Total
13692 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-20067 | 1 Cisco | 3 Cisco Utd Snort Ips Engine Software, Cyber Vision, Secure Firewall Threat Defense | 2026-03-05 | 5.8 Medium |
| Multiple Cisco products are affected by a vulnerability in the Snort 3 detection engine that could allow an unauthenticated, remote attacker to cause the Snort 3 Detection Engine to restart, resulting in an interruption of packet inspection. This vulnerability is due to incomplete error checking when parsing the Multicast DNS fields of the HTTP header. An attacker could exploit this vulnerability by sending crafted HTTP packets through an established connection to be parsed by Snort 3. A successful exploit could allow the attacker to cause a DoS condition when the Snort 3 Detection Engine unexpectedly restarts. | ||||
| CVE-2026-20023 | 1 Cisco | 2 Adaptive Security Appliance Software, Secure Firewall Threat Defense | 2026-03-05 | 6.1 Medium |
| A vulnerability in the OSPF protocol of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to corrupt memory on an affected device, resulting in a denial of service (DoS) condition. This vulnerability is due to memory corruption when parsing OSPF protocol packets. An attacker could exploit this vulnerability by sending crafted OSPF packets to an affected device. A successful exploit could allow the attacker to cause memory corruption causing the affected device to reboot, resulting in a DoS condition. | ||||
| CVE-2026-1678 | 2026-03-05 | 9.4 Critical | ||
| dns_unpack_name() caches the buffer tailroom once and reuses it while appending DNS labels. As the buffer grows, the cached size becomes incorrect, and the final null terminator can be written past the buffer. With assertions disabled (default), a malicious DNS response can trigger an out-of-bounds write when CONFIG_DNS_RESOLVER is enabled. | ||||
| CVE-2026-25068 | 1 Alsa-project | 1 Alsa-lib | 2026-03-05 | 4.3 Medium |
| alsa-lib versions 1.2.2 up to and including 1.2.15.2, prior to commit 5f7fe33, contain a heap-based buffer overflow in the topology mixer control decoder. The tplg_decode_control_mixer1() function reads the num_channels field from untrusted .tplg data and uses it as a loop bound without validating it against the fixed-size channel array (SND_TPLG_MAX_CHAN). A crafted topology file with an excessive num_channels value can cause out-of-bounds heap writes, leading to a crash. | ||||
| CVE-2026-22189 | 2 Cmu, Panda3d | 2 Panda3d, Panda3d | 2026-03-05 | 9.8 Critical |
| Panda3D versions up to and including 1.10.16 egg-mkfont contains a stack-based buffer overflow vulnerability due to use of an unbounded sprintf() call with attacker-controlled input. When constructing glyph filenames, egg-mkfont formats a user-supplied glyph pattern (-gp) into a fixed-size stack buffer without length validation. Supplying an excessively long glyph pattern string can overflow the stack buffer, resulting in memory corruption and a deterministic crash. Depending on build configuration and execution environment, the overflow may also be exploitable for arbitrary code execution. | ||||
| CVE-2026-22184 | 1 Zlib | 1 Zlib | 2026-03-05 | 9.8 Critical |
| zlib versions up to and including 1.3.1.2 include a global buffer overflow in the untgz utility located under contrib/untgz. The vulnerability is limited to the standalone demonstration utility and does not affect the core zlib compression library. The flaw occurs when a user executes the untgz command with an excessively long archive name supplied via the command line, leading to an out-of-bounds write in a fixed-size global buffer. | ||||
| CVE-2023-54330 | 2 Inbit, Yahoo | 2 Inbit Messenger, Messenger | 2026-03-05 | 9.8 Critical |
| Inbit Messenger versions 4.6.0 to 4.9.0 contain a remote stack-based buffer overflow vulnerability that allows unauthenticated attackers to execute arbitrary code by sending malformed network packets. Attackers can craft a specially designed payload targeting the messenger's network handler to overwrite the Structured Exception Handler (SEH) and execute shellcode on vulnerable Windows systems. | ||||
| CVE-2023-54329 | 2 Inbit, Yahoo | 2 Inbit Messenger, Messenger | 2026-03-05 | 9.8 Critical |
| Inbit Messenger 4.6.0 - 4.9.0 contains a remote command execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by exploiting a stack overflow in the messenger's protocol. Attackers can send specially crafted XML packets to port 10883 with a malicious payload to trigger the vulnerability and execute commands with system privileges. | ||||
| CVE-2020-37140 | 2 Finalwire, Linuxfoundation | 2 Everest, Everest | 2026-03-05 | 5.5 Medium |
| Everest, later referred to as AIDA64, 5.50.2100 contains a denial of service vulnerability that allows local attackers to crash the application by manipulating file open functionality. Attackers can generate a 450-byte buffer of repeated characters and paste it into the file open dialog to trigger an application crash. | ||||
| CVE-2020-37011 | 1 Gnome | 2 Fonts Viewer, Gnome-font-viewer | 2026-03-05 | 7.5 High |
| Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to trigger an out-of-bounds write by crafting a malicious TTF font file. Attackers can generate a specially crafted TTF file with an oversized pattern to cause an infinite malloc() loop and potentially crash the gnome-font-viewer process. | ||||
| CVE-2025-47373 | 1 Qualcomm | 376 Ar8035, Ar8035 Firmware, Cologne and 373 more | 2026-03-04 | 7.8 High |
| Memory Corruption when accessing buffers with invalid length during TA invocation. | ||||
| CVE-2025-13016 | 1 Mozilla | 2 Firefox, Firefox Esr | 2026-03-04 | 7.5 High |
| Incorrect boundary conditions in the JavaScript: WebAssembly component. This vulnerability affects Firefox < 145, Firefox ESR < 140.5, Thunderbird < 145, and Thunderbird < 140.5. | ||||
| CVE-2026-27622 | 1 Academysoftwarefoundation | 1 Openexr | 2026-03-04 | 7.4 High |
| OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In CompositeDeepScanLine::readPixels, per-pixel totals are accumulated in vector<unsigned int> total_sizes for attacker-controlled large counts across many parts, total_sizes[ptr] wraps modulo 2^32. overall_sample_count is then derived from wrapped totals and used in samples[channel].resize(overall_sample_count). Decode pointer setup/consumption proceeds with true sample counts, and write operations in core unpack (generic_unpack_deep_pointers) overrun the undersized composite sample buffer. This vulnerability is fixed in v3.2.6, v3.3.8, and v3.4.6. | ||||
| CVE-2026-3094 | 1 Deltaww | 1 Cncsoft-g2 | 2026-03-04 | 7.8 High |
| Delta Electronics CNCSoft-G2 lacks proper validation of the user-supplied file. If a user opens a malicious file, an attacker can leverage this vulnerability to execute code in the context of the current process. | ||||
| CVE-2025-66945 | 1 Zdir | 1 Zdir | 2026-03-04 | 9.1 Critical |
| A path traversal vulnerability exists in the ZIP extraction API of Zdir Pro 4.x. When a crafted ZIP archive is processed by the backend at /api/extract, files may be written outside the intended directory, leading to arbitrary file overwrite and potentially remote code execution | ||||
| CVE-2026-3342 | 1 Watchguard | 1 Fireware Os | 2026-03-04 | N/A |
| An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an authenticated privileged administrator to execute arbitrary code with root permissions via an exposed management interface. This vulnerability affects Fireware OS 11.9 up to and including 11.12.4_Update1, 12.0 up to and including 12.11.7 and 2025.1 up to and including 2026.1.1. | ||||
| CVE-2026-0032 | 1 Google | 1 Android | 2026-03-04 | 7.8 High |
| In multiple functions of mem_protect.c, there is a possible out-of-bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-0010 | 1 Google | 1 Android | 2026-03-04 | 8.4 High |
| In onTransact of IDrmManagerService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-3408 | 1 Openbabel | 1 Open Babel | 2026-03-04 | 4.3 Medium |
| A vulnerability was identified in Open Babel up to 3.1.1. This impacts the function OBAtom::GetExplicitValence of the file isrc/atom.cpp of the component CDXML File Handler. Such manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit is publicly available and might be used. The name of the patch is e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a. It is best practice to apply a patch to resolve this issue. | ||||
| CVE-2026-3400 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2026-03-03 | 8.8 High |
| A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by this issue is some unknown functionality of the file /goform/TextEditingConversion. The manipulation of the argument wpapsk_crypto2_4g results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. | ||||