Export limit exceeded: 10082 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 13699 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13699 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-29749 | 1 Google | 1 Android | 2025-06-17 | 8.4 High |
| In tmu_set_tr_thresholds of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-29746 | 1 Google | 1 Android | 2025-06-17 | 8.4 High |
| In lpm_req_handler of lpm.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-29743 | 1 Google | 2 Android, Pixel | 2025-06-17 | 7.7 High |
| In tmu_set_temp_lut of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-29740 | 1 Google | 1 Android | 2025-06-17 | 7.4 High |
| In tmu_set_table of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-5503 | 1 Totolink | 2 X15, X15 Firmware | 2025-06-17 | 8.8 High |
| A vulnerability, which was classified as critical, was found in TOTOLINK X15 1.0.0-B20230714.1105. This affects the function formMapReboot of the file /boafrm/formMapReboot. The manipulation of the argument deviceMacAddr leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-49129 | 1 Siemens | 1 Solid Edge Se2023 | 2025-06-17 | 7.8 High |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain a stack overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2023-37296 | 1 Ami | 1 Megarac Sp-x | 2025-06-17 | 8.3 High |
| AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | ||||
| CVE-2023-37295 | 1 Ami | 1 Megarac Sp-x | 2025-06-17 | 8.3 High |
| AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | ||||
| CVE-2023-37294 | 1 Ami | 1 Megarac Sp-x | 2025-06-17 | 8.3 High |
| AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | ||||
| CVE-2023-37293 | 1 Ami | 1 Megarac Sp-x | 2025-06-17 | 9.6 Critical |
| AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | ||||
| CVE-2023-3043 | 1 Ami | 1 Megarac Sp-x | 2025-06-17 | 9.6 Critical |
| AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | ||||
| CVE-2023-7213 | 1 Totolink | 2 N350rt, N350rt Firmware | 2025-06-17 | 6.3 Medium |
| A vulnerability classified as critical was found in Totolink N350RT 9.3.5u.6139_B20201216. Affected by this vulnerability is the function main of the file /cgi-bin/cstecgi.cgi?action=login&flag=1 of the component HTTP POST Request Handler. The manipulation of the argument v33 leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249769 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2021-42028 | 1 Siemens-healthineers | 1 Syngo Fastview | 2025-06-17 | 7.8 High |
| A vulnerability has been identified in syngo fastView (All versions). The affected application lacks proper validation of user-supplied data when parsing BMP files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14860) | ||||
| CVE-2021-40367 | 1 Siemens-healthineers | 1 Syngo Fastview | 2025-06-17 | 7.8 High |
| A vulnerability has been identified in syngo fastView (All versions). The affected application lacks proper validation of user-supplied data when parsing DICOM files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-15097) | ||||
| CVE-2023-52304 | 1 Paddlepaddle | 1 Paddlepaddle | 2025-06-17 | 8.2 High |
| Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage. | ||||
| CVE-2022-36660 | 1 Xhyve Project | 1 Xhyve | 2025-06-17 | 9.8 Critical |
| xhyve commit dfbe09b was discovered to contain a stack buffer overflow via the component pci_vtrnd_notify(). | ||||
| CVE-2022-36513 | 1 H3c | 2 Gr-1200w, Gr-1200w Firmware | 2025-06-17 | 9.8 Critical |
| H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function edditactionlist. | ||||
| CVE-2022-36511 | 1 H3c | 2 Gr-1200w, Gr-1200w Firmware | 2025-06-17 | 9.8 Critical |
| H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function EditApAdvanceInfo. | ||||
| CVE-2022-36508 | 1 H3c | 2 Magic Nx18 Plus, Magic Nx18 Plus Firmware | 2025-06-17 | 7.8 High |
| H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetAPInfoById. | ||||
| CVE-2022-36504 | 1 H3c | 2 Magic Nx18 Plus, Magic Nx18 Plus Firmware | 2025-06-17 | 7.8 High |
| H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Edit_BasicSSID. | ||||