Total
13515 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-26974 | 1 Irfanview | 1 Irfanview | 2025-02-13 | 5.5 Medium |
| Irfanview v4.62 allows a user-mode write access violation via a crafted JPEG 2000 file starting at JPEG2000+0x0000000000001bf0. | ||||
| CVE-2023-36191 | 2025-02-13 | 5.5 Medium | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | ||||
| CVE-2023-1579 | 2 Gnu, Redhat | 2 Binutils, Enterprise Linux | 2025-02-13 | 7.8 High |
| Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. | ||||
| CVE-2024-45573 | 1 Qualcomm | 48 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 45 more | 2025-02-12 | 7.8 High |
| Memory corruption may occour while generating test pattern due to negative indexing of display ID. | ||||
| CVE-2024-39750 | 1 Ibm | 1 Analytics Content Hub | 2025-02-12 | 8.8 High |
| IBM Analytics Content Hub 2.0 is vulnerable to a buffer overflow due to improper return length checking. A remote authenticated attacker could overflow a buffer and execute arbitrary code on the system or cause the server to crash. | ||||
| CVE-2025-0529 | 2025-02-12 | 5.3 Medium | ||
| A vulnerability, which was classified as critical, was found in code-projects Train Ticket Reservation System 1.0. This affects an unknown part of the component Login Form. The manipulation of the argument username leads to stack-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-0720 | 2025-02-12 | 3.3 Low | ||
| A vulnerability was found in Microword eScan Antivirus 7.0.32 on Linux. It has been rated as problematic. Affected by this issue is the function removeExtraSlashes of the file /opt/MicroWorld/sbin/rtscanner of the component Folder Watch List Handler. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2021-22894 | 1 Ivanti | 1 Connect Secure | 2025-02-12 | 8.8 High |
| A buffer overflow vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to execute arbitrary code as the root user via maliciously crafted meeting room. | ||||
| CVE-2023-1676 | 1 Drivergenius | 1 Drivergenius | 2025-02-12 | 7.8 High |
| A vulnerability was found in DriverGenius 9.70.0.346. It has been declared as critical. Affected by this vulnerability is the function 0x9C402088 in the library mydrivers64.sys of the component IOCTL Handler. The manipulation leads to memory corruption. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-224233 was assigned to this vulnerability. | ||||
| CVE-2024-11139 | 2025-02-12 | N/A | ||
| CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow local attackers to exploit these issues to potentially execute arbitrary code when opening a malicious project file. | ||||
| CVE-2024-10498 | 1 Schneider-electric | 1 Powerlogic Hdpm6000 | 2025-02-12 | 6.5 Medium |
| CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could allow an unauthorized attacker to modify configuration values outside of the normal range when the attacker sends specific Modbus write packets to the device which could result in invalid data or loss of web interface functionality. | ||||
| CVE-2023-27729 | 1 F5 | 1 Njs | 2025-02-12 | 7.5 High |
| Nginx NJS v0.7.10 was discovered to contain an illegal memcpy via the function njs_vmcode_return at src/njs_vmcode.c. | ||||
| CVE-2022-46781 | 1 Arm | 2 Avalon Gpu Kernel Driver, Valhall Gpu Kernel Driver | 2025-02-12 | 3.3 Low |
| An issue was discovered in the Arm Mali GPU Kernel Driver. A non-privileged user can make improper GPU memory processing operations to access a limited amount outside of buffer bounds. This affects Valhall r29p0 through r41p0 before r42p0 and Avalon r41p0 before r42p0. | ||||
| CVE-2023-31352 | 2025-02-12 | 6 Medium | ||
| A bug in the SEV firmware may allow an attacker with privileges to read unencrypted memory, potentially resulting in loss of guest private data. | ||||
| CVE-2018-19873 | 5 Canonical, Debian, Opensuse and 2 more | 6 Ubuntu Linux, Debian Linux, Backports and 3 more | 2025-02-11 | 9.8 Critical |
| An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data. | ||||
| CVE-2022-46396 | 1 Arm | 2 Avalon Gpu Kernel Driver, Valhall Gpu Kernel Driver | 2025-02-11 | 4.4 Medium |
| An issue was discovered in the Arm Mali Kernel Driver. A non-privileged user can make improper GPU memory processing operations to access a limited amount outside of buffer bounds. This affects Valhall r29p0 through r41p0 before r42p0 and Avalon r41p0 before r42p0. | ||||
| CVE-2023-25755 | 1 Jtekt | 1 Screen Creator Advance 2 | 2025-02-11 | 7.8 High |
| Screen Creator Advance 2 Ver.0.1.1.4 Build01A and earlier is vulnerable to improper restriction of operations within the bounds of a memory buffer (CWE-119) due to improper check of its data size when processing a project file. If a user of Screen Creator Advance 2 opens a specially crafted project file, information may be disclosed and/or arbitrary code may be executed. | ||||
| CVE-2024-11610 | 2025-02-10 | N/A | ||
| AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EAP9 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24773. | ||||
| CVE-2023-29574 | 1 Axiosys | 1 Bento4 | 2025-02-08 | 5.5 Medium |
| Bento4 v1.6.0-639 was discovered to contain an out-of-memory bug in the mp42avc component. | ||||
| CVE-2023-29571 | 1 Cesanta | 1 Mjs | 2025-02-08 | 5.5 Medium |
| Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via gc_sweep at src/mjs_gc.c. This vulnerability can lead to a Denial of Service (DoS). | ||||