ReportizFlow
Filtered by vendor
Subscriptions
Total
3825 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-51823 | 2 Libcsp, Libcsp Project | 2 Libcsp, Libcsp | 2025-08-14 | 6.5 Medium |
| libcsp 2.0 is vulnerable to Buffer Overflow in the csp_eth_init() function due to improper handling of the ifname parameter. The function uses strcpy to copy the interface name into a structure member (ctx->name) without validating the input length. | ||||
| CVE-2025-51824 | 2 Libcsp, Libcsp Project | 2 Libcsp, Libcsp | 2025-08-14 | 6.5 Medium |
| libcsp 2.0 is vulnerable to Buffer Overflow in the csp_usart_open() function at drivers/usart/zephyr.c. | ||||
| CVE-2020-25969 | 1 Gnuplot | 1 Gnuplot | 2025-08-14 | 9.8 Critical |
| gnuplot v5.5 was discovered to contain a buffer overflow via the function plotrequest(). | ||||
| CVE-2015-7747 | 3 Audiofile, Canonical, Fedoraproject | 3 Audiofile, Ubuntu Linux, Fedora | 2025-08-13 | 8.8 High |
| Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c. | ||||
| CVE-2025-8760 | 2025-08-13 | 9.8 Critical | ||
| A vulnerability was identified in INSTAR 2K+ and 4K 3.11.1 Build 1124. This affects the function base64_decode of the component fcgi_server. The manipulation of the argument Authorization leads to buffer overflow. It is possible to initiate the attack remotely. | ||||
| CVE-2025-5601 | 1 Wireshark | 1 Wireshark | 2025-08-13 | 7.8 High |
| Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2025-25527 | 1 Ruijie | 2 Rg-nbr2600s, Rg-nbr2600s Firmware | 2025-08-13 | 5.1 Medium |
| Buffer overflow vulnerability in Ruijie RG-NBR2600S Gateway 10.3(4b12) due to the lack of length verification, which is related to the configuration of source address NAT rules. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands. | ||||
| CVE-2020-19695 | 1 F5 | 1 Njs | 2025-08-12 | 9.8 Critical |
| Buffer Overflow found in Nginx NJS allows a remote attacker to execute arbitrary code via the njs_object_property parameter of the njs/njs_vm.c function. | ||||
| CVE-2020-19692 | 1 F5 | 1 Njs | 2025-08-12 | 9.8 Critical |
| Buffer Overflow vulnerabilty found in Nginx NJS v.0feca92 allows a remote attacker to execute arbitrary code via the njs_module_read in the njs_module.c file. | ||||
| CVE-2025-0689 | 2 Gnu, Redhat | 3 Grub2, Enterprise Linux, Openshift | 2025-08-12 | 6.7 Medium |
| When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes the read size from the disk is always smaller than the allocated buffer size which is not guaranteed. A crafted filesystem image may lead to a heap-based buffer overflow resulting in critical data to be corrupted, resulting in the risk of arbitrary code execution by-passing secure boot protections. | ||||
| CVE-2025-54632 | 1 Huawei | 1 Harmonyos | 2025-08-12 | 6.8 Medium |
| Vulnerability of insufficient data length verification in the HVB module. Impact: Successful exploitation of this vulnerability may affect service integrity. | ||||
| CVE-2025-8854 | 1 Bullet3 Project | 1 Bullet3 | 2025-08-12 | N/A |
| Stack-based buffer overflow in LoadOFF in bulletphysics bullet3 before 3.26 on all platforms allows remote attackers to execute arbitrary code via a crafted OFF file with an overlong initial token processed by the VHACD test utility or invoked indirectly through PyBullet's vhacd function. | ||||
| CVE-2025-8736 | 1 Gnu | 1 Cflow | 2025-08-12 | 5.3 Medium |
| A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-54642 | 1 Huawei | 2 Emui, Harmonyos | 2025-08-11 | 6.7 Medium |
| Issue of buffer overflow caused by insufficient data verification in the kernel gyroscope module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-54641 | 1 Huawei | 2 Emui, Harmonyos | 2025-08-11 | 6.7 Medium |
| Issue of buffer overflow caused by insufficient data verification in the kernel acceleration module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2023-43548 | 1 Qualcomm | 284 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 281 more | 2025-08-11 | 7.3 High |
| Memory corruption while parsing qcp clip with invalid chunk data size. | ||||
| CVE-2023-33031 | 1 Qualcomm | 330 Apq5053-aa, Apq5053-aa Firmware, Apq8009 and 327 more | 2025-08-11 | 7.8 High |
| Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer. | ||||
| CVE-2023-33035 | 1 Qualcomm | 288 Apq5053-aa, Apq5053-aa Firmware, Ar8035 and 285 more | 2025-08-11 | 7.8 High |
| Memory corruption while invoking callback function of AFE from ADSP. | ||||
| CVE-2023-33072 | 1 Qualcomm | 490 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 487 more | 2025-08-11 | 9.3 Critical |
| Memory corruption in Core while processing control functions. | ||||
| CVE-2023-33085 | 1 Qualcomm | 210 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 207 more | 2025-08-11 | 7.8 High |
| Memory corruption in wearables while processing data from AON. | ||||