Total
13362 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-57778 | 2 Digilent, Ni | 2 Dasylab, Dasylab | 2025-10-09 | 7.8 High |
| There is an out of bounds write vulnerability due to improper bounds checking resulting in an invalid source address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab. | ||||
| CVE-2025-9189 | 2 Digilent, Ni | 2 Dasylab, Dasylab | 2025-10-09 | 7.8 High |
| There is an out of bounds write vulnerability due to improper bounds checking resulting in a large destination address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab. | ||||
| CVE-2025-57774 | 2 Digilent, Ni | 2 Dasylab, Dasylab | 2025-10-09 | 7.8 High |
| There is an out of bounds write vulnerability due to improper bounds checking resulting in invalid data when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab. | ||||
| CVE-2023-36017 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-10-08 | 8.8 High |
| Windows Scripting Engine Memory Corruption Vulnerability | ||||
| CVE-2025-44014 | 1 Qnap | 2 Qsync, Qsync Central | 2025-10-08 | 8.8 High |
| An out-of-bounds write vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to modify or corrupt memory. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.1 ( 2025/07/09 ) and later | ||||
| CVE-2025-10792 | 2 D-link, Dlink | 3 Dir-513, Dir-513, Dir-513 Firmware | 2025-10-08 | 8.8 High |
| A security vulnerability has been detected in D-Link DIR-513 A1FW110. Affected is an unknown function of the file /goform/formWPS. Such manipulation of the argument webpage leads to buffer overflow. The attack may be performed from remote. The exploit has been disclosed publicly and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-5099 | 1 Dynamixsoftware | 1 Printershare | 2025-10-08 | 9.8 Critical |
| An Out of Bounds Write occurs when the native library attempts PDF rendering, which can be exploited to achieve memory corruption and potentially arbitrary code execution. | ||||
| CVE-2025-59297 | 2 Delta Electronics, Deltaww | 2 Diascreen, Diascreen | 2025-10-08 | 7.8 High |
| Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. | ||||
| CVE-2025-59298 | 2 Delta Electronics, Deltaww | 2 Diascreen, Diascreen | 2025-10-08 | 7.8 High |
| Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. | ||||
| CVE-2025-59299 | 2 Delta Electronics, Deltaww | 2 Diascreen, Diascreen | 2025-10-08 | 7.8 High |
| Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. | ||||
| CVE-2025-59300 | 2 Delta Electronics, Deltaww | 2 Diascreen, Diascreen | 2025-10-08 | 7.8 High |
| Delta Electronics DIAScreen lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. | ||||
| CVE-2025-11277 | 1 Assimp | 1 Assimp | 2025-10-08 | 5.3 Medium |
| A weakness has been identified in Open Asset Import Library Assimp 6.0.2. This affects the function Q3DImporter::InternReadFile of the file assimp/code/AssetLib/Q3D/Q3DLoader.cpp. Executing manipulation can lead to heap-based buffer overflow. The attack needs to be launched locally. The exploit has been made available to the public and could be exploited. | ||||
| CVE-2025-59728 | 1 Ffmpeg | 1 Ffmpeg | 2025-10-08 | 6.5 Medium |
| When calculating the content path in handling of MPEG-DASH manifests, there's an out-of-bounds NUL-byte write one byte past the end of the buffer.When we call xmlNodeGetContent below [0], it returns a buffer precisely allocated to match the string length, using strdup internally. If this buffer is not an empty string, it is assigned to root_url at [1].If the last (non-NUL) byte in this buffer is not '/' then we append '/' in-place at [2]. This will write two bytes into the buffer, starting at the last valid byte in the buffer, writing the NUL byte beyond the end of the allocated buffer. We recommend upgrading to version 8.0 or beyond. | ||||
| CVE-2025-1276 | 1 Autodesk | 18 Advance Steel, Autocad, Autocad Architecture and 15 more | 2025-10-07 | 7.8 High |
| A maliciously crafted DWG file, when parsed through certain Autodesk applications, can force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2025-60660 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-07 | 7.5 High |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the mac parameter in the fromAdvSetMacMtuWan function. | ||||
| CVE-2025-60662 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-07 | 7.5 High |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the wanSpeed parameter in the fromAdvSetMacMtuWan function. | ||||
| CVE-2025-60663 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-07 | 7.5 High |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the wanMTU parameter in the fromAdvSetMacMtuWan function. | ||||
| CVE-2025-60661 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-10-07 | 5.3 Medium |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the cloneType parameter in the fromAdvSetMacMtuWan function. | ||||
| CVE-2025-6033 | 1 Ni | 1 Circuit Design Suite | 2025-10-07 | 7.8 High |
| There is a memory corruption vulnerability due to an out of bounds write in XML_Serialize() when using SymbolEditor in NI Circuit Design Suite. This vulnerability may result in information disclosure or arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted .sym file. This vulnerability affects NI Circuit Design Suite 14.3.1 and prior versions. | ||||
| CVE-2024-45543 | 1 Qualcomm | 130 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6200 and 127 more | 2025-10-06 | 6.6 Medium |
| Memory corruption while accessing MSM channel map and mixer functions. | ||||