Export limit exceeded: 20907 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20907 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-42144 | 1 Contiki-ng | 1 Contiki-ng Tinydtls | 2025-06-20 | 7.5 High |
| Buffer over-read vulnerability in Contiki-NG tinyDTLS through master branch 53a0d97 allows attackers obtain sensitive information via crafted input to dtls_ccm_decrypt_message(). | ||||
| CVE-2024-22957 | 1 Swftools | 1 Swftools | 2025-06-20 | 5.5 Medium |
| swftools 0.9.2 was discovered to contain an Out-of-bounds Read vulnerability via the function dict_do_lookup in swftools/lib/q.c:1190. | ||||
| CVE-2024-38951 | 1 Dronecode | 1 Px4 Drone Autopilot | 2025-06-20 | 6.5 Medium |
| A buffer overflow in PX4-Autopilot v1.12.3 allows attackers to cause a Denial of Service (DoS) via a crafted MavLink message. | ||||
| CVE-2024-38952 | 1 Dronecode | 1 Px4 Drone Autopilot | 2025-06-20 | 7.5 High |
| PX4-Autopilot v1.14.3 was discovered to contain a buffer overflow via the topic_name parameter at /logger/logged_topics.cpp. | ||||
| CVE-2024-54887 | 1 Tp-link | 2 Tl-wr940n, Tl-wr940n Firmware | 2025-06-20 | 8 High |
| TP-Link TL-WR940N V3 and V4 with firmware 3.16.9 and earlier contain a buffer overflow via the dnsserver1 and dnsserver2 parameters at /userRpm/Wan6to4TunnelCfgRpm.htm. This vulnerability allows an authenticated attacker to execute arbitrary code on the remote device in the context of the root user. | ||||
| CVE-2023-48347 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-06-20 | 5.5 Medium |
| In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed | ||||
| CVE-2023-48344 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-06-20 | 5.5 Medium |
| In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed | ||||
| CVE-2023-48341 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-06-20 | 5.5 Medium |
| In video decoder, there is a possible out of bounds read due to improper input validation. This could lead to local denial of service with no additional execution privileges needed | ||||
| CVE-2024-40427 | 1 Dronecode | 1 Px4 Drone Autopilot | 2025-06-20 | 7.9 High |
| Stack Buffer Overflow in PX4-Autopilot v1.14.3, which allows attackers to execute commands to exploit this vulnerability and cause the program to refuse to execute | ||||
| CVE-2024-22058 | 1 Ivanti | 1 Endpoint Manager | 2025-06-20 | N/A |
| A buffer overflow allows a low privilege user on the local machine that has the EPM Agent installed to execute arbitrary code with elevated permissions in Ivanti EPM 2021.1 and older. | ||||
| CVE-2025-25900 | 1 Tp-link | 2 Tl-wr841nd V11, Tl-wr841nd V11 Firmware | 2025-06-20 | 4.9 Medium |
| A buffer overflow vulnerability was discovered in TP-Link TL-WR841ND V11 via the username and password parameters at /userRpm/PPPoEv6CfgRpm.htm. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. | ||||
| CVE-2023-49236 | 1 Trendnet | 2 Tv-ip1314pi, Tv-ip1314pi Firmware | 2025-06-20 | 9.8 Critical |
| A stack-based buffer overflow was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices, leading to arbitrary command execution. This occurs because of lack of length validation during an sscanf of a user-entered scale field in the RTSP playback function of davinci. | ||||
| CVE-2023-47993 | 1 Freeimage Project | 1 Freeimage | 2025-06-20 | 6.5 Medium |
| A Buffer out-of-bound read vulnerability in Exif.cpp::ReadInt32 in FreeImage 3.18.0 allows attackers to cause a denial-of-service. | ||||
| CVE-2023-42862 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-06-20 | 6.5 Medium |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Ventura 13.3, tvOS 16.4, iOS 16.4 and iPadOS 16.4, watchOS 9.4. Processing an image may result in disclosure of process memory. | ||||
| CVE-2023-36629 | 1 St | 1 St54-android-packages-apps-nfc | 2025-06-20 | 5.5 Medium |
| The ST ST54-android-packages-apps-Nfc package before 130-20230215-23W07p0 for Android has an out-of-bounds read. | ||||
| CVE-2025-6130 | 1 Totolink | 2 Ex1200t, Ex1200t Firmware | 2025-06-20 | 8.8 High |
| A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formStats of the component HTTP POST Request Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-6138 | 1 Totolink | 2 T10, T10 Firmware | 2025-06-20 | 8.8 High |
| A vulnerability classified as critical was found in TOTOLINK T10 4.1.8cu.5207. Affected by this vulnerability is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument ssid5g leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-5739 | 1 Totolink | 2 X15, X15 Firmware | 2025-06-20 | 8.8 High |
| A vulnerability classified as critical has been found in TOTOLINK X15 1.0.0-B20230714.1105. This affects an unknown part of the file /boafrm/formSaveConfig of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-0313 | 1 Ollama | 1 Ollama | 2025-06-20 | N/A |
| ** REJECT ** DO NOT USE THIS CVE ID NUMBER. The Rejected CVE Record is a duplicate of CVE-2024-12055. Notes: All CVE users should reference CVE-2024-12055 instead of this CVE Record. All references and descriptions in this candidate have been removed to prevent accidental usage. | ||||
| CVE-2025-6090 | 1 H3c | 1 Gr-5400ax | 2025-06-20 | 8.8 High |
| A vulnerability was found in H3C GR-5400AX V100R009L50 and classified as critical. This issue affects the function UpdateWanparamsMulti/UpdateIpv6params of the file /routing/goform/aspForm. The manipulation of the argument param leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor confirms the existence of this issue. Because they assess the risk as low, they do not have immediate plans for remediation. | ||||