Search Results (21103 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-48337 3 Debian, Gnu, Redhat 4 Debian Linux, Emacs, Enterprise Linux and 1 more 2025-03-18 9.8 Critical
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u *" command (suggested in the etags documentation) in a situation where the current working directory has contents that depend on untrusted input.
CVE-2021-26344 1 Amd 141 Epyc 7001, Epyc 7001 Firmware, Epyc 7203 and 138 more 2025-03-18 7.2 High
An out of bounds memory write when processing the AMD PSP1 Configuration Block (APCB) could allow an attacker with access the ability to modify the BIOS image, and the ability to sign the resulting image, to potentially modify the APCB block resulting in arbitrary code execution.
CVE-2024-57014 1 Totolink 2 X5000r, X5000r Firmware 2025-03-18 7.8 High
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "recHour" parameter in setScheduleCfg.
CVE-2024-46274 2 Cute Png, Randygaul 2 Cute Png, Cute Png 2025-03-18 7.8 High
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_stored() function at cute_png.h.
CVE-2024-46267 2 Cute Png, Randygaul 2 Cute Png, Cute Png 2025-03-18 7.8 High
cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_block() function at cute_png.h.
CVE-2023-0861 1 Netmodule 10 Nb1601, Nb1800, Nb1810 and 7 more 2025-03-18 7.2 High
NetModule NSRW web administration interface executes an OS command constructed with unsanitized user input. A successful exploit could allow an authenticated user to execute arbitrary commands with elevated privileges. This issue affects NSRW: from 4.3.0.0 before 4.3.0.119, from 4.4.0.0 before 4.4.0.118, from 4.6.0.0 before 4.6.0.105, from 4.7.0.0 before 4.7.0.103.
CVE-2025-25898 1 Tp-link 2 Tl-wr841nd, Tl-wr841nd Firmware 2025-03-18 7.5 High
A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the pskSecret parameter at /userRpm/WlanSecurityRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet.
CVE-2024-57015 1 Totolink 2 X5000r, X5000r Firmware 2025-03-18 8.8 High
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "hour" parameter in setScheduleCfg.
CVE-2025-29387 1 Tenda 2 Ac9, Ac9 Firmware 2025-03-17 7.1 High
In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution.
CVE-2023-20659 4 Google, Linux, Mediatek and 1 more 37 Android, Linux Kernel, Mt5221 and 34 more 2025-03-17 6.7 Medium
In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588413.
CVE-2023-20658 2 Google, Mediatek 8 Android, Mt6895, Mt6983 and 5 more 2025-03-17 6.7 Medium
In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07537393; Issue ID: ALPS07180396.
CVE-2023-20657 2 Google, Mediatek 40 Android, Mt6580, Mt6735 and 37 more 2025-03-17 6.7 Medium
In mtee, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571485; Issue ID: ALPS07571485.
CVE-2023-20656 2 Google, Mediatek 34 Android, Mt6765, Mt6768 and 31 more 2025-03-17 6.7 Medium
In geniezone, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571494; Issue ID: ALPS07571494.
CVE-2023-20654 2 Google, Mediatek 60 Android, Mt6580, Mt6731 and 57 more 2025-03-17 6.7 Medium
In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589148.
CVE-2022-37937 1 Hpe 1 Serviceguard For Linux 2025-03-17 9.8 Critical
Pre-auth memory corruption in HPE Serviceguard
CVE-2024-3176 1 Google 1 Chrome 2025-03-17 8.8 High
Out of bounds write in SwiftShader in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
CVE-2024-57011 1 Totolink 2 X5000r, X5000r Firmware 2025-03-17 8.8 High
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "minute" parameters in setScheduleCfg.
CVE-2023-5002 2 Fedoraproject, Pgadmin 2 Fedora, Pgadmin 4 2025-03-17 6 Medium
A flaw was found in pgAdmin. This issue occurs when the pgAdmin server HTTP API validates the path a user selects to external PostgreSQL utilities such as pg_dump and pg_restore. Versions of pgAdmin prior to 7.6 failed to properly control the server code executed on this API, allowing an authenticated user to run arbitrary commands on the server.
CVE-2024-35519 1 Netgear 6 Ex3700, Ex3700 Firmware, Ex6100 and 3 more 2025-03-17 8.4 High
Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi via the ap_mode parameter.
CVE-2024-27387 1 Samsung 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more 2025-03-17 6.7 Medium
An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_rx_range_done_ind(), there is no input validation check on rtt_id coming from userspace, which can lead to a heap overwrite.