Total
12427 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-43281 | 1 Webassembly | 1 Wasm | 2025-05-08 | 7.8 High |
| wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector<wabt::Type, std::allocator<wabt::Type>>::size() at /bits/stl_vector.h. | ||||
| CVE-2022-43039 | 1 Gpac | 1 Gpac | 2025-05-08 | 5.5 Medium |
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_isom_meta_restore_items_ref at /isomedia/meta.c. | ||||
| CVE-2022-43038 | 1 Axiosys | 1 Bento4 | 2025-05-08 | 6.5 Medium |
| Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadCache() function in mp42ts. | ||||
| CVE-2022-43035 | 1 Axiosys | 1 Bento4 | 2025-05-08 | 6.5 Medium |
| An issue was discovered in Bento4 v1.6.0-639. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42aac. | ||||
| CVE-2022-43034 | 1 Axiosys | 1 Bento4 | 2025-05-08 | 6.5 Medium |
| An issue was discovered in Bento4 v1.6.0-639. There is a heap buffer overflow vulnerability in the AP4_BitReader::SkipBits(unsigned int) function in mp42ts. | ||||
| CVE-2022-43029 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-05-08 | 9.8 Critical |
| Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the time parameter at /goform/SetSysTimeCfg. | ||||
| CVE-2022-43028 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-05-08 | 9.8 Critical |
| Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter at /goform/SetSysTimeCfg. | ||||
| CVE-2022-43027 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-05-08 | 9.8 Critical |
| Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the firewallEn parameter at /goform/SetFirewallCfg. | ||||
| CVE-2022-42227 | 1 Jsonlint Project | 1 Jsonlint C\+\+ | 2025-05-08 | 7.5 High |
| jsonlint 1.0 is vulnerable to heap-buffer-overflow via /home/hjsz/jsonlint/src/lexer. | ||||
| CVE-2024-25003 | 1 9bis | 1 Kitty | 2025-05-08 | 7.8 High |
| KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the hostname, occurs due to insufficient bounds checking and input sanitization. This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution. | ||||
| CVE-2024-24186 | 1 Jsish | 1 Jsish | 2025-05-08 | 9.8 Critical |
| Jsish v3.5.0 (commit 42c694c) was discovered to contain a stack-overflow via the component IterGetKeysCallback at /jsish/src/jsiValue.c. | ||||
| CVE-2024-22012 | 1 Google | 1 Android | 2025-05-08 | 7.8 High |
| there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2022-3577 | 1 Linux | 1 Linux Kernel | 2025-05-08 | 7.8 High |
| An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect assumption - bigben devices all have inputs. However, malicious devices can break this assumption, leaking to out-of-bound write. | ||||
| CVE-2022-37453 | 1 Softing | 6 Edgeaggregator, Edgeconnector, Opc and 3 more | 2025-05-08 | 7.5 High |
| An issue was discovered in Softing OPC UA C++ SDK before 6.10. A buffer overflow or an excess allocation happens due to unchecked array and matrix bounds in structure data types. | ||||
| CVE-2025-1122 | 2025-05-08 | 6.7 Medium | ||
| Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 15753.50.0 stable on Cr50 Boards allows an attacker with root access to gain persistence and Bypass operating system verification via exploiting the NV_Read functionality during the Challenge-Response process. | ||||
| CVE-2024-20817 | 1 Samsung | 1 Android | 2025-05-08 | 6.6 Medium |
| Out-of-bounds Write vulnerabilities in svc1td_vld_slh of libsthmbc.so prior to SMR Feb-2024 Release 1 allows local attackers to trigger buffer overflow. | ||||
| CVE-2025-30102 | 2025-05-08 | 5.5 Medium | ||
| Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.1.0, contains an out-of-bounds write vulnerability. A local low privileged attacker could potentially exploit this vulnerability, leading to denial of service. | ||||
| CVE-2024-24921 | 1 Siemens | 1 Simcenter Femap | 2025-05-08 | 7.8 High |
| A vulnerability has been identified in Simcenter Femap (All versions < V2401.0000). The affected application is vulnerable to memory corruption while parsing specially crafted Catia MODEL files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-21712) | ||||
| CVE-2025-26595 | 3 Redhat, Tigervnc, X.org | 9 Enterprise Linux, Rhel Aus, Rhel E4s and 6 more | 2025-05-08 | 7.8 High |
| A buffer overflow flaw was found in X.Org and Xwayland. The code in XkbVModMaskText() allocates a fixed-sized buffer on the stack and copies the names of the virtual modifiers to that buffer. The code fails to check the bounds of the buffer and would copy the data regardless of the size. | ||||
| CVE-2022-41741 | 3 Debian, F5, Fedoraproject | 4 Debian Linux, Nginx, Nginx Ingress Controller and 1 more | 2025-05-08 | 7 High |
| NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a specially crafted audio or video file. The issue affects only NGINX products that are built with the ngx_http_mp4_module, when the mp4 directive is used in the configuration file. Further, the attack is possible only if an attacker can trigger processing of a specially crafted audio or video file with the module ngx_http_mp4_module. | ||||