Export limit exceeded: 365308 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (46152 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-1179 1 Gnu 1 Binutils 2025-03-03 5 Medium
A vulnerability was found in GNU Binutils 2.43. It has been rated as critical. Affected by this issue is the function bfd_putl64 of the file bfd/libbfd.c of the component ld. The manipulation leads to memory corruption. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 2.44 is able to address this issue. It is recommended to upgrade the affected component. The code maintainer explains, that "[t]his bug has been fixed at some point between the 2.43 and 2.44 releases".
CVE-2025-21124 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2025-03-03 5.5 Medium
InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-21123 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2025-03-03 7.8 High
InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2024-43055 2025-03-03 7.8 High
Memory corruption while processing camera use case IOCTL call.
CVE-2022-49045 2025-03-02 5.5 Medium
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2025-23089 2025-03-01 8.8 High
This Record was REJECTED after determining it is not in compliance with CVE Program requirements regarding assignment for vulnerabilities
CVE-2025-23087 2025-03-01 N/A
This Record was REJECTED after determining it is not in compliance with CVE Program requirements regarding assignment for vulnerabilities
CVE-2025-0751 1 Axiosys 1 Bento4 2025-02-28 6.3 Medium
A vulnerability classified as critical has been found in Axiomatic Bento4 up to 1.6.0. This affects the function AP4_BitReader::ReadBits of the component mp42aac. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-0870 1 Axiosys 1 Bento4 2025-02-28 5.6 Medium
A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4_DataBuffer::GetData in the library Ap4DataBuffer.h. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
CVE-2025-0753 1 Axiosys 1 Bento4 2025-02-28 6.3 Medium
A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0. This vulnerability affects the function AP4_StdcFileByteStream::ReadPartial of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2023-26109 1 Node-bluetooth-serial-port Project 1 Node-bluetooth-serial-port 2025-02-28 7.3 High
All versions of the package node-bluetooth-serial-port are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation.
CVE-2023-26110 1 Node-bluetooth Project 1 Node-bluetooth 2025-02-28 7.3 High
All versions of the package node-bluetooth are vulnerable to Buffer Overflow via the findSerialPortChannel method due to improper user input length validation.
CVE-2023-21732 1 Microsoft 15 Windows 10 1607, Windows 10 1809, Windows 10 20h2 and 12 more 2025-02-28 8.8 High
Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2023-21737 1 Microsoft 4 365 Apps, Office, Office Long Term Servicing Channel and 1 more 2025-02-28 7.8 High
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2023-21738 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2025-02-28 7.8 High
Microsoft Office Visio Remote Code Execution Vulnerability
CVE-2023-21718 1 Microsoft 1 Sql Server 2025-02-28 7.8 High
Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability
CVE-2023-21716 1 Microsoft 8 Office, Office Long Term Servicing Channel, Office Online Server and 5 more 2025-02-28 9.8 Critical
Microsoft Word Remote Code Execution Vulnerability
CVE-2023-23403 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-02-28 8.8 High
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2023-23406 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-02-28 8.8 High
Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability
CVE-2023-24858 1 Microsoft 12 Windows 10, Windows 10 1607, Windows 10 1809 and 9 more 2025-02-28 7.5 High
Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability