Search Results (4666 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2011-10025 2026-04-15 N/A
Subtitle Processor 7.7.1 contains a buffer overflow vulnerability in its .m3u file parser. When a crafted playlist file is opened, the application converts input to Unicode and copies it to a fixed-size stack buffer without proper bounds checking. This allows an attacker to overwrite the Structured Exception Handler (SEH) and execute arbitrary code.
CVE-2020-37213 1 Digitalvolcano Software 1 Textcrawler Pro 2026-04-15 7.5 High
TextCrawler Pro 3.1.1 contains a denial of service vulnerability that allows attackers to crash the application by sending an oversized buffer in the license key field. Attackers can generate a 6000-byte payload and paste it into the activation field to trigger an application crash.
CVE-2020-37195 1 Nsasoft 2 Blueauditor, Spotauditor 2026-04-15 7.5 High
BlueAuditor 1.7.2.0 contains a denial of service vulnerability in the registration name input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the 'Name' field to trigger an application crash.
CVE-2020-37175 1 Ka Ming Cheung 1 P2pwificam2 For Ios 2026-04-15 7.5 High
P2PWIFICAM2 for iOS 10.4.1 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the Camera ID input field. Attackers can paste a 257-character buffer into the Camera ID field to trigger an application crash on iOS devices.
CVE-2021-47854 1 Dd-wrt 1 Dd-wrt 2026-04-15 9.8 Critical
DD-WRT version 45723 contains a buffer overflow vulnerability in the UPNP network discovery service that allows remote attackers to potentially execute arbitrary code. Attackers can send crafted M-SEARCH packets with oversized UUID payloads to trigger buffer overflow conditions on the target device.
CVE-2018-25125 1 Netis-systems 1 Dl4322d 2026-04-15 N/A
Netis ADSL Router DL4322D firmware RTK 2.1.1 contains a buffer overflow vulnerability in the embedded FTP service that allows an authenticated remote user to trigger a denial of service. After logging in to the FTP service, sending an FTP command such as ABOR with an excessively long argument causes the service, and in practice the router, to crash or become unresponsive, resulting in a loss of availability for the device and connected users.
CVE-2024-27619 1 Dlink 1 Dir-3040 Firmware 2026-04-15 7.3 High
Dlink Dir-3040us A1 1.20b03a hotfix is vulnerable to Buffer Overflow. Any user having read/write access to ftp server can write directly to ram causing buffer overflow if file or files uploaded are greater than available ram. Ftp server allows change of directory to root which is one level up than root of usb flash directory. During upload ram is getting filled and causing system resource exhaustion (no free memory) which causes system to crash and reboot.
CVE-2020-37050 1 M.j.m 1 Quick Player 2026-04-15 9.8 Critical
Quick Player 1.3 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting a malicious .m3l file with carefully constructed payload. Attackers can trigger the vulnerability by loading a specially crafted file through the application's file loading mechanism, potentially enabling remote code execution.
CVE-2020-37040 1 Codeblocks 1 Code::blocks 2026-04-15 8.4 High
Code Blocks 17.12 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by crafting a malicious file name with Unicode characters. Attackers can trigger the vulnerability by pasting a specially crafted payload into the file name field during project creation, potentially executing system commands like calc.exe.
CVE-2019-25354 1 Shenzhen Smarteye Digital Electronics 1 Ismartviewpro 2026-04-15 7.5 High
iSmartViewPro 1.3.34 contains a denial of service vulnerability that allows attackers to crash the application by overflowing the camera ID input field. Attackers can paste a 257-character buffer into the camera DID and password fields to trigger an application crash on iOS devices.
CVE-2019-25349 1 Scadaapp 1 Scadaapp For Ios 2026-04-15 7.5 High
ScadaApp for iOS 1.1.4.0 contains a denial of service vulnerability that allows attackers to crash the application by inputting an oversized buffer in the Servername field. Attackers can paste a 257-character buffer during login to trigger an application crash on iOS devices.
CVE-2024-27908 2026-04-15 4.9 Medium
A buffer overflow vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in denial of service.
CVE-2019-25232 1 Netpclinker 1 Netpclinker 2026-04-15 9.8 Critical
NetPCLinker 1.0.0.0 contains a buffer overflow vulnerability in the Clients Control Panel DNS/IP field that allows attackers to execute arbitrary shellcode. Attackers can craft a malicious payload in the DNS/IP input to overwrite SEH handlers and execute shellcode when adding a new client.
CVE-2026-4687 1 Mozilla 2 Firefox, Firefox Esr 2026-04-14 9.6 Critical
Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4689 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-14 10 Critical
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4690 1 Mozilla 2 Firefox, Firefox Esr 2026-04-14 9.6 Critical
Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4720 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-14 9.8 Critical
Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2026-4729 1 Mozilla 2 Firefox, Thunderbird 2026-04-14 9.8 Critical
Memory safety bugs present in Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149 and Thunderbird 149.
CVE-2026-4721 1 Mozilla 3 Firefox, Firefox Esr, Thunderbird 2026-04-14 9.8 Critical
Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9.
CVE-2025-52909 1 Samsung 21 Exynos, Exynos 1280, Exynos 1280 Firmware and 18 more 2026-04-14 9.8 Critical
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow via a certain ioctl message, issue 2 of 2.