | ||||
| CVE-2025-66046 | 2 Libbiosig Project, The Biosig Project | 2 Libbiosig, Libbiosig | 2025-12-17 | 9.8 Critical |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 67 | ||||
| CVE-2025-66047 | 2 Libbiosig Project, The Biosig Project | 2 Libbiosig, Libbiosig | 2025-12-17 | 9.8 Critical |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 131 | ||||
| CVE-2025-66048 | 2 Libbiosig Project, The Biosig Project | 2 Libbiosig, Libbiosig | 2025-12-17 | 9.8 Critical |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 133 | ||||
| CVE-2025-38077 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-12-17 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() If the 'buf' array received from the user contains an empty string, the 'length' variable will be zero. Accessing the 'buf' array element with index 'length - 1' will result in a buffer overflow. Add a check for an empty string. Found by Linux Verification Center (linuxtesting.org) with SVACE. | ||||
| CVE-2025-67640 | 1 Jenkins | 2 Git, Git Client | 2025-12-17 | 5 Medium |
| Jenkins Git client Plugin 6.4.0 and earlier does not not correctly escape the path to the workspace directory as part of an argument in a temporary shell script generated by the plugin, allowing attackers able to control the workspace directory name to inject arbitrary OS commands. | ||||
| CVE-2025-66576 | 1 Remotecontrolio | 1 Remote Keyboard Desktop | 2025-12-17 | 9.8 Critical |
| Remote Keyboard Desktop 1.0.1 enables remote attackers to execute system commands via the rundll32.exe exported function export, allowing unauthenticated code execution. | ||||
| CVE-2023-53872 | 1 Wp2fac | 1 Wp2fac | 2025-12-16 | N/A |
| Wp2Fac 1.0 contains an OS command injection vulnerability in the send.php endpoint that allows remote attackers to execute arbitrary system commands. Attackers can inject shell commands through the 'numara' parameter by appending shell commands with '&' operators to execute malicious code. | ||||
| CVE-2025-37979 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-12-16 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Fix sc7280 lpass potential buffer overflow Case values introduced in commit 5f78e1fb7a3e ("ASoC: qcom: Add driver support for audioreach solution") cause out of bounds access in arrays of sc7280 driver data (e.g. in case of RX_CODEC_DMA_RX_0 in sc7280_snd_hw_params()). Redefine LPASS_MAX_PORTS to consider the maximum possible port id for q6dsp as sc7280 driver utilizes some of those values. Found by Linux Verification Center (linuxtesting.org) with SVACE. | ||||
| CVE-2024-22391 | 3 Fedoraproject, Grassroot, Malaterre | 3 Fedora, Grassroot Platform, Grassroots Dicom | 2025-12-16 | 7.7 High |
| A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2024-22373 | 3 Fedoraproject, Grassroots Dicom Project, Malaterre | 3 Fedora, Grassroots Dicom, Grassroots Dicom | 2025-12-16 | 8.1 High |
| An out-of-bounds write vulnerability exists in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2023-4474 | 1 Zyxel | 4 Nas326, Nas326 Firmware, Nas542 and 1 more | 2025-12-16 | 9.8 Critical |
| The improper neutralization of special elements in the WSGI server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device. | ||||
| CVE-2023-4473 | 1 Zyxel | 4 Nas326, Nas326 Firmware, Nas542 and 1 more | 2025-12-16 | 9.8 Critical |
| A command injection vulnerability in the web server of the Zyxel NAS326 firmware version V5.21(AAZF.14)C0 and NAS542 firmware version V5.21(ABAG.11)C0 could allow an unauthenticated attacker to execute some operating system (OS) commands by sending a crafted URL to a vulnerable device. | ||||
| CVE-2023-22388 | 1 Qualcomm | 458 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 455 more | 2025-12-16 | 9.8 Critical |
| Memory Corruption in Multi-mode Call Processor while processing bit mask API. | ||||