Total
12209 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-0803 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-03-21 | 6.8 Medium |
| LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3516, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. | ||||
| CVE-2023-0802 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-03-21 | 6.8 Medium |
| LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3724, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. | ||||
| CVE-2023-0801 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-03-21 | 6.8 Medium |
| LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in libtiff/tif_unix.c:368, invoked by tools/tiffcrop.c:2903 and tools/tiffcrop.c:6778, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. | ||||
| CVE-2023-0800 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-03-21 | 6.8 Medium |
| LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3502, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. | ||||
| CVE-2022-48322 | 1 Netgear | 12 Mr60, Mr60 Firmware, Ms60 and 9 more | 2025-03-21 | 9.8 Critical |
| NETGEAR Nighthawk WiFi Mesh systems and routers are affected by a stack-based buffer overflow vulnerability. This affects MR60 before 1.1.7.132, MS60 before 1.1.7.132, R6900P before 1.3.3.154, R7000P before 1.3.3.154, R7960P before 1.4.4.94, and R8000P before 1.4.4.94. | ||||
| CVE-2023-0804 | 2 Libtiff, Redhat | 2 Libtiff, Enterprise Linux | 2025-03-21 | 6.8 Medium |
| LibTIFF 4.4.0 has an out-of-bounds write in tiffcrop in tools/tiffcrop.c:3609, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit 33aee127. | ||||
| CVE-2025-2574 | 2025-03-21 | N/A | ||
| Out-of-bounds array write in Xpdf 4.05 and earlier, due to incorrect integer overflow checking in the PostScript function interpreter code. | ||||
| CVE-2023-0819 | 1 Gpac | 1 Gpac | 2025-03-21 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to v2.3.0-DEV. | ||||
| CVE-2025-2153 | 1 Hdfgroup | 1 Hdf5 | 2025-03-21 | 5 Medium |
| A vulnerability, which was classified as critical, was found in HDF5 1.14.6. Affected is the function H5SM_delete of the file H5SM.c of the component h5 File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-2152 | 1 Assimp | 1 Assimp | 2025-03-21 | 6.3 Medium |
| A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp 5.4.3. This issue affects the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp of the component File Handler. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-6779 | 1 Google | 1 Chrome | 2025-03-20 | 8.8 High |
| Out of bounds memory access in V8 in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-52159 | 2 Bizdelnick, Debian | 2 Gross, Debian Linux | 2025-03-20 | 7.5 High |
| A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x before 1.0.4 allows remote attackers to trigger a denial of service (grossd daemon crash) or potentially execute arbitrary code in grossd via crafted SMTP transaction parameters that cause an incorrect strncat for a log entry. | ||||
| CVE-2023-24560 | 1 Siemens | 1 Solid Edge Se2023 | 2025-03-20 | 7.8 High |
| A vulnerability has been identified in Solid Edge SE2022 (All versions < V222.0MP12), Solid Edge SE2023 (All versions < V223.0Update2). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted PAR file. This could allow an attacker to to execute code in the context of the current process. | ||||
| CVE-2011-0210 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2025-03-20 | N/A |
| QuickTime in Apple Mac OS X before 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via crafted sample tables in a movie file. | ||||
| CVE-2011-0186 | 1 Apple | 3 Mac Os X, Mac Os X Server, Quicktime | 2025-03-20 | N/A |
| QuickTime in Apple Mac OS X before 10.6.7 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG2000 image. | ||||
| CVE-2013-1032 | 1 Apple | 2 Mac Os X, Quicktime | 2025-03-20 | N/A |
| QuickTime in Apple Mac OS X before 10.8.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted idsc atom in a QuickTime movie file. | ||||
| CVE-2024-29509 | 1 Artifex | 1 Ghostscript | 2025-03-20 | 8.8 High |
| Artifex Ghostscript before 10.03.0 has a heap-based overflow when PDFPassword (e.g., for runpdf) has a \000 byte in the middle. | ||||
| CVE-2023-24979 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-03-20 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19789) | ||||
| CVE-2023-24981 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-03-20 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19791) | ||||
| CVE-2023-24982 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-03-20 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19804) | ||||