Total
2402 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-3712 | 2025-05-28 | 7.5 High | ||
| The LCD KVM over IP Switch CL5708IM has a Heap-based Buffer Overflow vulnerability in firmware versions prior to v2.2.215, allowing unauthenticated remote attackers to exploit this vulnerability to perform a denial-of-service attack. | ||||
| CVE-2024-46632 | 1 Assimp | 1 Assimp | 2025-05-27 | 4.3 Medium |
| Assimp v5.4.3 is vulnerable to Buffer Overflow via the MD5Importer::LoadMD5MeshFile function. | ||||
| CVE-2022-36934 | 1 Whatsapp | 1 Whatsapp | 2025-05-27 | 9.8 Critical |
| An integer overflow in WhatsApp could result in remote code execution in an established video call. | ||||
| CVE-2023-28523 | 1 Ibm | 2 Informix Dynamic Server, Informix Dynamic Server On Cloud Pak For Data | 2025-05-27 | 8.4 High |
| IBM Informix Dynamic Server 12.10 and 14.10 onsmsync is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 250753. | ||||
| CVE-2025-3277 | 1 Redhat | 1 Enterprise Linux | 2025-05-27 | 7.3 High |
| An integer overflow can be triggered in SQLite’s `concat_ws()` function. The resulting, truncated integer is then used to allocate a buffer. When SQLite then writes the resulting string to the buffer, it uses the original, untruncated size and thus a wild Heap Buffer overflow of size ~4GB can be triggered. This can result in arbitrary code execution. | ||||
| CVE-2024-30806 | 1 Axiosys | 1 Bento4 | 2025-05-27 | 6.5 Medium |
| An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. There is a heap overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42aac. | ||||
| CVE-2020-25187 | 1 Medtronic | 2 Mycarelink Smart Model 25000, Mycarelink Smart Model 25000 Firmware | 2025-05-22 | 8.8 High |
| Medtronic MyCareLink Smart 25000 is vulnerable when an authenticated attacker runs a debug command, which can be sent to the patient reader and cause a heap overflow event within the MCL Smart Patient Reader software stack. The heap overflow could allow an attacker to remotely execute code on the MCL Smart Patient Reader, potentially leading to control of the device | ||||
| CVE-2021-24042 | 1 Whatsapp | 1 Whatsapp | 2025-05-22 | 9.8 Critical |
| The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS prior to v2.21.230, WhatsApp Business for iOS prior to v2.21.230, WhatsApp for KaiOS prior to v2.2143, WhatsApp Desktop prior to v2.2146 could have allowed an out-of-bounds write if a user makes a 1:1 call to a malicious actor. | ||||
| CVE-2022-38742 | 1 Rockwellautomation | 1 Thinmanager | 2025-05-22 | 8.1 High |
| Rockwell Automation ThinManager ThinServer versions 11.0.0 - 13.0.0 is vulnerable to a heap-based buffer overflow. An attacker could send a specifically crafted TFTP or HTTPS request, causing a heap-based buffer overflow that crashes the ThinServer process. If successfully exploited, this could expose the server to arbitrary remote code execution. | ||||
| CVE-2022-0080 | 1 Mruby | 1 Mruby | 2025-05-22 | 8.2 High |
| mruby is vulnerable to Heap-based Buffer Overflow | ||||
| CVE-2024-38120 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2025-05-21 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-38170 | 1 Microsoft | 2 365 Apps, Office Long Term Servicing Channel | 2025-05-21 | 7.1 High |
| Microsoft Excel Remote Code Execution Vulnerability | ||||
| CVE-2024-38169 | 1 Microsoft | 3 365 Apps, Office, Office Long Term Servicing Channel | 2025-05-21 | 7.8 High |
| Microsoft Office Visio Remote Code Execution Vulnerability | ||||
| CVE-2024-38154 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2025-05-21 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-38152 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-05-21 | 7.8 High |
| Windows OLE Remote Code Execution Vulnerability | ||||
| CVE-2024-38142 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-05-21 | 7.8 High |
| Windows Secure Kernel Mode Elevation of Privilege Vulnerability | ||||
| CVE-2024-38130 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-05-21 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-38121 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2025-05-21 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-38116 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-05-21 | 8.8 High |
| Windows IP Routing Management Snapin Remote Code Execution Vulnerability | ||||
| CVE-2024-38115 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-05-21 | 8.8 High |
| Windows IP Routing Management Snapin Remote Code Execution Vulnerability | ||||