Total
3801 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-21464 | 1 Qualcomm | 42 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 39 more | 2025-01-10 | 8.4 High |
| Memory corruption while processing IPA statistics, when there are no active clients registered. | ||||
| CVE-2021-45039 | 1 Uniview | 1 Camera Firmware | 2025-01-10 | 9.8 Critical |
| Multiple models of the Uniview IP Camera (e.g., IPC_G6103 B6103.16.10.B25.201218, IPC_G61, IPC21, IPC23, IPC32, IPC36, IPC62, and IPC_HCMN) offer an undocumented UDP service on port 7788 that allows a remote unauthenticated attacker to overflow an internal buffer and achieve code execution. By using this buffer overflow, a remote attacker can start the telnetd service. This service has a hardcoded default username and password (root/123456). Although it has a restrictive shell, this can be easily bypassed via the built-in ECHO shell command. | ||||
| CVE-2023-25746 | 2 Mozilla, Redhat | 7 Firefox Esr, Thunderbird, Enterprise Linux and 4 more | 2025-01-09 | 8.8 High |
| Memory safety bugs present in Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 102.8 and Firefox ESR < 102.8. | ||||
| CVE-2023-25745 | 1 Mozilla | 1 Firefox | 2025-01-09 | 8.8 High |
| Memory safety bugs present in Firefox 109. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 110. | ||||
| CVE-2024-30962 | 2 Open Robotics, Openrobotics | 4 Nav2 Humble, Ros2 Humble, Ros2 Navigation2 and 1 more | 2025-01-09 | 7.8 High |
| Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2_amcl process | ||||
| CVE-2024-48956 | 2025-01-09 | 9.8 Critical | ||
| Serviceware Processes 6.0 through 7.3 before 7.4 allows attackers without valid authentication to send a specially crafted HTTP request to a service endpoint resulting in remote code execution. | ||||
| CVE-2023-25744 | 2 Mozilla, Redhat | 7 Firefox, Firefox Esr, Enterprise Linux and 4 more | 2025-01-09 | 8.8 High |
| Mmemory safety bugs present in Firefox 109 and Firefox ESR 102.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 110 and Firefox ESR < 102.8. | ||||
| CVE-2024-10106 | 2025-01-09 | 3.7 Low | ||
| A buffer overflow vulnerability in the packet handoff plugin allows an attacker to overwrite memory outside the plugin's buffer. | ||||
| CVE-2023-28176 | 2 Mozilla, Redhat | 8 Firefox, Firefox Esr, Thunderbird and 5 more | 2025-01-08 | 8.8 High |
| Memory safety bugs present in Firefox 110 and Firefox ESR 102.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9. | ||||
| CVE-2024-6350 | 2025-01-08 | 6.5 Medium | ||
| A malformed 802.15.4 packet causes a buffer overflow to occur leading to an assert and a denial of service. A watchdog reset clears the error condition automatically. | ||||
| CVE-2023-27989 | 1 Zyxel | 8 Lte7480-m804, Lte7480-m804 Firmware, Lte7490-m904 and 5 more | 2025-01-08 | 6.5 Medium |
| A buffer overflow vulnerability in the CGI program of the Zyxel NR7101 firmware versions prior to V1.00(ABUV.8)C0 could allow a remote authenticated attacker to cause denial of service (DoS) conditions by sending a crafted HTTP request to a vulnerable device. | ||||
| CVE-2023-43504 | 1 Siemens | 1 Comos | 2025-01-08 | 9.6 Critical |
| A vulnerability has been identified in COMOS (All versions < V10.4.4). Ptmcast executable used for testing cache validation service in affected application is vulnerable to Structured Exception Handler (SEH) based buffer overflow. This could allow an attacker to execute arbitrary code on the target system or cause denial of service condition. | ||||
| CVE-2023-33457 | 1 Sogou | 1 C\+\+ Workflow | 2025-01-08 | 8.8 High |
| In Sogou Workflow v0.10.6, memcpy a negtive size in URIParser::parse , may cause buffer-overflow and crash. | ||||
| CVE-2024-0156 | 1 Dell | 1 Digital Delivery | 2025-01-08 | 7 High |
| Dell Digital Delivery, versions prior to 5.2.0.0, contain a Buffer Overflow Vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to arbitrary code execution and/or privilege escalation. | ||||
| CVE-2022-48439 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-07 | 4.4 Medium |
| In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. | ||||
| CVE-2023-25434 | 1 Libtiff | 1 Libtiff | 2025-01-06 | 8.8 High |
| libtiff 4.5.0 is vulnerable to Buffer Overflow via extractContigSamplesBytes() at /libtiff/tools/tiffcrop.c:3215. | ||||
| CVE-2022-37055 | 1 Dlink | 2 Go-rt-ac750, Go-rt-ac750 Firmware | 2025-01-06 | 9.8 Critical |
| D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to Buffer Overflow via cgibin, hnap_main, | ||||
| CVE-2022-28550 | 1 Jhead Project | 1 Jhead | 2025-01-03 | 9.8 Critical |
| Matthias-Wandel/jhead jhead 3.06 is vulnerable to Buffer Overflow via shellescape(), jhead.c, jhead. jhead copies strings to a stack buffer when it detects a &i or &o. However, jhead does not check the boundary of the stack buffer. As a result, there will be a stack buffer overflow problem when multiple `&i` or `&o` are given. | ||||
| CVE-2023-32674 | 1 Hp | 1 Pc Hardware Diagnostics | 2025-01-03 | 9.8 Critical |
| Certain versions of HP PC Hardware Diagnostics Windows are potentially vulnerable to buffer overflow. | ||||
| CVE-2023-34336 | 1 Ami | 1 Megarac Sp-x | 2025-01-03 | 8.1 High |
| AMI BMC contains a vulnerability in the IPMI handler, where an attacker with the required privileges can cause a buffer overflow, which may lead to code execution, denial of service, or escalation of privileges. | ||||