Total
12883 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-8598 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-25 | 7.8 High |
| A maliciously crafted STP file when parsed in ACTranslators.exe through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-8597 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-25 | 7.8 High |
| A maliciously crafted STP file when parsed in ASMDATAX230A.dll through Autodesk AutoCAD can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-8596 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-25 | 7.8 High |
| A maliciously crafted MODEL file, when parsed in libodxdll.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-8594 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-25 | 7.8 High |
| A maliciously crafted MODEL file when parsed in libodxdll.dll through Autodesk AutoCAD can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-8593 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-25 | 7.8 High |
| A maliciously crafted CATPART file, when parsed in ASMKERN230A.dll through Autodesk AutoCAD, may force an Out-of-Bounds Write vulnerability. A malicious actor may leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. | ||||
| CVE-2022-44789 | 3 Artifex, Debian, Fedoraproject | 3 Mujs, Debian Linux, Fedora | 2025-04-25 | 8.8 High |
| A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file. | ||||
| CVE-2022-44260 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter sPort/ePort in the setIpPortFilterRules function. | ||||
| CVE-2022-44259 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter week, sTime, and eTime in the setParentalRules function. | ||||
| CVE-2022-44258 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter command in the setTracerouteCfg function. | ||||
| CVE-2022-44257 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter pppoeUser in the setOpModeCfg function. | ||||
| CVE-2022-44256 | 1 Totolink | 2 Nr1800x, Nr1800x Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter lang in the setLanguageCfg function. | ||||
| CVE-2022-44255 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 9.8 Critical |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a pre-authentication buffer overflow in the main function via long post data. | ||||
| CVE-2022-44254 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter text in the setSmsCfg function. | ||||
| CVE-2022-44253 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter ip in the setDiagnosisCfg function. | ||||
| CVE-2024-8591 | 2 Autodesk, Microsoft | 9 Autocad, Autocad Advance Steel, Autocad Architecture and 6 more | 2025-04-25 | 7.8 High |
| A maliciously crafted 3DM file when parsed in AcTranslators.exe through Autodesk AutoCAD can force a Heap-Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2024-8587 | 1 Autodesk | 8 Advance Steel, Autocad, Autocad Architecture and 5 more | 2025-04-25 | 7.8 High |
| A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Heap Based Buffer Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, write sensitive data, or execute arbitrary code in the context of the current process. | ||||
| CVE-2022-34667 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2025-04-25 | 4.4 Medium |
| NVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow vulnerability in cuobjdump, where an unprivileged remote attacker could exploit this buffer overflow condition by persuading a local user to download a specially crafted corrupted file and execute cuobjdump against it locally, which may lead to a limited denial of service and some loss of data integrity for the local user. | ||||
| CVE-2022-0137 | 1 Htmldoc Project | 1 Htmldoc | 2025-04-25 | 7.5 High |
| A heap buffer overflow in image_set_mask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries. | ||||
| CVE-2023-50246 | 1 Jqlang | 1 Jq | 2025-04-25 | 6.2 Medium |
| jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this issue. | ||||
| CVE-2021-45985 | 1 Lua | 1 Lua | 2025-04-25 | 7.5 High |
| In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read. | ||||