Export limit exceeded: 20387 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20387 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-0951 | 1 Nvidia | 1 Display Driver | 2024-11-21 | 7.8 High |
| A Memory Corruption Vulnerability exists in NVIDIA Graphics Drivers 29549 due to an unknown function in the file proc/driver/nvidia/registry. | ||||
| CVE-2012-0828 | 3 Gnome, Xchat, Xchat-wdk | 3 Gtk, Xchat, Xchat-wdk | 2024-11-21 | 9.8 Critical |
| Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture could allow remote attackers to cause a denial of service (xchat client crash) or execute arbitrary code via a UTF-8 line from server containing characters outside of the Basic Multilingual Plane (BMP). | ||||
| CVE-2011-3630 | 3 Debian, Hardlink Project, Redhat | 3 Debian Linux, Hardlink, Enterprise Linux | 2024-11-21 | 8.8 High |
| Hardlink before 0.1.2 suffer from multiple stack-based buffer overflow flaws because of the way directory trees with deeply nested directories are processed. A remote attacker could provide a specially-crafted directory tree, and trick the local user into consolidating it, leading to hardlink executable crash, or, potentially arbitrary code execution with the privileges of the user running the hardlink executable. | ||||
| CVE-2011-3178 | 1 Opensuse | 1 Open Build Service | 2024-11-21 | N/A |
| In the web ui of the openbuildservice before 2.3.0 a code injection of the project rebuildtimes statistics could be used by authorized attackers to execute shellcode. | ||||
| CVE-2011-2523 | 2 Debian, Vsftpd Project | 2 Debian Linux, Vsftpd | 2024-11-21 | 9.8 Critical |
| vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp. | ||||
| CVE-2011-2195 | 1 Websvn | 1 Websvn | 2024-11-21 | 9.8 Critical |
| A flaw was found in WebSVN 2.3.2. Without prior authentication, if the 'allowDownload' option is enabled in config.php, an attacker can invoke the dl.php script and pass a well formed 'path' argument to execute arbitrary commands against the underlying operating system. | ||||
| CVE-2011-0699 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 7.0 High |
| Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value. | ||||
| CVE-2010-3843 | 1 Ettercap-project | 1 Ettercap | 2024-11-21 | 7.8 High |
| The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ownership of this file. When parsing this file for settings in gtkui_conf_read() (src/interfacesgtk/ec_gtk_conf.c), an unchecked sscanf() call allows a maliciously placed settings file to overflow a statically-sized buffer on the stack. | ||||
| CVE-2007-0899 | 2 Clamav, Debian | 2 Clamav, Debian Linux | 2024-11-21 | 9.8 Critical |
| There is a possible heap overflow in libclamav/fsg.c before 0.100.0. | ||||
| CVE-2007-0158 | 1 Acme | 1 Thttpd | 2024-11-21 | 9.8 Critical |
| thttpd 2007 has buffer underflow. | ||||
| CVE-2024-23715 | 1 Google | 1 Android | 2024-11-20 | 7.8 High |
| In PMRWritePMPageList of pmr.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-11237 | 1 Tp-link | 3 Vn020-f3v\(t\), Vn020-f3v\(t\) Firmware, Vn020 F3v Firmware | 2024-11-19 | 7.5 High |
| A vulnerability, which was classified as critical, has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected by this issue is some unknown functionality of the component DHCP DISCOVER Packet Parser. The manipulation of the argument hostname leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-47909 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2024-11-19 | 4.9 Medium |
| A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service. | ||||
| CVE-2022-1884 | 2 Gogs, Microsoft | 2 Gogs, Windows | 2024-11-19 | 10 Critical |
| A remote command execution vulnerability exists in gogs/gogs versions <=0.12.7 when deployed on a Windows server. The vulnerability arises due to improper validation of the `tree_path` parameter during file uploads. An attacker can set `tree_path=.git.` to upload a file into the .git directory, allowing them to write or rewrite the `.git/config` file. If the `core.sshCommand` is set, this can lead to remote command execution. | ||||
| CVE-2024-49528 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2024-11-18 | 7.8 High |
| Animate versions 23.0.7, 24.0.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-47907 | 1 Ivanti | 1 Connect Secure | 2024-11-18 | 7.5 High |
| A stack-based buffer overflow in IPsec of Ivanti Connect Secure before version 22.7R2.3 allows a remote unauthenticated attacker to cause a denial of service. | ||||
| CVE-2024-47905 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2024-11-18 | 4.9 Medium |
| A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to cause a denial of service. | ||||
| CVE-2024-47427 | 1 Adobe | 1 Substance 3d Painter | 2024-11-16 | 7.8 High |
| Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-49519 | 1 Adobe | 1 Substance 3d Painter | 2024-11-16 | 7.8 High |
| Substance3D - Painter versions 10.1.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2024-49525 | 1 Adobe | 1 Substance 3d Painter | 2024-11-16 | 7.8 High |
| Substance3D - Painter versions 10.1.0 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||