Export limit exceeded: 342216 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 342216 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21125 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-36598 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1809, Windows 10 21h1 and 8 more | 2025-04-14 | 7.8 High |
| Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability | ||||
| CVE-2023-36701 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2025-04-14 | 7.8 High |
| Microsoft Resilient File System (ReFS) Elevation of Privilege Vulnerability | ||||
| CVE-2023-36728 | 1 Microsoft | 3 Odbc Driver For Sql Server, Ole Db Driver For Sql Server, Sql Server | 2025-04-14 | 5.5 Medium |
| Microsoft SQL Server Denial of Service Vulnerability | ||||
| CVE-2023-36729 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2025-04-14 | 7.8 High |
| Named Pipe File System Elevation of Privilege Vulnerability | ||||
| CVE-2023-36730 | 1 Microsoft | 2 Odbc Driver For Sql Server, Sql Server | 2025-04-14 | 7.8 High |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2022-43598 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2025-04-14 | 8.1 High |
| Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT16`. | ||||
| CVE-2022-47949 | 1 Nintendo | 9 Animal Crossing\, Arms, Mario Kart 7 and 6 more | 2025-04-14 | 9.8 Critical |
| The Nintendo NetworkBuffer class, as used in Animal Crossing: New Horizons before 2.0.6 and other products, allows remote attackers to execute arbitrary code via a large UDP packet that causes a buffer overflow, aka ENLBufferPwn. The victim must join a game session with the attacker. Other affected products include Mario Kart 7 before 1.2, Mario Kart 8, Mario Kart 8 Deluxe before 2.1.0, ARMS before 5.4.1, Splatoon, Splatoon 2 before 5.5.1, Splatoon 3 before late 2022, Super Mario Maker 2 before 3.0.2, and Nintendo Switch Sports before late 2022. | ||||
| CVE-2022-47940 | 1 Linux | 1 Linux Kernel | 2025-04-14 | 8.1 High |
| An issue was discovered in ksmbd in the Linux kernel 5.15 through 5.18 before 5.18.18. fs/ksmbd/smb2pdu.c lacks length validation in the non-padding case in smb2_write. | ||||
| CVE-2022-41318 | 2 Redhat, Squid-cache | 4 Enterprise Linux, Rhel E4s, Rhel Eus and 1 more | 2025-04-14 | 8.6 High |
| A buffer over-read was discovered in libntlmauth in Squid 2.5 through 5.6. Due to incorrect integer-overflow protection, the SSPI and SMB authentication helpers are vulnerable to reading unintended memory locations. In some configurations, cleartext credentials from these locations are sent to a client. This is fixed in 5.7. | ||||
| CVE-2022-41977 | 1 Openimageio | 1 Openimageio | 2025-04-14 | 3.3 Low |
| An out of bounds read vulnerability exists in the way OpenImageIO version v2.3.19.0 processes string fields in TIFF image files. A specially-crafted TIFF file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2022-41988 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2025-04-14 | 7.5 High |
| An information disclosure vulnerability exists in the OpenImageIO::decode_iptc_iim() functionality of OpenImageIO Project OpenImageIO v2.3.19.0. A specially-crafted TIFF file can lead to a disclosure of sensitive information. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2022-43592 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2025-04-14 | 5.9 Medium |
| An information disclosure vulnerability exists in the DPXOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to leaked heap data. An attacker can provide malicious input to trigger this vulnerability. | ||||
| CVE-2022-43599 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2025-04-14 | 8.1 High |
| Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `xmax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT8` | ||||
| CVE-2022-43600 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2025-04-14 | 8.1 High |
| Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `xmax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT16` | ||||
| CVE-2022-43601 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2025-04-14 | 8.1 High |
| Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `ymax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT16` | ||||
| CVE-2022-41981 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2025-04-14 | 8.1 High |
| A stack-based buffer overflow vulnerability exists in the TGA file format parser of OpenImageIO v2.3.19.0. A specially-crafted targa file can lead to out of bounds read and write on the process stack, which can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2022-4172 | 3 Fedoraproject, Qemu, Redhat | 3 Fedora, Qemu, Enterprise Linux | 2025-04-14 | 6.5 Medium |
| An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record() and write_erst_record() functions. Both issues may allow the guest to overrun the host buffer allocated for the ERST memory device. A malicious guest could use these flaws to crash the QEMU process on the host. | ||||
| CVE-2022-4144 | 3 Fedoraproject, Qemu, Redhat | 5 Extra Packages For Enterprise Linux, Fedora, Qemu and 2 more | 2025-04-14 | 6.5 Medium |
| An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition. | ||||
| CVE-2022-43602 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2025-04-14 | 8.1 High |
| Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `ymax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT8` | ||||
| CVE-2021-38561 | 2 Golang, Redhat | 6 Text, Acm, Container Native Virtualization and 3 more | 2025-04-14 | 7.5 High |
| golang.org/x/text/language in golang.org/x/text before 0.3.7 can panic with an out-of-bounds read during BCP 47 language tag parsing. Index calculation is mishandled. If parsing untrusted user input, this can be used as a vector for a denial-of-service attack. | ||||