ReportizFlow
Filtered by vendor
Subscriptions
Total
13378 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-5503 | 1 Totolink | 2 X15, X15 Firmware | 2025-06-17 | 8.8 High |
| A vulnerability, which was classified as critical, was found in TOTOLINK X15 1.0.0-B20230714.1105. This affects the function formMapReboot of the file /boafrm/formMapReboot. The manipulation of the argument deviceMacAddr leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-49129 | 1 Siemens | 1 Solid Edge Se2023 | 2025-06-17 | 7.8 High |
| A vulnerability has been identified in Solid Edge SE2023 (All versions < V223.0 Update 10). The affected applications contain a stack overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2023-37296 | 1 Ami | 1 Megarac Sp-x | 2025-06-17 | 8.3 High |
| AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | ||||
| CVE-2023-37295 | 1 Ami | 1 Megarac Sp-x | 2025-06-17 | 8.3 High |
| AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | ||||
| CVE-2023-37294 | 1 Ami | 1 Megarac Sp-x | 2025-06-17 | 8.3 High |
| AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a heap memory corruption via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | ||||
| CVE-2023-37293 | 1 Ami | 1 Megarac Sp-x | 2025-06-17 | 9.6 Critical |
| AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | ||||
| CVE-2023-3043 | 1 Ami | 1 Megarac Sp-x | 2025-06-17 | 9.6 Critical |
| AMI’s SPx contains a vulnerability in the BMC where an Attacker may cause a stack-based buffer overflow via an adjacent network. A successful exploitation of this vulnerability may lead to a loss of confidentiality, integrity, and/or availability. | ||||
| CVE-2023-7213 | 1 Totolink | 2 N350rt, N350rt Firmware | 2025-06-17 | 6.3 Medium |
| A vulnerability classified as critical was found in Totolink N350RT 9.3.5u.6139_B20201216. Affected by this vulnerability is the function main of the file /cgi-bin/cstecgi.cgi?action=login&flag=1 of the component HTTP POST Request Handler. The manipulation of the argument v33 leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-249769 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2021-42028 | 1 Siemens-healthineers | 1 Syngo Fastview | 2025-06-17 | 7.8 High |
| A vulnerability has been identified in syngo fastView (All versions). The affected application lacks proper validation of user-supplied data when parsing BMP files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-14860) | ||||
| CVE-2021-40367 | 1 Siemens-healthineers | 1 Syngo Fastview | 2025-06-17 | 7.8 High |
| A vulnerability has been identified in syngo fastView (All versions). The affected application lacks proper validation of user-supplied data when parsing DICOM files. This could result in an out-of-bounds write past the end of an allocated structure. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-15097) | ||||
| CVE-2023-52304 | 1 Paddlepaddle | 1 Paddlepaddle | 2025-06-17 | 8.2 High |
| Stack overflow in paddle.searchsorted in PaddlePaddle before 2.6.0. This flaw can lead to a denial of service, or even more damage. | ||||
| CVE-2022-36660 | 1 Xhyve Project | 1 Xhyve | 2025-06-17 | 9.8 Critical |
| xhyve commit dfbe09b was discovered to contain a stack buffer overflow via the component pci_vtrnd_notify(). | ||||
| CVE-2022-36513 | 1 H3c | 2 Gr-1200w, Gr-1200w Firmware | 2025-06-17 | 9.8 Critical |
| H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function edditactionlist. | ||||
| CVE-2022-36511 | 1 H3c | 2 Gr-1200w, Gr-1200w Firmware | 2025-06-17 | 9.8 Critical |
| H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function EditApAdvanceInfo. | ||||
| CVE-2022-36508 | 1 H3c | 2 Magic Nx18 Plus, Magic Nx18 Plus Firmware | 2025-06-17 | 7.8 High |
| H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetAPInfoById. | ||||
| CVE-2022-36504 | 1 H3c | 2 Magic Nx18 Plus, Magic Nx18 Plus Firmware | 2025-06-17 | 7.8 High |
| H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Edit_BasicSSID. | ||||
| CVE-2025-47868 | 1 Apache | 1 Nuttx | 2025-06-17 | 9.8 Critical |
| Out-of-bounds Write resulting in possible Heap-based Buffer Overflow vulnerability was discovered in tools/bdf-converter font conversion utility that is part of Apache NuttX RTOS repository. This standalone program is optional and neither part of NuttX RTOS nor Applications runtime, but active bdf-converter users may be affected when this tool is exposed to external provided user data data (i.e. publicly available automation). This issue affects Apache NuttX: from 6.9 before 12.9.0. Users are recommended to upgrade to version 12.9.0, which fixes the issue. | ||||
| CVE-2022-46721 | 1 Apple | 1 Macos | 2025-06-17 | 7.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2023-50671 | 1 Aertherwide | 1 Exiftags | 2025-06-17 | 7.8 High |
| In exiftags 1.01, nikon_prop1 in nikon.c has a heap-based buffer overflow (write of size 28) because snprintf can write to an unexpected address. | ||||
| CVE-2024-1283 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-06-17 | 8.8 High |
| Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||