Total
102 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-24478 | 1 Wireshark | 1 Wireshark | 2025-04-14 | 7.5 High |
| An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected. | ||||
| CVE-2025-21442 | 2025-04-07 | 7.8 High | ||
| Memory corruption while transmitting packet mapping information with invalid header payload size. | ||||
| CVE-2024-2608 | 3 Debian, Mozilla, Redhat | 9 Debian Linux, Firefox, Firefox Esr and 6 more | 2025-04-01 | 8.4 High |
| `AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. | ||||
| CVE-2024-55626 | 1 Oisf | 1 Suricata | 2025-03-31 | 3.3 Low |
| Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large BPF filter file provided to Suricata at startup can lead to a buffer overflow at Suricata startup. The issue has been addressed in Suricata 7.0.8. | ||||
| CVE-2024-57956 | 1 Huawei | 1 Harmonyos | 2025-03-17 | 2.8 Low |
| Out-of-bounds read vulnerability in the interpreter string module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2022-36764 | 2 Redhat, Tianocore | 2 Enterprise Linux, Edk2 | 2025-02-13 | 7 High |
| EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability. | ||||
| CVE-2023-37536 | 4 Apache, Fedoraproject, Hcltech and 1 more | 4 Xerces-c\+\+, Fedora, Bigfix Platform and 1 more | 2025-02-13 | 8.2 High |
| An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request. | ||||
| CVE-2022-24834 | 3 Fedoraproject, Redhat, Redis | 3 Fedora, Enterprise Linux, Redis | 2025-02-13 | 7 High |
| Redis is an in-memory database that persists on disk. A specially crafted Lua script executing in Redis can trigger a heap overflow in the cjson library, and result with heap corruption and potentially remote code execution. The problem exists in all versions of Redis with Lua scripting support, starting from 2.6, and affects only authenticated and authorized users. The problem is fixed in versions 7.0.12, 6.2.13, and 6.0.20. | ||||
| CVE-2022-33282 | 1 Qualcomm | 40 Msm8996au, Msm8996au Firmware, Qam8295p and 37 more | 2025-02-11 | 8.4 High |
| Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video playback. | ||||
| CVE-2023-22443 | 1 Intel | 20 Server System D50tnp1mhcpac, Server System D50tnp1mhcpac Firmware, Server System D50tnp1mhcrac and 17 more | 2025-01-27 | 6 Medium |
| Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable denial of service via local access. | ||||
| CVE-2024-21454 | 1 Qualcomm | 8 Auto 4g Modem, Auto 4g Modem Firmware, Auto 5g Modem-rf and 5 more | 2025-01-13 | 7.5 High |
| Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics. | ||||
| CVE-2024-21470 | 1 Qualcomm | 66 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 63 more | 2025-01-13 | 8.4 High |
| Memory corruption while allocating memory for graphics. | ||||
| CVE-2024-56451 | 1 Huawei | 1 Harmonyos | 2025-01-13 | 7.3 High |
| Integer overflow vulnerability during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2024-6381 | 1 Mongodb | 1 Libbson | 2024-11-21 | 4 Medium |
| The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer overflow where the function will try to free memory at a negative offset. This may result in memory corruption. This issue affected libbson versions prior to 1.26.2 | ||||
| CVE-2024-37305 | 1 Open Quantum Safe | 1 Oqs Provider | 2024-11-21 | 8.2 High |
| oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, and S/MIME using post-quantum algorithms from liboqs. Flaws have been identified in the way oqs-provider handles lengths decoded with DECODE_UINT32 at the start of serialized hybrid (traditional + post-quantum) keys and signatures. Unchecked length values are later used for memory reads and writes; malformed input can lead to crashes or information leakage. Handling of plain/non-hybrid PQ key operation is not affected. This issue has been patched in in v0.6.1. All users are advised to upgrade. There are no workarounds for this issue. | ||||
| CVE-2024-33078 | 2024-11-21 | 9.8 Critical | ||
| Tencent Libpag v4.3 is vulnerable to Buffer Overflow. A user can send a crafted image to trigger a overflow leading to remote code execution. | ||||
| CVE-2024-28219 | 1 Redhat | 4 Ansible Automation Platform, Enterprise Linux, Satellite and 1 more | 2024-11-21 | 6.7 Medium |
| In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy. | ||||
| CVE-2023-22305 | 3 Intel, Linux, Microsoft | 3 Aptio V Uefi Firmware Integrator Tools, Linux Kernel, Windows | 2024-11-21 | 6.5 Medium |
| Integer overflow in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2023-21648 | 1 Qualcomm | 68 Aqt1000, Aqt1000 Firmware, Qca6391 and 65 more | 2024-11-21 | 6.7 Medium |
| Memory corruption in RIL while trying to send apdu packet. | ||||
| CVE-2023-21644 | 1 Qualcomm | 102 Aqt1000, Aqt1000 Firmware, Qca6390 and 99 more | 2024-11-21 | 6.7 Medium |
| Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request. | ||||