Search Results (23162 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-1544 2 Fedoraproject, Qemu 3 Fedora, Qemu, Rdma 2025-11-03 6 Medium
A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to allocate and initialize a huge number of page tables to be used as a ring of descriptors for CQ and async events, potentially leading to an out-of-bounds read and crash of QEMU.
CVE-2022-36764 2 Redhat, Tianocore 2 Enterprise Linux, Edk2 2025-11-03 7 High
EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.
CVE-2022-36763 2 Redhat, Tianocore 2 Enterprise Linux, Edk2 2025-11-03 7 High
EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability.
CVE-2022-30767 2 Denx, Fedoraproject 2 U-boot, Fedora 2025-11-03 9.8 Critical
nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2019-14196.
CVE-2022-29023 1 Openrazer Project 1 Openrazer 2025-11-03 9.8 Critical
A buffer overflow vulnerability exists in the razermouse driver of OpenRazer up to version v3.3.0 allows attackers to cause a Denial of Service (DoS) and possibly escalate their privileges via a crafted buffer sent to the matrix_custom_frame device.
CVE-2022-29022 1 Openrazer Project 1 Openrazer 2025-11-03 9.8 Critical
A buffer overflow vulnerability exists in the razeraccessory driver of OpenRazer up to version v3.3.0 allows attackers to cause a Denial of Service (DoS) and possibly escalate their privileges via a crafted buffer sent to the matrix_custom_frame device.
CVE-2022-29021 1 Openrazer Project 1 Openrazer 2025-11-03 9.8 Critical
A buffer overflow vulnerability exists in the razerkbd driver of OpenRazer up to version v3.3.0 allows attackers to cause a Denial of Service (DoS) and possibly escalate their privileges via a crafted buffer sent to the matrix_custom_frame device.
CVE-2022-23467 1 Openrazer Project 1 Openrazer 2025-11-03 4.4 Medium
OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. Using a modified USB device an attacker can leak stack addresses of the `razer_attr_read_dpi_stages`, potentially bypassing KASLR. To exploit this vulnerability an attacker would need to access to a users keyboard or mouse or would need to convince a user to use a modified device. The issue has been patched in v3.5.1. Users are advised to upgrade and should be reminded not to plug in unknown USB devices.
CVE-2021-42532 2 Adobe, Debian 2 Xmp Toolkit Software Development Kit, Debian Linux 2025-11-03 7.8 High
XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.
CVE-2021-42531 2 Adobe, Debian 2 Xmp Toolkit Software Development Kit, Debian Linux 2025-11-03 7.8 High
XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.
CVE-2021-42530 2 Adobe, Debian 2 Xmp Toolkit Software Development Kit, Debian Linux 2025-11-03 7.8 High
XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.
CVE-2021-42529 2 Adobe, Debian 2 Xmp Toolkit Software Development Kit, Debian Linux 2025-11-03 7.8 High
XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.
CVE-2021-40716 2 Adobe, Debian 2 Xmp Toolkit Software Development Kit, Debian Linux 2025-11-03 5.5 Medium
XMP Toolkit SDK versions 2021.07 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-39847 2 Adobe, Debian 2 Xmp Toolkit Software Development Kit, Debian Linux 2025-11-03 7.8 High
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.
CVE-2021-38578 3 Insyde, Redhat, Tianocore 3 Kernel, Enterprise Linux, Edk2 2025-11-03 7.4 High
Existing CommBuffer checks in SmmEntryPoint will not catch underflow when computing BufferSize.
CVE-2021-38575 3 Insyde, Redhat, Tianocore 5 Kernel, Enterprise Linux, Rhel Eus and 2 more 2025-11-03 8.1 High
NetworkPkg/IScsiDxe has remotely exploitable buffer overflows.
CVE-2021-36064 2 Adobe, Debian 2 Xmp Toolkit Software Development Kit, Debian Linux 2025-11-03 7.8 High
XMP Toolkit version 2020.1 (and earlier) is affected by a Buffer Underflow vulnerability which could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2021-36057 2 Adobe, Debian 2 Xmp Toolkit Software Development Kit, Debian Linux 2025-11-03 3.3 Low
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a write-what-where condition vulnerability caused during the application's memory allocation process. This may cause the memory management functions to become mismatched resulting in local application denial of service in the context of the current user.
CVE-2021-36056 2 Adobe, Debian 2 Xmp Toolkit Software Development Kit, Debian Linux 2025-11-03 5.5 Medium
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.
CVE-2021-36054 2 Adobe, Debian 2 Xmp Toolkit Software Development Kit, Debian Linux 2025-11-03 3.3 Low
XMP Toolkit SDK version 2020.1 (and earlier) is affected by a buffer overflow vulnerability potentially resulting in local application denial of service in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.