Search Results (23198 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-44910 1 Quarkslab 1 Binbloom 2025-04-22 7.8 High
Binbloom 2.0 was discovered to contain a heap buffer overflow via the read_pointer function at /binbloom-master/src/helpers.c.
CVE-2023-42982 1 Apple 1 Macos 2025-04-21 6.4 Medium
Processing a file may lead to a denial-of-service or potentially disclose memory contents. This issue is fixed in macOS 14. The issue was addressed with improved checks.
CVE-2024-27655 1 Dlink 3 Dir-823 Firmware, Dir-823g, Dir-823g Firmware 2025-04-21 8.8 High
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the SOAPACTION parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.
CVE-2024-27656 1 Dlink 3 Dir-823 Firmware, Dir-823g, Dir-823g Firmware 2025-04-21 8.8 High
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the Cookie parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.
CVE-2024-27657 1 Dlink 3 Dir-823 Firmware, Dir-823g, Dir-823g Firmware 2025-04-21 8.8 High
D-Link DIR-823G A1V1.0.2B05 was discovered to contain a buffer overflow via the User-Agent parameter. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input, and possibly remote code execution.
CVE-2025-0438 1 Google 1 Chrome 2025-04-21 8.8 High
Stack buffer overflow in Tracing in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-32916 1 Apple 1 Iphone Os 2025-04-21 5.5 Medium
An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in iOS 16. An app may be able to disclose kernel memory.
CVE-2025-29045 1 Alfa 2 Wifi Camppro, Wifi Camppro Firmware 2025-04-21 9.8 Critical
Buffer Overflow vulnerability in ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the newap_text_0 key value
CVE-2025-29044 1 Netgear 2 R6100, R6100 Firmware 2025-04-21 9.8 Critical
Buffer Overflow vulnerability in Netgear- R61 router V1.0.1.28 allows a remote attacker to execute arbitrary code via the QUERY_STRING key value
CVE-2025-0434 1 Google 1 Chrome 2025-04-21 8.8 High
Out of bounds memory access in V8 in Google Chrome prior to 132.0.6834.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2022-32943 1 Apple 3 Ipados, Iphone Os, Macos 2025-04-21 5.3 Medium
The issue was addressed with improved bounds checks. This issue is fixed in iOS 16.2 and iPadOS 16.2, macOS Ventura 13.1. Shake-to-undo may allow a deleted photo to be re-surfaced without authentication.
CVE-2022-32942 1 Apple 1 Macos 2025-04-21 7.8 High
The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.2, macOS Ventura 13.1, macOS Big Sur 11.7.2. An app may be able to execute arbitrary code with kernel privileges.
CVE-2022-42851 1 Apple 3 Ipados, Iphone Os, Tvos 2025-04-21 5.5 Medium
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.2 and iPadOS 16.2, tvOS 16.2. Parsing a maliciously crafted TIFF file may lead to disclosure of user information.
CVE-2022-20513 1 Google 1 Android 2025-04-21 5.5 Medium
In decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-244569759
CVE-2024-53260 1 Autolabproject 1 Autolab 2025-04-21 6.8 Medium
Autolab is a course management service that enables auto-graded programming assignments. A user can modify their first and or last name to include a valid excel / spreadsheet formula. When an instructor downloads their course's roster and opens, this name will then be evaluated as a formula. This could lead to leakage of information of students in the course roster by sending the data to a remote endpoint. This issue has been patched in the source code repository and the fix is expected to be released in the next version. Users are advised to manually patch their systems or to wait for the next release. There are no known workarounds for this vulnerability.
CVE-2022-20563 1 Google 1 Android 2025-04-21 6.7 Medium
In TBD of ufdt_convert, there is a possible out of bounds read due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242067561References: N/A
CVE-2022-20543 1 Google 1 Android 2025-04-21 2.3 Low
In multiple locations, there is a possible display crash loop due to improper input validation. This could lead to local denial of service with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238178261
CVE-2022-20541 1 Google 1 Android 2025-04-21 4.2 Medium
In phNxpNciHal_ioctl of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-238083126
CVE-2022-20527 1 Google 1 Android 2025-04-21 5.5 Medium
In HalCoreCallback of halcore.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure from the NFC firmware with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-229994861
CVE-2022-20523 1 Google 1 Android 2025-04-21 6.1 Medium
In IncFs_GetFilledRangesStartingFrom of incfs.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-228222508