Total
12880 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-32605 | 2 Google, Mediatek | 4 Android, Mt6879, Mt6895 and 1 more | 2025-05-02 | 6.7 Medium |
| In isp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07213898; Issue ID: ALPS07213898. | ||||
| CVE-2022-32603 | 2 Google, Mediatek | 7 Android, Mt6879, Mt6893 and 4 more | 2025-05-02 | 6.7 Medium |
| In gpu drm, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310704; Issue ID: ALPS07310704. | ||||
| CVE-2022-24936 | 1 Silabs | 1 Gecko Bootloader | 2025-05-02 | 8.3 High |
| Out-of-Bounds error in GBL parser in Silicon Labs Gecko Bootloader version 4.0.1 and earlier allows attacker to overwrite flash Sign key and OTA decryption key via malicious bootloader upgrade. | ||||
| CVE-2025-27183 | 3 Adobe, Apple, Microsoft | 3 After Effects, Macos, Windows | 2025-05-02 | 7.8 High |
| After Effects versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-37903 | 1 Arubanetworks | 12 7005, 7008, 7010 and 9 more | 2025-05-02 | 7.2 High |
| A vulnerability exists that allows an authenticated attacker to overwrite an arbitrary file with attacker-controlled content via the web interface. Successful exploitation of this vulnerability could lead to full compromise the underlying host operating system. | ||||
| CVE-2025-35975 | 1 Microdicom | 1 Dicom Viewer | 2025-05-02 | 8.8 High |
| MicroDicom DICOM Viewer is vulnerable to an out-of-bounds write which may allow an attacker to execute arbitrary code. The user must open a malicious DCM file for exploitation. | ||||
| CVE-2023-5168 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2025-05-01 | 9.8 Critical |
| A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. *This bug only affects Firefox on Windows. Other operating systems are unaffected.* This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. | ||||
| CVE-2022-32611 | 2 Google, Mediatek | 4 Android, Mt6879, Mt6895 and 1 more | 2025-05-01 | 6.7 Medium |
| In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07340373; Issue ID: ALPS07340373. | ||||
| CVE-2022-39882 | 1 Google | 1 Android | 2025-05-01 | 8 High |
| Heap overflow vulnerability in sflacf_fal_bytes_peek function in libsmat.so library prior to SMR Nov-2022 Release 1 allows local attacker to execute arbitrary code. | ||||
| CVE-2022-39891 | 1 Samsung | 1 Editor Lite | 2025-05-01 | 4.3 Medium |
| Heap overflow vulnerability in parse_pce function in libsavsaudio.so in Editor Lite prior to version 4.0.41.3 allows attacker to get information. | ||||
| CVE-2021-34569 | 1 Wago | 98 750-8100, 750-8100 Firmware, 750-8101 and 95 more | 2025-05-01 | 9.8 Critical |
| In WAGO I/O-Check Service in multiple products an attacker can send a specially crafted packet containing OS commands to crash the diagnostic tool and write memory. | ||||
| CVE-2022-44319 | 1 Picoc Project | 1 Picoc | 2025-05-01 | 5.5 Medium |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StdioBasePrintf function in cstdlib/string.c when called from ExpressionParseFunctionCall. | ||||
| CVE-2022-44312 | 1 Picoc Project | 1 Picoc | 2025-05-01 | 5.5 Medium |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionCoerceInteger function in expression.c when called from ExpressionInfixOperator. | ||||
| CVE-2024-29131 | 4 Apache, Fedoraproject, Netapp and 1 more | 7 Commons Configuration, Fedora, Ontap Tools and 4 more | 2025-05-01 | 7.3 High |
| Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue. | ||||
| CVE-2024-29133 | 3 Apache, Fedoraproject, Redhat | 5 Commons Configuration, Fedora, Amq Broker and 2 more | 2025-05-01 | 5.4 Medium |
| Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue. | ||||
| CVE-2023-5474 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-05-01 | 8.8 High |
| Heap buffer overflow in PDF in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) | ||||
| CVE-2023-5176 | 3 Debian, Mozilla, Redhat | 9 Debian Linux, Firefox, Firefox Esr and 6 more | 2025-05-01 | 9.8 Critical |
| Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. | ||||
| CVE-2022-44321 | 1 Picoc Project | 1 Picoc | 2025-05-01 | 5.5 Medium |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the LexSkipComment function in lex.c when called from LexScanGetToken. | ||||
| CVE-2022-44320 | 1 Picoc Project | 1 Picoc | 2025-05-01 | 5.5 Medium |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionCoerceFP function in expression.c when called from ExpressionParseFunctionCall. | ||||
| CVE-2022-44316 | 1 Picoc Project | 1 Picoc | 2025-05-01 | 5.5 Medium |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the LexGetStringConstant function in lex.c when called from LexScanGetToken. | ||||