Export limit exceeded: 363151 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 23167 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (23167 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-43616 1 Corel 1 Coreldraw 2025-02-14 7.8 High
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Corel CorelDRAW Graphics Suite 23.5.0.506. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EMF images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16371.
CVE-2022-43625 1 Dlink 2 Dir-1935, Dir-1935 Firmware 2025-02-14 6.8 Medium
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handling of SetStaticRouteIPv4Settings requests to the web management portal. When parsing the NetMask element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-16144.
CVE-2022-43630 1 Dlink 2 Dir-1935, Dir-1935 Firmware 2025-02-14 8.8 High
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-1935 1.03 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of http requests to the web management portal. When parsing the SOAPAction header, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-16150.
CVE-2023-20675 4 Google, Linux, Mediatek and 1 more 38 Android, Linux Kernel, Mt5221 and 35 more 2025-02-13 4.4 Medium
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588569; Issue ID: ALPS07588569.
CVE-2024-2452 1 Eclipse 1 Threadx Netx Duo 2025-02-13 7 High
In Eclipse ThreadX NetX Duo before 6.4.0, if an attacker can control parameters of __portable_aligned_alloc() could cause an integer wrap-around and an allocation smaller than expected. This could cause subsequent heap buffer overflows.
CVE-2024-2214 1 Eclipse 1 Threadx 2025-02-13 7 High
In Eclipse ThreadX before version 6.4.0, the _Mtxinit() function in the Xtensa port was missing an array size check causing a memory overwrite. The affected file was ports/xtensa/xcc/src/tx_clib_lock.c
CVE-2024-2212 1 Eclipse 1 Threadx 2025-02-13 7.3 High
In Eclipse ThreadX before 6.4.0, xQueueCreate() and xQueueCreateSet() functions from the FreeRTOS compatibility API (utility/rtos_compatibility_layers/FreeRTOS/tx_freertos.c) were missing parameter checks. This could lead to integer wraparound, under-allocations and heap buffer overflows.
CVE-2024-27319 2 Fedoraproject, Linuxfoundation 2 Fedora, Onnx 2025-02-13 4.4 Medium
Versions of the package onnx before and including 1.15.0 are vulnerable to Out-of-bounds Read as the ONNX_ASSERT and ONNX_ASSERTM functions have an off by one string copy.
CVE-2023-5753 1 Zephyrproject 1 Zephyr 2025-02-13 6.3 Medium
Potential buffer overflows in the Bluetooth subsystem due to asserts being disabled in /subsys/bluetooth/host/hci_core.c
CVE-2023-46724 2 Redhat, Squid-cache 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more 2025-02-13 8.6 High
Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages.
CVE-2024-6874 2 Curl, Haxx 2 Libcurl, Libcurl 2025-02-13 3.1 Low
libcurl's URL API function [curl_url_get()](https://curl.se/libcurl/c/curl_url_get.html) offers punycode conversions, to and from IDN. Asking to convert a name that is exactly 256 bytes, libcurl ends up reading outside of a stack based buffer when built to use the *macidn* IDN backend. The conversion function then fills up the provided buffer exactly - but does not null terminate the string. This flaw can lead to stack contents accidently getting returned as part of the converted string.
CVE-2024-6102 1 Google 1 Chrome 2025-02-13 8.8 High
Out of bounds memory access in Dawn in Google Chrome prior to 126.0.6478.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-5835 2 Fedoraproject, Google 2 Fedora, Chrome 2025-02-13 8.8 High
Heap buffer overflow in Tab Groups in Google Chrome prior to 126.0.6478.54 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-5629 3 Debian, Mongodb, Redhat 4 Debian Linux, Pymongo, Python Driver and 1 more 2025-02-13 4.7 Medium
An out-of-bounds read in the 'bson' module of PyMongo 4.6.2 or earlier allows deserialization of malformed BSON provided by a Server to raise an exception which may contain arbitrary application memory.
CVE-2024-5497 2 Fedoraproject, Google 2 Fedora, Chrome 2025-02-13 8.8 High
Out of bounds memory access in Browser UI in Google Chrome prior to 125.0.6422.141 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-5493 3 Canonical, Fedoraproject, Google 3 Ubuntu Linux, Fedora, Chrome 2025-02-13 8.8 High
Heap buffer overflow in WebRTC in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-5160 3 Fedoraproject, Google, Microsoft 3 Fedora, Chrome, Windows 2025-02-13 8.8 High
Heap buffer overflow in Dawn in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)
CVE-2024-5159 2 Fedoraproject, Google 2 Fedora, Chrome 2025-02-13 8.8 High
Heap buffer overflow in ANGLE in Google Chrome prior to 125.0.6422.76 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)
CVE-2024-4559 2 Fedoraproject, Google 2 Fedora, Chrome 2025-02-13 7.5 High
Heap buffer overflow in WebAudio in Google Chrome prior to 124.0.6367.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-40897 2 Gstreamer, Redhat 6 Orc, Enterprise Linux, Rhel Aus and 3 more 2025-02-13 7 High
Stack-based buffer overflow vulnerability exists in orcparse.c of ORC versions prior to 0.4.39. If a developer is tricked to process a specially crafted file with the affected ORC compiler, an arbitrary code may be executed on the developer's build environment. This may lead to compromise of developer machines or CI build environments.