ReportizFlow
Filtered by vendor
Subscriptions
Total
13358 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-66043 | 2 Libbiosig Project, The Biosig Project | 2 Libbiosig, Libbiosig | 2025-12-17 | 9.8 Critical |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 3 | ||||
| CVE-2025-66044 | 2 Libbiosig Project, The Biosig Project | 2 Libbiosig, Libbiosig | 2025-12-17 | 9.8 Critical |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 64 | ||||
| CVE-2025-66045 | 2 Libbiosig Project, The Biosig Project | 2 Libbiosig, Libbiosig | 2025-12-17 | 9.8 Critical |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 65 | ||||
| CVE-2025-66046 | 2 Libbiosig Project, The Biosig Project | 2 Libbiosig, Libbiosig | 2025-12-17 | 9.8 Critical |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 67 | ||||
| CVE-2025-66047 | 2 Libbiosig Project, The Biosig Project | 2 Libbiosig, Libbiosig | 2025-12-17 | 9.8 Critical |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 131 | ||||
| CVE-2025-66048 | 2 Libbiosig Project, The Biosig Project | 2 Libbiosig, Libbiosig | 2025-12-17 | 9.8 Critical |
| Several stack-based buffer overflow vulnerabilities exists in the MFER parsing functionality of The Biosig Project libbiosig 3.9.1. A specially crafted MFER file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger these vulnerabilities.When Tag is 133 | ||||
| CVE-2025-38068 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-12-17 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: crypto: lzo - Fix compression buffer overrun Unlike the decompression code, the compression code in LZO never checked for output overruns. It instead assumes that the caller always provides enough buffer space, disregarding the buffer length provided by the caller. Add a safe compression interface that checks for the end of buffer before each write. Use the safe interface in crypto/lzo. | ||||
| CVE-2025-38077 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-12-17 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store() If the 'buf' array received from the user contains an empty string, the 'length' variable will be zero. Accessing the 'buf' array element with index 'length - 1' will result in a buffer overflow. Add a check for an empty string. Found by Linux Verification Center (linuxtesting.org) with SVACE. | ||||
| CVE-2025-48638 | 1 Google | 1 Android | 2025-12-17 | 7.8 High |
| In __pkvm_load_tracing of trace.c, there is a possible out-of-bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48624 | 1 Google | 1 Android | 2025-12-17 | 7.8 High |
| In multiple functions of arm-smmu-v3.c, there is a possible out-of-bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48623 | 1 Google | 1 Android | 2025-12-17 | 7.8 High |
| In init_pkvm_hyp_vcpu of pkvm.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-13654 | 2 Duc Project, Zevv | 2 Duc, Duc | 2025-12-17 | 7.5 High |
| A stack buffer overflow vulnerability exists in the buffer_get function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read. | ||||
| CVE-2025-43520 | 1 Apple | 11 Ios, Ipad Os, Ipados and 8 more | 2025-12-16 | 5.5 Medium |
| A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, tvOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. A malicious application may be able to cause unexpected system termination or write kernel memory. | ||||
| CVE-2025-37979 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-12-16 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: Fix sc7280 lpass potential buffer overflow Case values introduced in commit 5f78e1fb7a3e ("ASoC: qcom: Add driver support for audioreach solution") cause out of bounds access in arrays of sc7280 driver data (e.g. in case of RX_CODEC_DMA_RX_0 in sc7280_snd_hw_params()). Redefine LPASS_MAX_PORTS to consider the maximum possible port id for q6dsp as sc7280 driver utilizes some of those values. Found by Linux Verification Center (linuxtesting.org) with SVACE. | ||||
| CVE-2024-22391 | 3 Fedoraproject, Grassroot, Malaterre | 3 Fedora, Grassroot Platform, Grassroots Dicom | 2025-12-16 | 7.7 High |
| A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2024-22373 | 3 Fedoraproject, Grassroots Dicom Project, Malaterre | 3 Fedora, Grassroots Dicom, Grassroots Dicom | 2025-12-16 | 8.1 High |
| An out-of-bounds write vulnerability exists in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2023-22388 | 1 Qualcomm | 458 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 455 more | 2025-12-16 | 9.8 Critical |
| Memory Corruption in Multi-mode Call Processor while processing bit mask API. | ||||
| CVE-2023-43641 | 3 Debian, Fedoraproject, Lipnitsk | 3 Debian Linux, Fedora, Libcue | 2025-12-16 | 8.8 High |
| libcue provides an API for parsing and extracting data from CUE sheets. Versions 2.2.1 and prior are vulnerable to out-of-bounds array access. A user of the GNOME desktop environment can be exploited by downloading a cue sheet from a malicious webpage. Because the file is saved to `~/Downloads`, it is then automatically scanned by tracker-miners. And because it has a .cue filename extension, tracker-miners use libcue to parse the file. The file exploits the vulnerability in libcue to gain code execution. This issue is patched in version 2.3.0. | ||||
| CVE-2023-33074 | 1 Qualcomm | 120 Qam8255p, Qam8255p Firmware, Qam8295p and 117 more | 2025-12-16 | 8.4 High |
| Memory corruption in Audio when SSR event is triggered after music playback is stopped. | ||||
| CVE-2023-33059 | 1 Qualcomm | 518 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 515 more | 2025-12-16 | 7.8 High |
| Memory corruption in Audio while processing the VOC packet data from ADSP. | ||||