Total
3927 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-52551 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | 5.3 Medium |
| Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2023-52549 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | 7.5 High |
| Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2023-52550 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | 7.5 High |
| Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2023-52377 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | 7.4 High |
| Vulnerability of input data not being verified in the cellular data module.Successful exploitation of this vulnerability may cause out-of-bounds access. | ||||
| CVE-2023-52366 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | 7.5 High |
| Out-of-bounds read vulnerability in the smart activity recognition module.Successful exploitation of this vulnerability may cause features to perform abnormally. | ||||
| CVE-2023-0996 | 1 Struktur | 1 Libheif | 2025-03-11 | 7.8 High |
| There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call. | ||||
| CVE-2022-48260 | 1 Huawei | 2 Bisheng-wnm, Bisheng-wnm Firmware | 2025-03-11 | 7.5 High |
| There is a buffer overflow vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to device service exceptions. | ||||
| CVE-2022-32891 | 2 Apple, Redhat | 6 Iphone Os, Safari, Tvos and 3 more | 2025-03-11 | 6.1 Medium |
| The issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16, watchOS 9, iOS 16. Visiting a website that frames malicious content may lead to UI spoofing. | ||||
| CVE-2023-22753 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2025-03-11 | 8.1 High |
| There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2023-22741 | 1 Signalwire | 1 Sofia-sip | 2025-03-10 | 9.8 Critical |
| Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. In affected versions Sofia-SIP **lacks both message length and attributes length checks** when it handles STUN packets, leading to controllable heap-over-flow. For example, in stun_parse_attribute(), after we get the attribute's type and length value, the length will be used directly to copy from the heap, regardless of the message's left size. Since network users control the overflowed length, and the data is written to heap chunks later, attackers may achieve remote code execution by heap grooming or other exploitation methods. The bug was introduced 16 years ago in sofia-sip 1.12.4 (plus some patches through 12/21/2006) to in tree libs with git-svn-id: http://svn.freeswitch.org/svn/freeswitch/trunk@3774 d0543943-73ff-0310-b7d9-9358b9ac24b2. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2023-24809 | 1 Nethack | 1 Nethack | 2025-03-10 | 5.5 Medium |
| NetHack is a single player dungeon exploration game. Starting with version 3.6.2 and prior to version 3.6.7, illegal input to the "C" (call) command can cause a buffer overflow and crash the NetHack process. This vulnerability may be a security issue for systems that have NetHack installed suid/sgid and for shared systems. For all systems, it may result in a process crash. This issue is resolved in NetHack 3.6.7. There are no known workarounds. | ||||
| CVE-2023-22754 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2025-03-07 | 8.1 High |
| There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2023-22755 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2025-03-07 | 8.1 High |
| There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2023-22756 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2025-03-07 | 8.1 High |
| There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2023-22757 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2025-03-07 | 8.1 High |
| There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2024-53695 | 2025-03-07 | N/A | ||
| A buffer overflow vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If exploited, the vulnerability could allow remote attackers to modify memory or crash processes. We have already fixed the vulnerability in the following version: HBS 3 Hybrid Backup Sync 25.1.4.952 and later | ||||
| CVE-2022-47664 | 1 Struktur | 1 Libde265 | 2025-03-07 | 7.8 High |
| Libde265 1.0.9 is vulnerable to Buffer Overflow in ff_hevc_put_hevc_qpel_pixels_8_sse | ||||
| CVE-2023-20624 | 2 Google, Mediatek | 16 Android, Mt6789, Mt6833 and 13 more | 2025-03-06 | 6.7 Medium |
| In vow, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628530; Issue ID: ALPS07628530. | ||||
| CVE-2022-38459 | 1 Siretta | 2 Quartz-gold, Quartz-gold Firmware | 2025-03-05 | 8.8 High |
| A stack-based buffer overflow vulnerability exists in the httpd downfile.cgi functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted HTTP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability. | ||||
| CVE-2025-25343 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-05 | 9.8 Critical |
| Tenda AC6 V15.03.05.16 firmware has a buffer overflow vulnerability in the formexeCommand function. | ||||