Total
13122 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-23147 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-06 | 7.8 High |
| A maliciously crafted CATPART, X_B and STEP, when parsed in ASMKERN228A.dll and ASMKERN229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. | ||||
| CVE-2024-23157 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-06 | 7.8 High |
| A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. | ||||
| CVE-2024-23156 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-06 | 7.8 High |
| A maliciously crafted 3DM file, when parsed in opennurbs.dll and ASMkern229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, along with other vulnerabilities, can lead to code execution in the current process. | ||||
| CVE-2024-37006 | 1 Autodesk | 9 Advance Steel, Autocad, Autocad Architecture and 6 more | 2025-05-06 | 7.8 High |
| A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process. | ||||
| CVE-2022-32940 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-06 | 7.8 High |
| The issue was addressed with improved bounds checks. This issue is fixed in tvOS 16.1, iOS 16.1 and iPadOS 16, macOS Ventura 13, watchOS 9.1. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2022-32939 | 1 Apple | 2 Ipados, Iphone Os | 2025-05-06 | 7.8 High |
| The issue was addressed with improved bounds checks. This issue is fixed in iOS 15.7.1 and iPadOS 15.7.1, iOS 16.1 and iPadOS 16. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2022-32934 | 1 Apple | 1 Macos | 2025-05-06 | 8.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.7, macOS Ventura 13, macOS Monterey 12.6. A remote user may be able to cause kernel code execution. | ||||
| CVE-2018-18601 | 1 Guardzilla | 2 Gz621w, Gz621w Firmware | 2025-05-06 | 8.1 High |
| The TK_set_deviceModel_req_handle function in the cloud communication component in Guardzilla GZ621W devices with firmware 0.5.1.4 has a Buffer Overflow. | ||||
| CVE-2018-6337 | 1 Facebook | 2 Folly, Hhvm | 2025-05-06 | 7.5 High |
| folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. That will result in multiple forked children producing repeat (or similar) results. This affects HHVM 3.26 prior to 3.26.3 and the folly library between v2017.12.11.00 and v2018.08.09.00. | ||||
| CVE-2018-25032 | 12 Apple, Azul, Debian and 9 more | 46 Mac Os X, Macos, Zulu and 43 more | 2025-05-06 | 7.5 High |
| zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. | ||||
| CVE-2017-9633 | 1 Infineon | 1 S-gold 2 Pmb 8876 | 2025-05-06 | 8.8 High |
| An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in the Continental AG Infineon S-Gold 2 (PMB 8876) chipset on BMW several models produced between 2009-2010, Ford a limited number of P-HEV vehicles, Infiniti 2013 JX35, Infiniti 2014-2016 QX60, Infiniti 2014-2016 QX60 Hybrid, Infiniti 2014-2015 QX50, Infiniti 2014-2015 QX50 Hybrid, Infiniti 2013 M37/M56, Infiniti 2014-2016 Q70, Infiniti 2014-2016 Q70L, Infiniti 2015-2016 Q70 Hybrid, Infiniti 2013 QX56, Infiniti 2014-2016 QX 80, and Nissan 2011-2015 Leaf. A vulnerability in the temporary mobile subscriber identity (TMSI) may allow an attacker to access and control memory. This may allow remote code execution on the baseband radio processor of the TCU. | ||||
| CVE-2017-16368 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2025-05-06 | 8.8 High |
| An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability leads to a stack-based buffer overflow condition in the internal Unicode string manipulation module. It is triggered by an invalid PDF file, where a crafted Unicode string causes an out of bounds memory access of a stack allocated buffer, due to improper checks when manipulating an offset of a pointer to the buffer. Attackers can exploit the vulnerability and achieve arbitrary code execution if they can effectively control the accessible memory. | ||||
| CVE-2022-32923 | 2 Apple, Redhat | 7 Ipados, Iphone Os, Macos and 4 more | 2025-05-06 | 6.5 Medium |
| A correctness issue in the JIT was addressed with improved checks. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose internal states of the app. | ||||
| CVE-2022-42798 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-05-05 | 5.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 16.1, iOS 15.7.1 and iPadOS 15.7.1, macOS Ventura 13, watchOS 9.1, iOS 16.1 and iPadOS 16, macOS Monterey 12.6.1, macOS Big Sur 11.7.1. Parsing a maliciously crafted audio file may lead to disclosure of user information. | ||||
| CVE-2022-23219 | 4 Debian, Gnu, Oracle and 1 more | 9 Debian Linux, Glibc, Communications Cloud Native Core Binding Support Function and 6 more | 2025-05-05 | 9.8 Critical |
| The deprecated compatibility function clnt_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its hostname argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. | ||||
| CVE-2022-23218 | 4 Debian, Gnu, Oracle and 1 more | 5 Debian Linux, Glibc, Communications Cloud Native Core Unified Data Repository and 2 more | 2025-05-05 | 9.8 Critical |
| The deprecated compatibility function svcunix_create in the sunrpc module of the GNU C Library (aka glibc) through 2.34 copies its path argument on the stack without validating its length, which may result in a buffer overflow, potentially resulting in a denial of service or (if an application is not built with a stack protector enabled) arbitrary code execution. | ||||
| CVE-2022-21237 | 1 Intel | 118 Lapbc510, Lapbc510 Firmware, Lapbc710 and 115 more | 2025-05-05 | 6.7 Medium |
| Improper buffer access in firmware for some Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2022-21160 | 1 Intel | 18 Proset Wi-fi 6e Ax210, Proset Wi-fi 6e Ax210 Firmware, Wi-fi 6 Ax200 and 15 more | 2025-05-05 | 7.5 High |
| Improper buffer restrictions for some Intel(R) PROSet/Wireless WiFi products may allow an unauthenticated user to potentially enable denial of service via network access. | ||||
| CVE-2021-33847 | 1 Intel | 36 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3165 Firmware, Dual Band Wireless-ac 3168 and 33 more | 2025-05-05 | 7.8 High |
| Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2021-26257 | 1 Intel | 36 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3165 Firmware, Dual Band Wireless-ac 3168 and 33 more | 2025-05-05 | 5.5 Medium |
| Improper buffer restrictions in firmware for some Intel(R) Wireless Bluetooth(R) and Killer(TM) Bluetooth(R) products before version 22.120 may allow an authenticated user to potentially enable denial of service via local access. | ||||