Export limit exceeded: 366588 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 366588 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 46490 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (46490 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-3070 1 Google 1 Chrome 2025-04-07 6.5 Medium
Insufficient validation of untrusted input in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)
CVE-2025-1153 1 Gnu 1 Binutils 2025-04-04 3.1 Low
A vulnerability classified as problematic was found in GNU Binutils 2.43/2.44. Affected by this vulnerability is the function bfd_set_format of the file format.c. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 2.45 is able to address this issue. The identifier of the patch is 8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150. It is recommended to upgrade the affected component.
CVE-2025-1147 1 Gnu 1 Binutils 2025-04-04 3.1 Low
A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function __sanitizer::internal_strlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.
CVE-2022-4645 3 Fedoraproject, Libtiff, Redhat 3 Fedora, Libtiff, Enterprise Linux 2025-04-04 6.8 Medium
LibTIFF 4.4.0 has an out-of-bounds read in tiffcp in tools/tiffcp.c:948, allowing attackers to cause a denial-of-service via a crafted tiff file. For users that compile libtiff from sources, the fix is available with commit e8131125.
CVE-2022-37436 2 Apache, Redhat 3 Http Server, Enterprise Linux, Jboss Core Services 2025-04-04 5.3 Medium
Prior to Apache HTTP Server 2.4.55, a malicious backend can cause the response headers to be truncated early, resulting in some headers being incorporated into the response body. If the later headers have any security purpose, they will not be interpreted by the client.
CVE-2024-35387 1 Totolink 2 Lr350, Lr350 Firmware 2025-04-04 9.8 Critical
TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the http_host parameter in the function loginAuth.
CVE-2024-5699 1 Mozilla 1 Firefox 2025-04-04 9.8 Critical
In violation of spec, cookie prefixes such as `__Secure` were being ignored if they were not correctly capitalized - by spec they should be checked with a case-insensitive comparison. This could have resulted in the browser not correctly honoring the behaviors specified by the prefix. This vulnerability affects Firefox < 127.
CVE-2024-53976 1 Mozilla 1 Firefox 2025-04-04 5.4 Medium
Under certain circumstances, navigating to a webpage would result in the address missing from the location URL bar, making it unclear what the URL was for the loaded webpage. This vulnerability affects Firefox for iOS < 133.
CVE-2025-0998 2025-04-04 8.8 High
Not exploitable
CVE-2022-47881 1 Foxit 2 Pdf Editor, Pdf Reader 2025-04-04 6.5 Medium
Foxit PDF Reader and PDF Editor 11.2.1.53537 and earlier has an Out-of-Bounds Read vulnerability.
CVE-2024-34308 1 Totolink 2 Lr350, Lr350 Firmware 2025-04-04 8.8 High
TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a stack overflow via the password parameter in the function urldecode.
CVE-2024-34942 1 Tenda 2 Fh1206, Fh1206 Firmware 2025-04-04 8.8 High
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter at ip/goform/exeCommand.
CVE-2024-34943 1 Tenda 2 Fh1206, Fh1206 Firmware 2025-04-04 9.8 Critical
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the page parameter at ip/goform/NatStaticSetting.
CVE-2024-34944 1 Tenda 2 Fh1206, Fh1206 Firmware 2025-04-04 8.8 High
Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the list1 parameter at ip/goform/DhcpListClient.
CVE-2024-5700 2 Mozilla, Redhat 7 Firefox, Thunderbird, Enterprise Linux and 4 more 2025-04-04 7.0 High
Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 127, Firefox ESR < 115.12, and Thunderbird < 115.12.
CVE-2024-53334 1 Totolink 2 A810r, A810r Firmware 2025-04-04 8.8 High
TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflow in infostat.cgi.
CVE-2024-53335 1 Totolink 2 A810r, A810r Firmware 2025-04-04 7.8 High
TOTOLINK A810R V4.1.2cu.5182_B20201026 is vulnerable to Buffer Overflow in downloadFlile.cgi.
CVE-2024-9396 2 Mozilla, Redhat 9 Firefox, Firefox Esr, Thunderbird and 6 more 2025-04-04 8.8 High
It is currently unknown if this issue is exploitable but a condition may arise where the structured clone of certain objects could lead to memory corruption. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
CVE-2024-9400 2 Mozilla, Redhat 9 Firefox, Firefox Esr, Thunderbird and 6 more 2025-04-04 8.8 High
A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.
CVE-2024-9402 2 Mozilla, Redhat 9 Firefox, Firefox Esr, Thunderbird and 6 more 2025-04-04 9.8 Critical
Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 131, Firefox ESR < 128.3, Thunderbird < 128.3, and Thunderbird < 131.