Export limit exceeded: 357822 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (22789 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-20911 | 1 Libraw | 1 Libraw | 2026-04-13 | 9.8 Critical |
| A heap-based buffer overflow vulnerability exists in the HuffTable::initval functionality of LibRaw Commit 0b56545 and Commit d20315b. A specially crafted malicious file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2025-45057 | 1 Dlink | 2 Di-8300, Di-8300 Firmware | 2026-04-13 | 7.5 High |
| D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the ip parameter in the ip_position_asp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2025-45058 | 1 Dlink | 2 Di-8300, Di-8300 Firmware | 2026-04-13 | 7.5 High |
| D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the fx parameter in the jingx_asp function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2025-50667 | 2 D-link, Dlink | 3 Di-8003, Di-8003, Di-8003 Firmware | 2026-04-13 | 7.5 High |
| A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the iface parameter in the /wan_line_detection.asp endpoint. | ||||
| CVE-2025-50668 | 1 Dlink | 2 Di-8003, Di-8003 Firmware | 2026-04-13 | 7.5 High |
| A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the s parameter in the /web_list_opt.asp endpoint. | ||||
| CVE-2025-50669 | 2 D-link, Dlink | 4 Di-8003, Di-8003g, Di-8003 and 1 more | 2026-04-13 | 7.5 High |
| A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 and DI-8003G 19.12.10A1 due to improper handling of the wan_ping parameter in the /wan_ping.asp endpoint. | ||||
| CVE-2025-50670 | 2 D-link, Dlink | 3 Di-8003, Di-8003, Di-8003 Firmware | 2026-04-13 | 7.5 High |
| A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /xwgl_bwr.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request in the name, qq, and time parameters. | ||||
| CVE-2025-50672 | 1 Dlink | 2 Di-8003, Di-8003 Firmware | 2026-04-13 | 7.5 High |
| A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /yyxz_dlink.asp endpoint. | ||||
| CVE-2026-23333 | 1 Linux | 1 Linux Kernel | 2026-04-13 | 5.5 Medium |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2026-21381 | 1 Qualcomm | 207 Ar8035, Ar8035 Firmware, Cologne and 204 more | 2026-04-13 | 7.6 High |
| Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection. | ||||
| CVE-2026-4647 | 2 Gnu, Redhat | 5 Binutils, Enterprise Linux, Hummingbird and 2 more | 2026-04-10 | 6.1 Medium |
| A flaw was found in the GNU Binutils BFD library, a widely used component for handling binary files such as object files and executables. The issue occurs when processing specially crafted XCOFF object files, where a relocation type value is not properly validated before being used. This can cause the program to read memory outside of intended bounds. As a result, affected tools may crash or expose unintended memory contents, leading to denial-of-service or limited information disclosure risks. | ||||
| CVE-2026-34766 | 2 Electron, Electronjs | 2 Electron, Electron | 2026-04-10 | 3.3 Low |
| Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8, the select-usb-device event callback did not validate the chosen device ID against the filtered list that was presented to the handler. An app whose handler could be influenced to select a device ID outside the filtered set would grant access to a device that did not match the renderer's requested filters or was listed in exclusionFilters. The WebUSB security blocklist remained enforced regardless, so security-sensitive devices on the blocklist were not affected. The practical impact is limited to apps with unusual device-selection logic. This issue has been patched in versions 38.8.6, 39.8.0, 40.7.0, and 41.0.0-beta.8. | ||||
| CVE-2022-45315 | 1 Mikrotik | 1 Routeros | 2026-04-09 | 6.4 Medium |
| Mikrotik RouterOs before stable v7.6 was discovered to contain an out-of-bounds read in the snmp process. This vulnerability allows authenticated attackers to execute arbitrary code via a crafted packet. | ||||
| CVE-2025-47389 | 1 Qualcomm | 363 Ar8035, Ar8035 Firmware, Cologne and 360 more | 2026-04-09 | 7.8 High |
| Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation. | ||||
| CVE-2025-47390 | 1 Qualcomm | 59 Cologne, Cologne Firmware, Fastconnect 6700 and 56 more | 2026-04-09 | 7.8 High |
| Memory corruption while preprocessing IOCTL request in JPEG driver. | ||||
| CVE-2025-47391 | 1 Qualcomm | 203 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 200 more | 2026-04-09 | 7.8 High |
| Memory corruption while processing a frame request from user. | ||||
| CVE-2025-47400 | 1 Qualcomm | 23 Pandeiro, Pandeiro Firmware, Snapdragon and 20 more | 2026-04-09 | 7.1 High |
| Cryptographic issue while copying data to a destination buffer without validating its size. | ||||
| CVE-2026-21367 | 1 Qualcomm | 301 Ar8035, Ar8035 Firmware, Cologne and 298 more | 2026-04-09 | 7.6 High |
| Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans. | ||||
| CVE-2026-21371 | 1 Qualcomm | 105 Aqt1000, Aqt1000 Firmware, Cologne and 102 more | 2026-04-09 | 7.8 High |
| Memory Corruption when retrieving output buffer with insufficient size validation. | ||||
| CVE-2026-21372 | 1 Qualcomm | 57 Cologne, Cologne Firmware, Fastconnect 6700 and 54 more | 2026-04-09 | 7.8 High |
| Memory Corruption when sending IOCTL requests with invalid buffer sizes during memcpy operations. | ||||