Export limit exceeded: 23247 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23247 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-23947 | 3 Debian, Fedoraproject, Kicad | 3 Debian Linux, Fedora, Kicad Eda | 2025-04-15 | 7.8 High |
| A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon DCodeNumber parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21969 | 1 Sealevel | 2 Seaconnect 370w, Seaconnect 370w Firmware | 2025-04-15 | 8.1 High |
| An out-of-bounds write vulnerability exists in the HandleSeaCloudMessage functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. The HandleIncomingSeaCloudMessage function uses at [4] the json_object_get_string to populate the p_payload global variable. The p_payload is only 0x100 bytes long, and the total MQTT message could be up to 0x201 bytes. Because the function json_object_get_string will fill str based on the length of the json’s value and not the actual str size, this would result in a possible out-of-bounds write. | ||||
| CVE-2021-21970 | 1 Sealevel | 2 Seaconnect 370w, Seaconnect 370w Firmware | 2025-04-15 | 8.1 High |
| An out-of-bounds write vulnerability exists in the HandleSeaCloudMessage functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. The HandleIncomingSeaCloudMessage function uses at [3] the json_object_get_string to populate the p_name global variable. The p_name is only 0x80 bytes long, and the total MQTT message could be up to 0x201 bytes. Because the function json_object_get_string will fill str based on the length of the json’s value and not the actual str size, this would result in a possible out-of-bounds write. | ||||
| CVE-2021-21960 | 1 Sealevel | 2 Seaconnect 370w, Seaconnect 370w Firmware | 2025-04-15 | 10.0 Critical |
| A stack-based buffer overflow vulnerability exists in both the LLMNR functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted network packet can lead to remote code execution. An attacker can send a malicious packet to trigger this vulnerability. | ||||
| CVE-2021-21961 | 1 Sealevel | 2 Seaconnect 370w, Seaconnect 370w Firmware | 2025-04-15 | 10.0 Critical |
| A stack-based buffer overflow vulnerability exists in the NBNS functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted network packet can lead to remote code execution. An attacker can send a malicious packet to trigger this vulnerability. | ||||
| CVE-2021-21962 | 1 Sealevel | 2 Seaconnect 370w, Seaconnect 370w Firmware | 2025-04-15 | 8.1 High |
| A heap-based buffer overflow vulnerability exists in the OTA Update u-download functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A series of specially-crafted MQTT payloads can lead to remote code execution. An attacker must perform a man-in-the-middle attack in order to trigger this vulnerability. | ||||
| CVE-2021-21958 | 1 Hancom | 1 Hancom Office 2020 | 2025-04-15 | 7.8 High |
| A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. A specially-crafted malformed file can lead to memory corruption and potential arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2022-23803 | 3 Debian, Fedoraproject, Kicad | 3 Debian Linux, Fedora, Eda | 2025-04-15 | 7.8 High |
| A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadXYCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2022-23804 | 3 Debian, Fedoraproject, Kicad | 3 Debian Linux, Fedora, Eda | 2025-04-15 | 7.8 High |
| A stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadIJCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21914 | 1 Accusoft | 1 Imagegear | 2025-04-15 | 8.8 High |
| A heap-based buffer overflow vulnerability exists in the DecoderStream::Append functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21939 | 1 Accusoft | 1 Imagegear | 2025-04-15 | 8.8 High |
| A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21942 | 1 Accusoft | 1 Imagegear | 2025-04-15 | 8.8 High |
| An out-of-bounds write vulnerability exists in the TIFF YCbCr image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21943 | 1 Accusoft | 1 Imagegear | 2025-04-15 | 8.8 High |
| A heap-based buffer overflow vulnerability exists in the XWD parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21944 | 1 Accusoft | 1 Imagegear | 2025-04-15 | 8.8 High |
| Two heap-based buffer overflow vulnerabilities exist in the TIFF parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based buffer oveflow takes place trying to copy the first 12 bits from local variable. | ||||
| CVE-2021-21945 | 1 Accusoft | 1 Imagegear | 2025-04-15 | 8.8 High |
| Two heap-based buffer overflow vulnerabilities exist in the TIFF parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based buffer oveflow takes place trying to copy the second 12 bits from local variable. | ||||
| CVE-2021-21946 | 1 Accusoft | 1 Imagegear | 2025-04-15 | 8.8 High |
| Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based buffer overflow takes place when the `SOF3` precision is lower than 9. | ||||
| CVE-2021-21947 | 1 Accusoft | 1 Imagegear | 2025-04-15 | 8.8 High |
| Two heap-based buffer overflow vulnerabilities exists in the JPEG-JFIF lossless Huffman image parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger these vulnerabilities.This heap-based buffer overflow takes place when the `SOF3` precision is greater or equal than 9. | ||||
| CVE-2021-21948 | 2 Anycubic, Chitubox | 2 Chitubox, Chitubox Basic | 2025-04-15 | 7.8 High |
| A heap-based buffer overflow vulnerability exists in the readDatHeadVec functionality of AnyCubic Chitubox AnyCubic Plugin 1.0.0. A specially-crafted GF file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21949 | 1 Accusoft | 1 Imagegear | 2025-04-15 | 8.8 High |
| An improper array index validation vulnerability exists in the JPEG-JFIF Scan header parser functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to an out-of-bounds write and potential code exectuion. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21967 | 1 Sealevel | 2 Seaconnect 370w, Seaconnect 370w Firmware | 2025-04-15 | 5.9 Medium |
| An out-of-bounds write vulnerability exists in the OTA update task functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A specially-crafted MQTT payload can lead to denial of service. An attacker can perform a man-in-the-middle attack to trigger this vulnerability. | ||||