Total
12412 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-0624 | 1 Redhat | 7 Enterprise Linux, Openshift, Rhel Aus and 4 more | 2025-05-09 | 7.6 High |
| A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grub_strcpy() function. During this step, it fails to consider the environment variable length when allocating the internal buffer, resulting in an out-of-bounds write. If correctly exploited, this issue may result in remote code execution through the same network segment grub is searching for the boot information, which can be used to by-pass secure boot protections. | ||||
| CVE-2025-1268 | 2025-05-09 | 9.4 Critical | ||
| Out-of-bounds vulnerability in EMF Recode processing of Generic Plus PCL6 Printer Driver / Generic Plus UFR II Printer Driver / Generic Plus LIPS4 Printer Driver / Generic Plus LIPSLX Printer Driver / Generic Plus PS Printer Driver / Generic FAX Printer Driver / UFRII LT Printer Driver / CARPS2 Printer Driver | ||||
| CVE-2025-1330 | 1 Ibm | 1 Cics Tx | 2025-05-08 | 7.8 High |
| IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyname function. | ||||
| CVE-2025-1329 | 1 Ibm | 1 Cics Tx | 2025-05-08 | 7.8 High |
| IBM CICS TX Standard 11.1 and IBM CICS TX Advanced 10.1 and 11.1 could allow a local user to execute arbitrary code on the system due to failure to handle DNS return requests by the gethostbyaddr function. | ||||
| CVE-2022-41415 | 1 Acer | 2 Altos W2000h-w570h F4, Altos W2000h-w570h F4 Firmware | 2025-05-08 | 9.8 Critical |
| Acer Altos W2000h-W570h F4 R01.03.0018 was discovered to contain a stack overflow in the RevserveMem component. This vulnerability allows attackers to cause a Denial of Service (DoS) via injecting crafted shellcode into the NVRAM variable. | ||||
| CVE-2022-43281 | 1 Webassembly | 1 Wasm | 2025-05-08 | 7.8 High |
| wasm-interp v1.0.29 was discovered to contain a heap overflow via the component std::vector<wabt::Type, std::allocator<wabt::Type>>::size() at /bits/stl_vector.h. | ||||
| CVE-2022-43039 | 1 Gpac | 1 Gpac | 2025-05-08 | 5.5 Medium |
| GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_isom_meta_restore_items_ref at /isomedia/meta.c. | ||||
| CVE-2022-43038 | 1 Axiosys | 1 Bento4 | 2025-05-08 | 6.5 Medium |
| Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadCache() function in mp42ts. | ||||
| CVE-2022-43035 | 1 Axiosys | 1 Bento4 | 2025-05-08 | 6.5 Medium |
| An issue was discovered in Bento4 v1.6.0-639. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42aac. | ||||
| CVE-2022-43034 | 1 Axiosys | 1 Bento4 | 2025-05-08 | 6.5 Medium |
| An issue was discovered in Bento4 v1.6.0-639. There is a heap buffer overflow vulnerability in the AP4_BitReader::SkipBits(unsigned int) function in mp42ts. | ||||
| CVE-2022-43029 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-05-08 | 9.8 Critical |
| Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the time parameter at /goform/SetSysTimeCfg. | ||||
| CVE-2022-43028 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-05-08 | 9.8 Critical |
| Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the timeZone parameter at /goform/SetSysTimeCfg. | ||||
| CVE-2022-43027 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-05-08 | 9.8 Critical |
| Tenda TX3 US_TX3V1.0br_V16.03.13.11_multi_TDE01 was discovered to contain a stack overflow via the firewallEn parameter at /goform/SetFirewallCfg. | ||||
| CVE-2022-42227 | 1 Jsonlint Project | 1 Jsonlint C\+\+ | 2025-05-08 | 7.5 High |
| jsonlint 1.0 is vulnerable to heap-buffer-overflow via /home/hjsz/jsonlint/src/lexer. | ||||
| CVE-2024-25003 | 1 9bis | 1 Kitty | 2025-05-08 | 7.8 High |
| KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the hostname, occurs due to insufficient bounds checking and input sanitization. This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution. | ||||
| CVE-2024-24186 | 1 Jsish | 1 Jsish | 2025-05-08 | 9.8 Critical |
| Jsish v3.5.0 (commit 42c694c) was discovered to contain a stack-overflow via the component IterGetKeysCallback at /jsish/src/jsiValue.c. | ||||
| CVE-2024-22012 | 1 Google | 1 Android | 2025-05-08 | 7.8 High |
| there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2022-3577 | 1 Linux | 1 Linux Kernel | 2025-05-08 | 7.8 High |
| An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect assumption - bigben devices all have inputs. However, malicious devices can break this assumption, leaking to out-of-bound write. | ||||
| CVE-2022-37453 | 1 Softing | 6 Edgeaggregator, Edgeconnector, Opc and 3 more | 2025-05-08 | 7.5 High |
| An issue was discovered in Softing OPC UA C++ SDK before 6.10. A buffer overflow or an excess allocation happens due to unchecked array and matrix bounds in structure data types. | ||||
| CVE-2025-1122 | 2025-05-08 | 6.7 Medium | ||
| Out-Of-Bounds Write in TPM2 Reference Library in Google ChromeOS 15753.50.0 stable on Cr50 Boards allows an attacker with root access to gain persistence and Bypass operating system verification via exploiting the NV_Read functionality during the Challenge-Response process. | ||||