Total
13831 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-10996 | 1 Openbabel | 1 Open Babel | 2025-09-29 | 5.3 Medium |
| A vulnerability was detected in Open Babel up to 3.1.1. This issue affects the function OBSmilesParser::ParseSmiles of the file /src/formats/smilesformat.cpp. Performing manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit is now public and may be used. | ||||
| CVE-2025-10995 | 1 Openbabel | 1 Open Babel | 2025-09-29 | 5.3 Medium |
| A security vulnerability has been detected in Open Babel up to 3.1.1. This vulnerability affects the function zlib_stream::basic_unzip_streambuf::underflow in the library /src/zipstreamimpl.h. Such manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2025-10994 | 1 Openbabel | 1 Open Babel | 2025-09-29 | 5.3 Medium |
| A weakness has been identified in Open Babel up to 3.1.1. This affects the function GAMESSOutputFormat::ReadMolecule of the file gamessformat.cpp. This manipulation causes use after free. It is possible to launch the attack on the local host. The exploit has been made available to the public and could be exploited. | ||||
| CVE-2025-11015 | 1 Ogrecave | 1 Ogre | 2025-09-29 | 5.3 Medium |
| A weakness has been identified in OGRECave Ogre up to 14.4.1. Impacted is the function STBIImageCodec::encode of the file /ogre/PlugIns/STBICodec/src/OgreSTBICodec.cpp. This manipulation causes mismatched memory management routines. The attack is restricted to local execution. The exploit has been made available to the public and could be exploited. | ||||
| CVE-2025-11010 | 1 Vstakhov | 1 Libucl | 2025-09-29 | 5.3 Medium |
| A vulnerability has been found in vstakhov libucl up to 0.9.2. Affected by this vulnerability is the function ucl_include_common of the file /src/ucl_util.c. Such manipulation leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-56438 | 1 Huawei | 2 Emui, Harmonyos | 2025-09-26 | 6 Medium |
| Vulnerability of improper memory address protection in the HUKS module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-10953 | 1 Utt | 2 1200gw, 1250gw | 2025-09-26 | 8.8 High |
| A security vulnerability has been detected in UTT 1200GW and 1250GW up to 3.0.0-170831/3.2.2-200710. This vulnerability affects unknown code of the file /goform/formApMail. The manipulation of the argument senderEmail leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-3549 | 1 Assimp | 1 Assimp | 2025-09-26 | 5.3 Medium |
| A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD3Importer::ValidateSurfaceHeaderOffsets of the file code/AssetLib/MD3/MD3Loader.cpp of the component File Handler. The manipulation leads to heap-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-9007 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-09-26 | 8.8 High |
| A vulnerability has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function formeditFileName of the file /goform/editFileName. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-9006 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-09-26 | 8.8 High |
| A vulnerability was identified in Tenda CH22 1.0.0.1. Affected by this vulnerability is the function formdelFileName of the file /goform/delFileName. The manipulation leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-41021 | 1 Linux | 1 Linux Kernel | 2025-09-25 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: s390/mm: Fix VM_FAULT_HWPOISON handling in do_exception() There is no support for HWPOISON, MEMORY_FAILURE, or ARCH_HAS_COPY_MC on s390. Therefore we do not expect to see VM_FAULT_HWPOISON in do_exception(). However, since commit af19487f00f3 ("mm: make PTE_MARKER_SWAPIN_ERROR more general"), it is possible to see VM_FAULT_HWPOISON in combination with PTE_MARKER_POISONED, even on architectures that do not support HWPOISON otherwise. In this case, we will end up on the BUG() in do_exception(). Fix this by treating VM_FAULT_HWPOISON the same as VM_FAULT_SIGBUS, similar to x86 when MEMORY_FAILURE is not configured. Also print unexpected fault flags, for easier debugging. Note that VM_FAULT_HWPOISON_LARGE is not expected, because s390 cannot support swap entries on other levels than PTE level. | ||||
| CVE-2025-10779 | 2 D-link, Dlink | 3 Dcs-935l, Dcs-935l, Dcs-935l Firmware | 2025-09-25 | 8.8 High |
| A vulnerability was found in D-Link DCS-935L up to 1.13.01. The impacted element is the function sub_402280 of the file /HNAP1/. The manipulation of the argument HNAP_AUTH/SOAPAction results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2014-0789 | 1 Schneider-electric | 5 Opc Factory Server Tlxcdlfofs, Opc Factory Server Tlxcdltofs, Opc Factory Server Tlxcdluofs and 2 more | 2025-09-25 | N/A |
| Multiple buffer overflows in the OPC Automation 2.0 Server Object ActiveX control in Schneider Electric OPC Factory Server (OFS) TLXCDSUOFS33 3.5 and earlier, TLXCDSTOFS33 3.5 and earlier, TLXCDLUOFS33 3.5 and earlier, TLXCDLTOFS33 3.5 and earlier, and TLXCDLFOFS33 3.5 and earlier allow remote attackers to cause a denial of service via long arguments to unspecified functions. | ||||
| CVE-2014-0787 | 1 Wellintech | 1 Kingscada | 2025-09-25 | N/A |
| Stack-based buffer overflow in WellinTech KingSCADA before 3.1.2.13 allows remote attackers to execute arbitrary code via a crafted packet. | ||||
| CVE-2014-0784 | 1 Yokogawa | 1 Centum Cs 3000 | 2025-09-25 | N/A |
| Stack-based buffer overflow in BKBCopyD.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via a crafted TCP packet. | ||||
| CVE-2014-0783 | 1 Yokogawa | 1 Centum Cs 3000 | 2025-09-25 | N/A |
| Stack-based buffer overflow in BKHOdeq.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via a crafted TCP packet. | ||||
| CVE-2014-0782 | 1 Yokogawa | 15 B\/m9000 Vp, B\/m9000 Vp Software, B\/m9000cs and 12 more | 2025-09-25 | N/A |
| Stack-based buffer overflow in BKESimmgr.exe in the Expanded Test Functions package in Yokogawa CENTUM CS 1000, CENTUM CS 3000 Entry Class R3.09.50 and earlier, CENTUM VP R5.03.00 and earlier, CENTUM VP Entry Class R5.03.00 and earlier, Exaopc R3.71.02 and earlier, B/M9000CS R5.05.01 and earlier, and B/M9000 VP R7.03.01 and earlier allows remote attackers to execute arbitrary code via a crafted packet. | ||||
| CVE-2014-0781 | 1 Yokogawa | 1 Centum Cs 3000 | 2025-09-25 | N/A |
| Heap-based buffer overflow in BKCLogSvr.exe in Yokogawa CENTUM CS 3000 R3.09.50 and earlier allows remote attackers to execute arbitrary code via crafted UDP packets. | ||||
| CVE-2025-10815 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2025-09-25 | 8.8 High |
| A vulnerability was identified in Tenda AC20 up to 16.03.08.12. Affected by this issue is the function strcpy of the file /goform/SetPptpServerCfg of the component HTTP POST Request Handler. Such manipulation of the argument startIp leads to buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used. | ||||
| CVE-2025-21483 | 1 Qualcomm | 1 Snapdragon | 2025-09-25 | 9.8 Critical |
| Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs. | ||||