ReportizFlow
Filtered by vendor
Subscriptions
Total
13473 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-29283 | 1 Adobe | 1 Substance 3d Painter | 2025-03-05 | 7.8 High |
| Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-29284 | 1 Adobe | 1 Substance 3d Painter | 2025-03-05 | 7.8 High |
| Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-29285 | 1 Adobe | 1 Substance 3d Painter | 2025-03-05 | 7.8 High |
| Adobe Substance 3D Painter versions 8.3.0 (and earlier) is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-3090 | 3 Debian, Linux, Redhat | 8 Debian Linux, Linux Kernel, Enterprise Linux and 5 more | 2025-03-05 | 7.8 High |
| A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-of-bounds write is caused by missing skb->cb initialization in the ipvlan network driver. The vulnerability is reachable if CONFIG_IPVLAN is enabled. We recommend upgrading past commit 90cbed5247439a966b645b34eb0a2e037836ea8e. | ||||
| CVE-2023-24019 | 1 Milesight | 2 Ur32l, Ur32l Firmware | 2025-03-05 | 8.1 High |
| A stack-based buffer overflow vulnerability exists in the urvpn_client http_connection_readcb functionality of Milesight UR32L v32.3.0.5. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability. | ||||
| CVE-2022-31810 | 1 Siemens | 1 Sipass Integrated | 2025-03-05 | 7.5 High |
| A vulnerability has been identified in SiPass integrated (All versions < V2.90.3.8). Affected server applications improperly check the size of data packets received for the configuration client login, causing a stack-based buffer overflow. This could allow an unauthenticated remote attacker to crash the server application, creating a denial of service condition. | ||||
| CVE-2025-1471 | 1 Eclipse | 1 Omr | 2025-03-05 | 7.8 High |
| In Eclipse OMR versions 0.2.0 to 0.4.0, some of the z/OS atoe print functions use a constant length buffer for string conversion. If the input format string and arguments are larger than the buffer size then buffer overflow occurs. Beginning in version 0.5.0, the conversion buffers are sized correctly and checked appropriately to prevent buffer overflows. | ||||
| CVE-2023-29308 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-03-05 | 7.8 High |
| Adobe InDesign versions ID18.3 (and earlier) and ID17.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-22435 | 1 Honeywell | 4 Direct Station, Engineering Station, Experion Server and 1 more | 2025-03-05 | 7.5 High |
| Experion server may experience a DoS due to a stack overflow when handling a specially crafted message. | ||||
| CVE-2023-23585 | 1 Honeywell | 4 Direct Station, Engineering Station, Experion Server and 1 more | 2025-03-05 | 9.8 Critical |
| Experion server DoS due to heap overflow occurring during the handling of a specially crafted message for a specific configuration operation. See Honeywell Security Notification for recommendations on upgrading and versioning. | ||||
| CVE-2023-24480 | 1 Honeywell | 2 C300, C300 Firmware | 2025-03-05 | 9.8 Critical |
| Controller DoS due to stack overflow when decoding a message from the server. See Honeywell Security Notification for recommendations on upgrading and versioning. | ||||
| CVE-2023-25078 | 1 Honeywell | 4 Direct Station, Engineering Station, Experion Server and 1 more | 2025-03-05 | 9.8 Critical |
| Server or Console Station DoS due to heap overflow occurring during the handling of a specially crafted message for a specific configuration operation. See Honeywell Security Notification for recommendations on upgrading and versioning. | ||||
| CVE-2023-26597 | 1 Honeywell | 2 C300, C300 Firmware | 2025-03-05 | 7.5 High |
| Controller DoS due to buffer overflow in the handling of a specially crafted message received by the controller. See Honeywell Security Notification for recommendations on upgrading and versioning. See Honeywell Security Notification for recommendations on upgrading and versioning. | ||||
| CVE-2021-39822 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-03-05 | 7.8 High |
| Adobe InDesign versions 16.3 (and earlier), and 16.3.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious BMP file. | ||||
| CVE-2022-4608 | 1 Hitachienergy | 2 Rtu500, Rtu500 Firmware | 2025-03-05 | 7.5 High |
| A vulnerability exists in HCI IEC 60870-5-104 function included in certain versions of the RTU500 series product. The vulnerability can only be exploited, if the HCI 60870-5-104 is configured with support for IEC 62351-3. After session resumption interval is expired an RTU500 initiated update of session parameters causes an unexpected restart due to a stack overflow. | ||||
| CVE-2022-47457 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-05 | 5.5 Medium |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | ||||
| CVE-2022-47459 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-05 | 5.5 Medium |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | ||||
| CVE-2024-24581 | 1 Openatom | 1 Openharmony | 2025-03-05 | 6.5 Medium |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution through out-of-bounds write. | ||||
| CVE-2020-16291 | 4 Artifex, Canonical, Debian and 1 more | 4 Ghostscript, Ubuntu Linux, Debian Linux and 1 more | 2025-03-04 | 5.5 Medium |
| A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. | ||||
| CVE-2025-0840 | 1 Gnu | 1 Binutils | 2025-03-04 | 5 Medium |
| A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemble_bytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.44 is able to address this issue. The identifier of the patch is baac6c221e9d69335bf41366a1c7d87d8ab2f893. It is recommended to upgrade the affected component. | ||||