ReportizFlow
Filtered by vendor
Subscriptions
Total
12552 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-25447 | 1 Enlightenment | 1 Imlib2 | 2025-05-15 | 8.8 High |
| An issue in the imlib_load_image_with_error_return function of imlib2 v1.9.1 allows attackers to cause a heap buffer overflow via parsing a crafted image. | ||||
| CVE-2024-25004 | 1 9bis | 1 Kitty | 2025-05-15 | 7.8 High |
| KiTTY versions 0.76.1.13 and before is vulnerable to a stack-based buffer overflow via the username, occurs due to insufficient bounds checking and input sanitization (at line 2600). This allows an attacker to overwrite adjacent memory, which leads to arbitrary code execution. | ||||
| CVE-2024-24543 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-05-15 | 9.8 Critical |
| Buffer Overflow vulnerability in the function setSchedWifi in Tenda AC9 v.3.0, firmware version v.15.03.06.42_multi allows a remote attacker to cause a denial of service or run arbitrary code via crafted overflow data. | ||||
| CVE-2024-23978 | 1 Kddi | 2 Home Spot Cube 2, Home Spot Cube 2 Firmware | 2025-05-15 | 9.8 Critical |
| Heap-based buffer overflow vulnerability exists in HOME SPOT CUBE2 V102 and earlier. By processing invalid values, arbitrary code may be executed. Note that the affected products are no longer supported. | ||||
| CVE-2024-22852 | 1 Dlink | 2 Go-rt-ac750, Go-rt-ac750 Firmware | 2025-05-15 | 9.8 Critical |
| D-Link Go-RT-AC750 GORTAC750_A1_FW_v101b03 contains a stack-based buffer overflow via the function genacgi_main. This vulnerability allows attackers to enable telnet service via a specially crafted payload. | ||||
| CVE-2024-22667 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2025-05-15 | 7.8 High |
| Vim before 9.0.2142 has a stack-based buffer overflow because did_set_langmap in map.c calls sprintf to write to the error buffer that is passed down to the option callback functions. | ||||
| CVE-2024-20813 | 1 Samsung | 1 Android | 2025-05-15 | 8.4 High |
| Out-of-bounds Write in padmd_vld_qtbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code. | ||||
| CVE-2024-20812 | 1 Samsung | 1 Android | 2025-05-15 | 8.4 High |
| Out-of-bounds Write in padmd_vld_htbl of libpadm.so prior to SMR Feb-2024 Release 1 allows local attacker to execute arbitrary code. | ||||
| CVE-2024-20007 | 2 Google, Mediatek | 34 Android, Mt6580, Mt6739 and 31 more | 2025-05-15 | 7.5 High |
| In mp3 decoder, there is a possible out of bounds write due to a race condition. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08441369; Issue ID: ALPS08441369. | ||||
| CVE-2024-20001 | 2 Google, Mediatek | 59 Android, Mt5583, Mt5586 and 56 more | 2025-05-15 | 6.7 Medium |
| In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961601; Issue ID: DTV03961601. | ||||
| CVE-2023-5643 | 1 Arm | 3 5th Gen Gpu Architecture Kernel Driver, Bifrost Gpu Kernel Driver, Valhall Gpu Kernel Driver | 2025-05-15 | 7.8 High |
| Out-of-bounds Write vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations. Depending on the configuration of the Mali GPU Kernel Driver, and if the system’s memory is carefully prepared by the user, then this in turn could write to memory outside of buffer bounds.This issue affects Bifrost GPU Kernel Driver: from r41p0 through r45p0; Valhall GPU Kernel Driver: from r41p0 through r45p0; Arm 5th Gen GPU Architecture Kernel Driver: from r41p0 through r45p0. | ||||
| CVE-2023-42871 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-05-15 | 7.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14, iOS 17 and iPadOS 17. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2022-35040 | 1 Otfcc Project | 1 Otfcc | 2025-05-15 | 6.5 Medium |
| OTFCC commit 617837b was discovered to contain a heap buffer overflow via /release-x64/otfccdump+0x6b5567. | ||||
| CVE-2023-6387 | 1 Silabs | 1 Gecko Software Development Kit | 2025-05-15 | 7.5 High |
| A potential buffer overflow exists in the Bluetooth LE HCI CPC sample application in the Gecko SDK which may result in a denial of service or remote code execution | ||||
| CVE-2023-43516 | 1 Qualcomm | 16 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 13 more | 2025-05-15 | 7.8 High |
| Memory corruption when malformed message payload is received from firmware. | ||||
| CVE-2023-43517 | 1 Qualcomm | 38 Qam8255p, Qam8255p Firmware, Qam8295p and 35 more | 2025-05-15 | 8.4 High |
| Memory corruption in Automotive Multimedia due to improper access control in HAB. | ||||
| CVE-2022-42080 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2025-05-15 | 7.5 High |
| Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a heap overflow via sched_start_time parameter. | ||||
| CVE-2022-42079 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2025-05-15 | 7.5 High |
| Tenda AC1206 US_AC1206V1.0RTL_V15.03.06.23_multi_TD01 was discovered to contain a stack overflow via the function formWifiBasicSet. | ||||
| CVE-2025-30328 | 3 Adobe, Apple, Microsoft | 3 Animate, Macos, Windows | 2025-05-15 | 7.8 High |
| Animate versions 24.0.8, 23.0.11 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-30330 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2025-05-15 | 7.8 High |
| Illustrator versions 29.3, 28.7.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||