Total
12927 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-24257 | 1 Apple | 4 Ipados, Iphone Os, Macos and 1 more | 2025-04-07 | 7.1 High |
| An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in visionOS 2.4, iOS 18.4 and iPadOS 18.4, macOS Sequoia 15.4. An app may be able to cause unexpected system termination or write kernel memory. | ||||
| CVE-2025-30446 | 1 Apple | 1 Macos | 2025-04-07 | 6.5 Medium |
| A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. A malicious app with root privileges may be able to modify the contents of system files. | ||||
| CVE-2025-3034 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-04-07 | 8.1 High |
| Memory safety bugs present in Firefox 136 and Thunderbird 136. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 137 and Thunderbird < 137. | ||||
| CVE-2024-0143 | 2025-04-05 | 6.8 Medium | ||
| NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause an out-of-bounds write issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to code execution and data tampering. | ||||
| CVE-2024-0142 | 2025-04-05 | 6.8 Medium | ||
| NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause an out-of-bounds write issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to code execution and data tampering. | ||||
| CVE-2022-28318 | 1 Bentley | 2 Microstation, View | 2025-04-04 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.02.34. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of IFC files. Crafted data in an IFC file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16379. | ||||
| CVE-2025-30441 | 1 Apple | 1 Xcode | 2025-04-04 | 5.5 Medium |
| This issue was addressed through improved state management. This issue is fixed in Xcode 16.3. An app may be able to overwrite arbitrary files. | ||||
| CVE-2025-30464 | 1 Apple | 1 Macos | 2025-04-04 | 7.8 High |
| An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.7.5, macOS Sequoia 15.4, macOS Sonoma 14.7.5. An app may be able to cause unexpected system termination or corrupt kernel memory. | ||||
| CVE-2022-31901 | 1 Notepad-plus-plus | 1 Notepad\+\+ | 2025-04-04 | 6.5 Medium |
| Buffer overflow in function Notepad_plus::addHotSpot in Notepad++ v8.4.3 and earlier allows attackers to crash the application via two crafted files. | ||||
| CVE-2024-6615 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-04-04 | 8.8 High |
| Memory safety bugs present in Firefox 127 and Thunderbird 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 128 and Thunderbird < 128. | ||||
| CVE-2023-20905 | 1 Google | 1 Android | 2025-04-03 | 7.8 High |
| In Mfc_Transceive of phNxpExtns_MifareStd.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-241387741 | ||||
| CVE-2022-34401 | 1 Dell | 6 Alienware M15 A6, Alienware M15 A6 Firmware, Alienware M17 R5 and 3 more | 2025-04-03 | 7.5 High |
| Dell BIOS contains a stack based buffer overflow vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter in order to gain arbitrary code execution in SMRAM. | ||||
| CVE-2022-46475 | 1 Dlink | 2 Dir-645, Dir-645 Firmware | 2025-04-03 | 9.8 Critical |
| D-Link DIR 645A1 1.06B01_Beta01 was discovered to contain a stack overflow via the service= variable in the genacgi_main function. | ||||
| CVE-2025-2263 | 1 Santesoft | 1 Sante Pacs Server | 2025-04-03 | 9.8 Critical |
| During login to the web server in "Sante PACS Server.exe", OpenSSL function EVP_DecryptUpdate is called to decrypt the username and password. A fixed 0x80-byte stack-based buffer is passed to the function as the output buffer. A stack-based buffer overflow exists if a long encrypted username or password is supplied by an unauthenticated remote attacker. | ||||
| CVE-2024-12672 | 2 Microsoft, Rockwellautomation | 2 Windows, Arena | 2025-04-03 | 7.3 High |
| A third-party vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a legitimate user must execute the malicious code crafted by the threat actor. | ||||
| CVE-2025-0243 | 2 Mozilla, Redhat | 8 Firefox, Thunderbird, Enterprise Linux and 5 more | 2025-04-03 | 5.1 Medium |
| Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 128.5, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Thunderbird < 134, and Thunderbird < 128.6. | ||||
| CVE-2025-0242 | 2 Mozilla, Redhat | 8 Firefox, Thunderbird, Enterprise Linux and 5 more | 2025-04-03 | 6.5 Medium |
| Memory safety bugs present in Firefox 133, Thunderbird 133, Firefox ESR 115.18, Firefox ESR 128.5, Thunderbird 115.18, and Thunderbird 128.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134, Firefox ESR < 128.6, Firefox ESR < 115.19, Thunderbird < 134, and Thunderbird < 128.6. | ||||
| CVE-2025-0247 | 1 Mozilla | 2 Firefox, Thunderbird | 2025-04-03 | 9.8 Critical |
| Memory safety bugs present in Firefox 133 and Thunderbird 133. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 134 and Thunderbird < 134. | ||||
| CVE-2024-25993 | 1 Google | 1 Android | 2025-04-03 | 8.4 High |
| In tmu_reset_tmu_trip_counter of , there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-27204 | 1 Google | 1 Android | 2025-04-03 | 8.4 High |
| In tmu_set_gov_active of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||