Export limit exceeded: 44173 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 19402 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19402 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-24697 | 1 Apache | 1 Kylin | 2025-05-16 | 9.8 Critical |
| Kylin's cube designer function has a command injection vulnerability when overwriting system parameters in the configuration overwrites menu. RCE can be implemented by closing the single quotation marks around the parameter value of “-- conf=” to inject any operating system command into the command line parameters. This vulnerability affects Kylin 2 version 2.6.5 and earlier, Kylin 3 version 3.1.2 and earlier, and Kylin 4 version 4.0.1 and earlier. | ||||
| CVE-2022-34427 | 1 Dell | 1 Container Storage Modules | 2025-05-16 | 8.8 High |
| Dell Container Storage Modules 1.2 contains an OS Command Injection in goiscsi and gobrick libraries. A remote unauthenticated attacker could exploit this vulnerability leading to modification of intended OS command execution. | ||||
| CVE-2025-4059 | 1 Code-projects | 1 Prison Management System | 2025-05-15 | 5.3 Medium |
| A vulnerability classified as critical was found in code-projects Prison Management System 1.0. This vulnerability affects the function addrecord of the component Prison_Mgmt_Sys. The manipulation of the argument filename leads to stack-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-25447 | 1 Enlightenment | 1 Imlib2 | 2025-05-15 | 8.8 High |
| An issue in the imlib_load_image_with_error_return function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image. | ||||
| CVE-2024-25004 | 1 9bis | 1 Kitty | 2025-05-15 | 7.8 High |
| KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the username, occurs due to insufficient bounds checking and input sanitization (at line 2600). This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution. | ||||
| CVE-2024-24543 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-05-15 | 9.8 Critical |
| Buffer Overflow vulnerability in the function setSchedWifi in Tenda AC9 v.3.0, firmware version v.15.03.06.42_multi allows a remote attacker to cause a denial of service or run arbitrary code via crafted overflow data. | ||||
| CVE-2024-23978 | 1 Kddi | 2 Home Spot Cube 2, Home Spot Cube 2 Firmware | 2025-05-15 | 9.8 Critical |
| Heap-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. By processing invalid values, arbitrary code may be executed. Note that the affected products are no longer supported. | ||||
| CVE-2024-22852 | 1 Dlink | 2 Go-rt-ac750, Go-rt-ac750 Firmware | 2025-05-15 | 9.8 Critical |
| D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function genacgi_main. This vulnerability allows attackers to enable telnet service via a specially crafted payload. | ||||
| CVE-2024-20813 | 1 Samsung | 1 Android | 2025-05-15 | 8.4 High |
| Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code. | ||||
| CVE-2024-20812 | 1 Samsung | 1 Android | 2025-05-15 | 8.4 High |
| Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code. | ||||
| CVE-2024-20007 | 2 Google, Mediatek | 34 Android, Mt6580, Mt6739 and 31 more | 2025-05-15 | 7.5 High |
| In mp3 decoder, there is a possible out of bounds write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441369; Issue ID: ALPS08441369. | ||||
| CVE-2024-20001 | 2 Google, Mediatek | 59 Android, Mt5583, Mt5586 and 56 more | 2025-05-15 | 6.7 Medium |
| In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961601; Issue ID: DTV03961601. | ||||
| CVE-2023-5643 | 1 Arm | 3 5th Gen Gpu Architecture Kernel Driver, Bifrost Gpu Kernel Driver, Valhall Gpu Kernel Driver | 2025-05-15 | 7.8 High |
| Out-of-bounds Write vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. Depending on the configuration of the Mali GPU Kernel Driver, and if the system’s memory is carefully prepared by the user, then this in turn could write to memory outside of buffer bounds.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r45p0; Valhall GPU Kernel Driver: from r41p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r45p0. | ||||
| CVE-2022-35040 | 1 Otfcc Project | 1 Otfcc | 2025-05-15 | 6.5 Medium |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b5567. | ||||
| CVE-2023-6387 | 1 Silabs | 1 Gecko Software Development Kit | 2025-05-15 | 7.5 High |
| A potential buffer overflow exists in the Bluetooth LE HCI CPC sample application in the Gecko SDK which may result in a denial of service or remote code execution | ||||
| CVE-2023-39297 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2025-05-15 | 8.8 High |
| An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QTS 4.5.4.2627 build 20231225 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTS hero h4.5.4.2626 build 20231225 and later QuTScloud c5.1.5.2651 and later | ||||
| CVE-2023-41281 | 1 Qnap | 3 Qts, Quts Hero, Qutscloud | 2025-05-15 | 5.5 Medium |
| An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.4.2596 build 20231128 and later QuTS hero h5.1.4.2596 build 20231128 and later QuTScloud c5.1.5.2651 and later | ||||
| CVE-2023-43516 | 1 Qualcomm | 16 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 13 more | 2025-05-15 | 7.8 High |
| Memory corruption when malformed message payload is received from firmware. | ||||
| CVE-2023-43517 | 1 Qualcomm | 38 Qam8255p, Qam8255p Firmware, Qam8295p and 35 more | 2025-05-15 | 8.4 High |
| Memory corruption in Automotive Multimedia due to improper access control in HAB. | ||||
| CVE-2022-42080 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2025-05-15 | 7.5 High |
| Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a heap overflow via sched_start_time parameter. | ||||