Total
12592 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-0677 | 1 Redhat | 2 Enterprise Linux, Openshift | 2025-05-16 | 6.4 Medium |
| A flaw was found in grub2. When performing a symlink lookup, the grub's UFS module checks the inode's data size to allocate the internal buffer to read the file content, however, it fails to check if the symlink data size has overflown. When this occurs, grub_malloc() may be called with a smaller value than needed. When further reading the data from the disk into the buffer, the grub_ufs_lookup_symlink() function will write past the end of the allocated size. An attack can leverage this by crafting a malicious filesystem, and as a result, it will corrupt data stored in the heap, allowing for arbitrary code execution used to by-pass secure boot mechanisms. | ||||
| CVE-2024-30095 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-05-16 | 7.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2025-4059 | 1 Code-projects | 1 Prison Management System | 2025-05-15 | 5.3 Medium |
| A vulnerability classified as critical was found in code-projects Prison Management System 1.0. This vulnerability affects the function addrecord of the component Prison_Mgmt_Sys. The manipulation of the argument filename leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-25447 | 1 Enlightenment | 1 Imlib2 | 2025-05-15 | 8.8 High |
| An issue in the imlib_load_image_with_error_return function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image. | ||||
| CVE-2024-25004 | 1 9bis | 1 Kitty | 2025-05-15 | 7.8 High |
| KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the username, occurs due to insufficient bounds checking and input sanitization (at line 2600). This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution. | ||||
| CVE-2024-24543 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-05-15 | 9.8 Critical |
| Buffer Overflow vulnerability in the function setSchedWifi in Tenda AC9 v.3.0, firmware version v.15.03.06.42_multi allows a remote attacker to cause a denial of service or run arbitrary code via crafted overflow data. | ||||
| CVE-2024-23978 | 1 Kddi | 2 Home Spot Cube 2, Home Spot Cube 2 Firmware | 2025-05-15 | 9.8 Critical |
| Heap-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. By processing invalid values, arbitrary code may be executed. Note that the affected products are no longer supported. | ||||
| CVE-2024-22852 | 1 Dlink | 2 Go-rt-ac750, Go-rt-ac750 Firmware | 2025-05-15 | 9.8 Critical |
| D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function genacgi_main. This vulnerability allows attackers to enable telnet service via a specially crafted payload. | ||||
| CVE-2024-22667 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2025-05-15 | 7.8 High |
| Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions. | ||||
| CVE-2024-20813 | 1 Samsung | 1 Android | 2025-05-15 | 8.4 High |
| Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code. | ||||
| CVE-2024-20812 | 1 Samsung | 1 Android | 2025-05-15 | 8.4 High |
| Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code. | ||||
| CVE-2024-20007 | 2 Google, Mediatek | 34 Android, Mt6580, Mt6739 and 31 more | 2025-05-15 | 7.5 High |
| In mp3 decoder, there is a possible out of bounds write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441369; Issue ID: ALPS08441369. | ||||
| CVE-2024-20001 | 2 Google, Mediatek | 59 Android, Mt5583, Mt5586 and 56 more | 2025-05-15 | 6.7 Medium |
| In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961601; Issue ID: DTV03961601. | ||||
| CVE-2023-5643 | 1 Arm | 3 5th Gen Gpu Architecture Kernel Driver, Bifrost Gpu Kernel Driver, Valhall Gpu Kernel Driver | 2025-05-15 | 7.8 High |
| Out-of-bounds Write vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. Depending on the configuration of the Mali GPU Kernel Driver, and if the system’s memory is carefully prepared by the user, then this in turn could write to memory outside of buffer bounds.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r45p0; Valhall GPU Kernel Driver: from r41p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r45p0. | ||||
| CVE-2023-42871 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-05-15 | 7.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2022-35040 | 1 Otfcc Project | 1 Otfcc | 2025-05-15 | 6.5 Medium |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b5567. | ||||
| CVE-2023-6387 | 1 Silabs | 1 Gecko Software Development Kit | 2025-05-15 | 7.5 High |
| A potential buffer overflow exists in the Bluetooth LE HCI CPC sample application in the Gecko SDK which may result in a denial of service or remote code execution | ||||
| CVE-2023-43516 | 1 Qualcomm | 16 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 13 more | 2025-05-15 | 7.8 High |
| Memory corruption when malformed message payload is received from firmware. | ||||
| CVE-2023-43517 | 1 Qualcomm | 38 Qam8255p, Qam8255p Firmware, Qam8295p and 35 more | 2025-05-15 | 8.4 High |
| Memory corruption in Automotive Multimedia due to improper access control in HAB. | ||||
| CVE-2022-42080 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2025-05-15 | 7.5 High |
| Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a heap overflow via sched_start_time parameter. | ||||