Total
12209 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-29384 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-19 | 9.8 Critical |
| In Tenda AC9 v1.0 V15.03.05.14_multi, the wanMTU parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | ||||
| CVE-2025-29031 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-19 | 9.8 Critical |
| Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the fromAddressNat function. | ||||
| CVE-2025-29030 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-03-19 | 9.8 Critical |
| Tenda AC6 v15.03.05.16 was discovered to contain a buffer overflow via the formWifiWpsOOB function. | ||||
| CVE-2023-24990 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-03-19 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19812) | ||||
| CVE-2023-24991 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-03-19 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19813) | ||||
| CVE-2023-24994 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-03-19 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19816) | ||||
| CVE-2023-24995 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-03-19 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19817) | ||||
| CVE-2025-20636 | 2 Google, Mediatek | 45 Android, Mt6580, Mt6739 and 42 more | 2025-03-19 | 6.7 Medium |
| In secmem, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09403554; Issue ID: MSV-2431. | ||||
| CVE-2024-41443 | 1 Dbohdan | 1 Hicolor | 2025-03-19 | 5.5 Medium |
| A stack overflow in the function cp_dynamic() (/vendor/cute_png.h) of hicolor v0.5.0 allows attackers to cause a Denial of Service (DoS) via a crafted PNG file. | ||||
| CVE-2023-20949 | 1 Google | 1 Android | 2025-03-19 | 5.5 Medium |
| In s2mpg11_pmic_probe of s2mpg11-regulator.c, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-259323133References: N/A | ||||
| CVE-2022-45587 | 1 Xpdfreader | 1 Xpdf | 2025-03-19 | 5.5 Medium |
| Stack overflow vulnerability in function gmalloc in goo/gmem.cc in xpdf 4.04, allows local attackers to cause a denial of service. | ||||
| CVE-2022-45586 | 1 Xpdfreader | 1 Xpdf | 2025-03-19 | 5.5 Medium |
| Stack overflow vulnerability in function Dict::find in xpdf/Dict.cc in xpdf 4.04, allows local attackers to cause a denial of service. | ||||
| CVE-2023-52512 | 1 Linux | 1 Linux Kernel | 2025-03-19 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: pinctrl: nuvoton: wpcm450: fix out of bounds write Write into 'pctrl->gpio_bank' happens before the check for GPIO index validity, so out of bounds write may happen. Found by Linux Verification Center (linuxtesting.org) with SVACE. | ||||
| CVE-2023-40110 | 1 Google | 1 Android | 2025-03-19 | 6.2 Medium |
| In multiple functions of MtpPacket.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2023-24996 | 1 Siemens | 1 Tecnomatix Plant Simulation | 2025-03-19 | 7.8 High |
| A vulnerability has been identified in Tecnomatix Plant Simulation (All versions < V2201.0006). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted SPP file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-19818) | ||||
| CVE-2025-20631 | 2025-03-19 | 7.8 High | ||
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00397141; Issue ID: MSV-2187. | ||||
| CVE-2024-54523 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-03-19 | 9.1 Critical |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Sequoia 15.2, watchOS 11.2, tvOS 18.2, iOS 18.2 and iPadOS 18.2. An app may be able to corrupt coprocessor memory. | ||||
| CVE-2024-49738 | 2025-03-19 | 7.8 High | ||
| In writeInplace of Parcel.cpp, there is a possible out of bounds write. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2022-40080 | 1 Acer | 2 Aspire E5-475g, Aspire E5-475g Firmware | 2025-03-19 | 7.8 High |
| Stack overflow vulnerability in Aspire E5-475G 's BIOS firmware, in the FpGui module, a second call to GetVariable services allows local attackers to execute arbitrary code in the UEFI DXE phase and gain escalated privileges. | ||||
| CVE-2021-43529 | 2 Mozilla, Redhat | 3 Thunderbird, Enterprise Linux, Rhel Eus | 2025-03-19 | 9.8 Critical |
| Thunderbird versions prior to 91.3.0 are vulnerable to the heap overflow described in CVE-2021-43527 when processing S/MIME messages. Thunderbird versions 91.3.0 and later will not call the vulnerable code when processing S/MIME messages that contain certificates with DER-encoded DSA or RSA-PSS signatures. | ||||