Total
12847 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-26597 | 3 Redhat, Tigervnc, X.org | 9 Enterprise Linux, Rhel Aus, Rhel E4s and 6 more | 2025-03-27 | 7.8 High |
| A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 group, it will resize the key symbols table to 0 but leave the key actions unchanged. If the same function is later called with a non-zero value of groups, this will cause a buffer overflow because the key actions are of the wrong size. | ||||
| CVE-2024-33599 | 1 Redhat | 7 Enterprise Linux, Rhel Aus, Rhel E4s and 4 more | 2025-03-26 | 8.1 High |
| nscd: Stack-based buffer overflow in netgroup cache If the Name Service Cache Daemon's (nscd) fixed size cache is exhausted by client requests then a subsequent client request for netgroup data may result in a stack-based buffer overflow. This flaw was introduced in glibc 2.15 when the cache was added to nscd. This vulnerability is only present in the nscd binary. | ||||
| CVE-2021-37519 | 1 Memcached | 1 Memcached | 2025-03-26 | 5.5 Medium |
| Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows attackers to cause a denial of service via crafted authenticattion file. | ||||
| CVE-2023-0637 | 1 Trendnet | 2 Tew-811dru, Tew-811dru Firmware | 2025-03-26 | 6.5 Medium |
| A vulnerability, which was classified as critical, was found in TRENDnet TEW-811DRU 1.0.10.0. This affects an unknown part of the file wan.asp of the component Web Management Interface. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-220017 was assigned to this vulnerability. | ||||
| CVE-2025-2618 | 1 Dlink | 2 Dap-1620, Dap-1620 Firmware | 2025-03-26 | 9.8 Critical |
| A vulnerability, which was classified as critical, has been found in D-Link DAP-1620 1.03. Affected by this issue is the function set_ws_action of the file /dws/api/ of the component Path Handler. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-2619 | 1 Dlink | 2 Dap-1620, Dap-1620 Firmware | 2025-03-26 | 9.8 Critical |
| A vulnerability, which was classified as critical, was found in D-Link DAP-1620 1.03. This affects the function check_dws_cookie of the file /storage of the component Cookie Handler. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-2620 | 1 Dlink | 2 Dap-1620, Dap-1620 Firmware | 2025-03-26 | 9.8 Critical |
| A vulnerability has been found in D-Link DAP-1620 1.03 and classified as critical. This vulnerability affects the function mod_graph_auth_uri_handler of the file /storage of the component Authentication Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2025-2621 | 1 Dlink | 2 Dap-1620, Dap-1620 Firmware | 2025-03-26 | 9.8 Critical |
| A vulnerability was found in D-Link DAP-1620 1.03 and classified as critical. This issue affects the function check_dws_cookie of the file /storage. The manipulation of the argument uid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2022-34376 | 1 Dell | 160 C4130, C4130 Firmware, C4140 and 157 more | 2025-03-26 | 3.9 Low |
| Dell PowerEdge BIOS and Dell Precision BIOS contain an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by manipulating an SMI to cause a denial of service during SMM. | ||||
| CVE-2022-34377 | 1 Dell | 160 C4130, C4130 Firmware, C4140 and 157 more | 2025-03-26 | 1.9 Low |
| Dell PowerEdge BIOS and Dell Precision BIOS contain an Improper SMM communication buffer verification vulnerability. A local malicious user with high Privileges may potentially exploit this vulnerability to perform arbitrary code execution or cause denial of service. | ||||
| CVE-2023-20605 | 2 Google, Mediatek | 51 Android, Mt6580, Mt6731 and 48 more | 2025-03-26 | 4.4 Medium |
| In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07550104; Issue ID: ALPS07550104. | ||||
| CVE-2022-43762 | 1 Br-automation | 1 Industrial Automation Aprol | 2025-03-25 | 7.5 High |
| Lack of verification in B&R APROL Tbase server versions < R 4.2-07 may lead to memory leaks when receiving messages | ||||
| CVE-2025-2721 | 2025-03-25 | 5.3 Medium | ||
| A vulnerability was found in GNOME libgsf up to 1.14.53. It has been classified as critical. This affects the function gsf_base64_encode_simple. The manipulation of the argument size_t leads to heap-based buffer overflow. An attack has to be approached locally. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-2722 | 2025-03-25 | 5.3 Medium | ||
| A vulnerability was found in GNOME libgsf up to 1.14.53. It has been declared as critical. This vulnerability affects the function gsf_prop_settings_collect_va. The manipulation of the argument n_alloced_params leads to heap-based buffer overflow. Local access is required to approach this attack. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-2723 | 2025-03-25 | 5.3 Medium | ||
| A vulnerability was found in GNOME libgsf up to 1.14.53. It has been rated as critical. This issue affects the function gsf_property_settings_collec. The manipulation of the argument n_alloced_params leads to heap-based buffer overflow. Attacking locally is a requirement. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-2724 | 2025-03-25 | 3.3 Low | ||
| A vulnerability classified as problematic has been found in GNOME libgsf up to 1.14.53. Affected is the function sorting_key_copy. The manipulation of the argument Name leads to out-of-bounds read. It is possible to launch the attack on the local host. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-2753 | 2025-03-25 | 6.3 Medium | ||
| A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been classified as critical. Affected is the function SceneCombiner::MergeScenes of the file code/AssetLib/LWS/LWSLoader.cpp of the component LWS File Handler. The manipulation leads to out-of-bounds read. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-2754 | 2025-03-25 | 6.3 Medium | ||
| A vulnerability was found in Open Asset Import Library Assimp 5.4.3. It has been declared as critical. Affected by this vulnerability is the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of the component AC3D File Handler. The manipulation of the argument it leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-2757 | 2025-03-25 | 6.3 Medium | ||
| A vulnerability classified as critical was found in Open Asset Import Library Assimp 5.4.3. This vulnerability affects the function AI_MD5_PARSE_STRING_IN_QUOTATION of the file code/AssetLib/MD5/MD5Parser.cpp of the component MD5 File Handler. The manipulation of the argument data leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-2756 | 2025-03-25 | 6.3 Medium | ||
| A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of the component AC3D File Handler. The manipulation of the argument tmp leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||