Export limit exceeded: 43034 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21434 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-41204 | 1 Dlink | 2 Dap-1325, Dap-1325 Firmware | 2025-03-12 | 8.8 High |
| D-Link DAP-1325 SetAPLanSettings SecondaryDNS Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of XML data provided to the HNAP1 SOAP endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18830. | ||||
| CVE-2023-41203 | 1 Dlink | 2 Dap-1325, Dap-1325 Firmware | 2025-03-12 | 8.8 High |
| D-Link DAP-1325 SetAPLanSettings PrimaryDNS Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of XML data provided to the HNAP1 SOAP endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18829. | ||||
| CVE-2023-41202 | 1 Dlink | 2 Dap-1325, Dap-1325 Firmware | 2025-03-12 | 8.8 High |
| D-Link DAP-1325 SetAPLanSettings Mode Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of XML data provided to the HNAP1 SOAP endpoint. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-18828. | ||||
| CVE-2024-27329 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2025-03-12 | 5.5 Medium |
| PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XPS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22285. | ||||
| CVE-2022-46440 | 1 Swftools | 1 Swftools | 2025-03-12 | 5.5 Medium |
| ttftool v0.9.2 was discovered to contain a segmentation violation via the readU16 function at ttf.c. | ||||
| CVE-2021-33367 | 1 Freeimage Project | 1 Freeimage | 2025-03-12 | 5.5 Medium |
| Buffer Overflow vulnerability in Freeimage v3.18.0 allows attacker to cause a denial of service via a crafted JXR file. | ||||
| CVE-2023-23502 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-03-12 | 5.5 Medium |
| An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, tvOS 16.3, watchOS 9.3. An app may be able to determine kernel memory layout. | ||||
| CVE-2021-35369 | 1 Txjia | 1 Imcat | 2025-03-12 | 6.5 Medium |
| Arbitrary File Read vulnerability found in Peacexie ImCat v.5.2 fixed in v.5.4 allows attackers to obtain sensitive information via the filtering_get_contents function. | ||||
| CVE-2023-0996 | 1 Struktur | 1 Libheif | 2025-03-11 | 7.8 High |
| There is a vulnerability in the strided image data parsing code in the emscripten wrapper for libheif. An attacker could exploit this through a crafted image file to cause a buffer overflow in linear memory during a memcpy call. | ||||
| CVE-2022-48260 | 1 Huawei | 2 Bisheng-wnm, Bisheng-wnm Firmware | 2025-03-11 | 7.5 High |
| There is a buffer overflow vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could lead to device service exceptions. | ||||
| CVE-2022-32830 | 1 Apple | 3 Ipados, Iphone Os, Tvos | 2025-03-11 | 7.5 High |
| An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.6, iOS 15.6 and iPadOS 15.6. Processing a maliciously crafted image may lead to disclosure of user information. | ||||
| CVE-2023-34256 | 3 Debian, Linux, Suse | 3 Debian Linux, Linux Kernel, Linux Enterprise | 2025-03-11 | 5.5 Medium |
| An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated "When modifying the block device while it is mounted by the filesystem" access. | ||||
| CVE-2022-35831 | 1 Microsoft | 16 Windows 10, Windows 10 1507, Windows 10 1607 and 13 more | 2025-03-11 | 5.5 Medium |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | ||||
| CVE-2025-23418 | 1 Openatom | 1 Openharmony | 2025-03-11 | 3.3 Low |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | ||||
| CVE-2022-32891 | 2 Apple, Redhat | 6 Iphone Os, Safari, Tvos and 3 more | 2025-03-11 | 6.1 Medium |
| The issue was addressed with improved UI handling. This issue is fixed in Safari 16, tvOS 16, watchOS 9, iOS 16. Visiting a website that frames malicious content may lead to UI spoofing. | ||||
| CVE-2023-27371 | 2 Gnu, Redhat | 3 Libmicrohttpd, Enterprise Linux, Rhel Eus | 2025-03-11 | 5.9 Medium |
| GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a multipart/form-data boundary field, which - assuming a specific heap layout - will result in an out-of-bounds read and a crash in the find_boundary() function. | ||||
| CVE-2023-3268 | 3 Debian, Linux, Redhat | 5 Debian Linux, Linux Kernel, Enterprise Linux and 2 more | 2025-03-11 | 7.1 High |
| An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This flaw could allow a local attacker to crash the system or leak kernel internal information. | ||||
| CVE-2022-42833 | 1 Apple | 1 Macos | 2025-03-11 | 7.8 High |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2023-22753 | 1 Arubanetworks | 2 Arubaos, Sd-wan | 2025-03-11 | 8.1 High |
| There are buffer overflow vulnerabilities in multiple underlying operating system processes that could lead to unauthenticated remote code execution by sending specially crafted packets via the PAPI protocol. Successful exploitation of these vulnerabilities result in the ability to execute arbitrary code as a privileged user on the underlying operating system. | ||||
| CVE-2024-2546 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-11 | 8.8 High |
| A vulnerability has been found in Tenda AC18 15.13.07.09 and classified as critical. Affected by this vulnerability is the function fromSetWirelessRepeat. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256999. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||