Export limit exceeded: 13752 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13752 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-5436 | 4 Debian, Mozilla, Redhat and 1 more | 10 Debian Linux, Firefox, Thunderbird and 7 more | 2025-11-25 | N/A |
| An out-of-bounds write in the Graphite 2 library triggered with a maliciously crafted Graphite font. This results in a potentially exploitable crash. This issue was fixed in the Graphite 2 library as well as Mozilla products. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 45.9, Firefox ESR < 52.1, and Firefox < 53. | ||||
| CVE-2019-11693 | 3 Linux, Mozilla, Redhat | 4 Linux Kernel, Firefox, Thunderbird and 1 more | 2025-11-25 | N/A |
| The bufferdata function in WebGL is vulnerable to a buffer overflow with specific graphics drivers on Linux. This could result in malicious content freezing a tab or triggering a potentially exploitable crash. *Note: this issue only occurs on Linux. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.7, Firefox < 67, and Firefox ESR < 60.7. | ||||
| CVE-2018-5146 | 4 Canonical, Debian, Mozilla and 1 more | 11 Ubuntu Linux, Debian Linux, Firefox and 8 more | 2025-11-25 | N/A |
| An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7. | ||||
| CVE-2014-1523 | 7 Canonical, Debian, Fedoraproject and 4 more | 16 Ubuntu Linux, Debian Linux, Fedora and 13 more | 2025-11-25 | 6.5 Medium |
| Heap-based buffer overflow in the read_u32 function in Mozilla Firefox before 29.0, Firefox ESR 24.x before 24.5, Thunderbird before 24.5, and SeaMonkey before 2.26 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted JPEG image. | ||||
| CVE-2019-11740 | 4 Canonical, Mozilla, Opensuse and 1 more | 6 Ubuntu Linux, Firefox, Firefox Esr and 3 more | 2025-11-25 | 8.8 High |
| Mozilla developers and community members reported memory safety bugs present in Firefox 68, Firefox ESR 68, and Firefox 60.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 69, Thunderbird < 68.1, Thunderbird < 60.9, Firefox ESR < 60.9, and Firefox ESR < 68.1. | ||||
| CVE-2018-12379 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Thunderbird and 7 more | 2025-11-25 | N/A |
| When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires running the Mozilla Updater manually on the local system with the malicious MAR file in order to occur. This vulnerability affects Firefox < 62, Firefox ESR < 60.2, and Thunderbird < 60.2.1. | ||||
| CVE-2023-52482 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2025-11-25 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: x86/srso: Add SRSO mitigation for Hygon processors Add mitigation for the speculative return stack overflow vulnerability which exists on Hygon processors too. | ||||
| CVE-2022-50156 | 1 Linux | 1 Linux Kernel | 2025-11-25 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: HID: cp2112: prevent a buffer overflow in cp2112_xfer() Smatch warnings: drivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy() 'data->block[1]' too small (33 vs 255) drivers/hid/hid-cp2112.c:793 cp2112_xfer() error: __memcpy() 'buf' too small (64 vs 255) The 'read_length' variable is provided by 'data->block[0]' which comes from user and it(read_length) can take a value between 0-255. Add an upper bound to 'read_length' variable to prevent a buffer overflow in memcpy(). | ||||
| CVE-2025-13021 | 1 Mozilla | 1 Firefox | 2025-11-25 | 9.8 Critical |
| Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145. | ||||
| CVE-2025-13022 | 1 Mozilla | 1 Firefox | 2025-11-25 | 9.8 Critical |
| Incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145. | ||||
| CVE-2025-13023 | 1 Mozilla | 1 Firefox | 2025-11-25 | 9.8 Critical |
| Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145. | ||||
| CVE-2025-13026 | 1 Mozilla | 1 Firefox | 2025-11-25 | 9.8 Critical |
| Sandbox escape due to incorrect boundary conditions in the Graphics: WebGPU component. This vulnerability affects Firefox < 145 and Thunderbird < 145. | ||||
| CVE-2022-50235 | 1 Linux | 1 Linux Kernel | 2025-11-24 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: NFSD: Protect against send buffer overflow in NFSv2 READDIR Restore the previous limit on the @count argument to prevent a buffer overflow attack. | ||||
| CVE-2011-2462 | 5 Adobe, Apple, Microsoft and 2 more | 6 Acrobat, Acrobat Reader, Mac Os X and 3 more | 2025-11-22 | 8.8 High |
| Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011. | ||||
| CVE-2025-34105 | 1 Flexense | 1 Diskboss | 2025-11-21 | N/A |
| A stack-based buffer overflow vulnerability exists in the built-in web interface of DiskBoss Enterprise versions 7.4.28, 7.5.12, and 8.2.14. The vulnerability arises from improper bounds checking on the path component of HTTP GET requests. By sending a specially crafted long URI, a remote unauthenticated attacker can trigger a buffer overflow, potentially leading to arbitrary code execution with SYSTEM privileges on vulnerable Windows hosts. | ||||
| CVE-2025-5601 | 1 Wireshark | 1 Wireshark | 2025-11-21 | 7.8 High |
| Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2023-30800 | 1 Mikrotik | 1 Routeros | 2025-11-21 | 7.5 High |
| The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP request. As a result, the web interface crashes and is immediately restarted. The issue was fixed in RouterOS 6.49.10 stable. RouterOS version 7 is not affected. | ||||
| CVE-2013-3346 | 2 Adobe, Redhat | 3 Acrobat, Acrobat Reader, Rhel Extras | 2025-11-21 | 8.8 High |
| Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. | ||||
| CVE-2023-4042 | 2 Artifex, Redhat | 9 Ghostscript, Codeready Linux Builder, Codeready Linux Builder For Arm64 and 6 more | 2025-11-21 | 5.5 Medium |
| A flaw was found in ghostscript. The fix for CVE-2020-16305 in ghostscript was not included in RHSA-2021:1852-06 advisory as it was claimed to be. This issue only affects the ghostscript package as shipped with Red Hat Enterprise Linux 8. | ||||
| CVE-2023-6228 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-11-21 | 3.3 Low |
| An issue was found in the tiffcp utility distributed by the libtiff package where a crafted TIFF file on processing may cause a heap-based buffer overflow leads to an application crash. | ||||