Export limit exceeded: 34810 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13905 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-29133 | 3 Apache, Fedoraproject, Redhat | 5 Commons Configuration, Fedora, Amq Broker and 2 more | 2025-05-01 | 5.4 Medium |
| Out-of-bounds Write vulnerability in Apache Commons Configuration.This issue affects Apache Commons Configuration: from 2.0 before 2.10.1. Users are recommended to upgrade to version 2.10.1, which fixes the issue. | ||||
| CVE-2023-5474 | 2 Debian, Google | 2 Debian Linux, Chrome | 2025-05-01 | 8.8 High |
| Heap buffer overflow in PDF in Google Chrome prior to 118.0.5993.70 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file. (Chromium security severity: Medium) | ||||
| CVE-2023-5176 | 3 Debian, Mozilla, Redhat | 9 Debian Linux, Firefox, Firefox Esr and 6 more | 2025-05-01 | 9.8 Critical |
| Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 118, Firefox ESR < 115.3, and Thunderbird < 115.3. | ||||
| CVE-2022-44321 | 1 Picoc Project | 1 Picoc | 2025-05-01 | 5.5 Medium |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the LexSkipComment function in lex.c when called from LexScanGetToken. | ||||
| CVE-2022-44320 | 1 Picoc Project | 1 Picoc | 2025-05-01 | 5.5 Medium |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionCoerceFP function in expression.c when called from ExpressionParseFunctionCall. | ||||
| CVE-2022-44316 | 1 Picoc Project | 1 Picoc | 2025-05-01 | 5.5 Medium |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the LexGetStringConstant function in lex.c when called from LexScanGetToken. | ||||
| CVE-2022-44315 | 1 Picoc Project | 1 Picoc | 2025-05-01 | 5.5 Medium |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionAssign function in expression.c when called from ExpressionParseFunctionCall. | ||||
| CVE-2022-44314 | 1 Picoc Project | 1 Picoc | 2025-05-01 | 5.5 Medium |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StringStrncpy function in cstdlib/string.c when called from ExpressionParseFunctionCall. | ||||
| CVE-2022-44313 | 1 Picoc Project | 1 Picoc | 2025-05-01 | 5.5 Medium |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the ExpressionCoerceUnsignedInteger function in expression.c when called from ExpressionParseFunctionCall. | ||||
| CVE-2021-40226 | 1 Glyphandcog | 1 Xpdfreader | 2025-05-01 | 7.5 High |
| xpdfreader 4.03 is vulnerable to Buffer Overflow. | ||||
| CVE-2022-20462 | 1 Google | 1 Android | 2025-05-01 | 7.8 High |
| In phNxpNciHal_write_unlocked of phNxpNciHal.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-230356196 | ||||
| CVE-2021-39661 | 1 Google | 1 Android | 2025-05-01 | 7.8 High |
| In _PMRLogicalOffsetToPhysicalOffset of the PowerVR kernel driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-246824784 | ||||
| CVE-2021-1050 | 1 Google | 1 Android | 2025-05-01 | 7.8 High |
| In MMU_UnmapPages of the PowerVR kernel driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-243825200 | ||||
| CVE-2021-39275 | 7 Apache, Debian, Fedoraproject and 4 more | 14 Http Server, Debian Linux, Fedora and 11 more | 2025-05-01 | 9.8 Critical |
| ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier. | ||||
| CVE-2021-44790 | 8 Apache, Apple, Debian and 5 more | 20 Http Server, Mac Os X, Macos and 17 more | 2025-05-01 | 9.8 Critical |
| A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. | ||||
| CVE-2022-23943 | 5 Apache, Debian, Fedoraproject and 2 more | 8 Http Server, Debian Linux, Fedora and 5 more | 2025-05-01 | 9.8 Critical |
| Out-of-bounds Write vulnerability in mod_sed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions. | ||||
| CVE-2022-44318 | 1 Picoc Project | 1 Picoc | 2025-05-01 | 5.5 Medium |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StringStrcat function in cstdlib/string.c when called from ExpressionParseFunctionCall. | ||||
| CVE-2022-44317 | 1 Picoc Project | 1 Picoc | 2025-05-01 | 5.5 Medium |
| PicoC Version 3.2.2 was discovered to contain a heap buffer overflow in the StdioOutPutc function in cstdlib/stdio.c when called from ExpressionParseFunctionCall. | ||||
| CVE-2022-41211 | 1 Sap | 2 3d Visual Enterprise Author, 3d Visual Enterprise Viewer | 2025-05-01 | 7 High |
| Due to lack of proper memory management, when a victim opens manipulated file received from untrusted sources in SAP 3D Visual Enterprise Author and SAP 3D Visual Enterprise Viewer, Arbitrary Code Execution can be triggered when payload forces:Re-use of dangling pointer which refers to overwritten space in memory. The accessed memory must be filled with code to execute the attack. Therefore, repeated success is unlikely.Stack-based buffer overflow. Since the memory overwritten is random, based on access rights of the memory, repeated success is not assured. | ||||
| CVE-2022-43294 | 1 Tasmota Project | 1 Tasmota | 2025-04-30 | 9.8 Critical |
| Tasmota before commit 066878da4d4762a9b6cb169fdf353e804d735cfd was discovered to contain a stack overflow via the ClientPortPtr parameter at lib/libesp32/rtsp/CRtspSession.cpp. | ||||