Export limit exceeded: 46471 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (46471 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-39061 1 Changingtec 1 Megaservisignadapter 2025-03-27 6.5 Medium
ChangingTech MegaServiSignAdapter component has a vulnerability of Out-of-bounds Read due to insufficient validation for parameter length. An unauthenticated remote attacker can exploit this vulnerability to access partial sensitive content in memory and disrupts partial services.
CVE-2022-25881 2 Http-cache-semantics Project, Redhat 8 Http-cache-semantics, Acm, Enterprise Linux and 5 more 2025-03-27 5.3 Medium
This affects versions of the package http-cache-semantics before 4.1.1. The issue can be exploited via malicious request header values sent to a server, when that server reads the cache policy from the request using this library.
CVE-2024-29778 1 Google 1 Android 2025-03-27 4.7 Medium
In ProtocolPsDedicatedBearInfoAdapter::processQosSession of protocolpsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation.
CVE-2024-0153 1 Arm 2 5th Gen Gpu Architecture Firmware, Valhall Gpu Firmware 2025-03-27 7.8 High
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Arm Ltd Valhall GPU Firmware, Arm Ltd Arm 5th Gen GPU Architecture Firmware allows a local non-privileged user to make improper GPU processing operations to access a limited amount outside of buffer bounds. If the operations are carefully prepared, then this in turn could give them access to all system memory. This issue affects Valhall GPU Firmware: from r29p0 through r46p0; Arm 5th Gen GPU Architecture Firmware: from r41p0 through r46p0.
CVE-2025-26336 1 Dell 4 Chassis Management Controller For Poweredge Fx2, Chassis Management Controller For Poweredge Fx2 Firmware, Chassis Management Controller For Poweredge Vrtx and 1 more 2025-03-27 8.3 High
Dell Chassis Management Controller Firmware for Dell PowerEdge FX2, version(s) prior to 2.40.200.202101130302, and Dell Chassis Management Controller Firmware for Dell PowerEdge VRTX version(s) prior to 3.41.200.202209300499, contain(s) a Stack-based Buffer Overflow vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Remote execution.
CVE-2022-40134 1 Lenovo 650 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 647 more 2025-03-27 4.4 Medium
An information leak vulnerability in the SMI Set BIOS Password SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.
CVE-2022-40135 1 Lenovo 269 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 266 more 2025-03-27 4.4 Medium
An information leak vulnerability in the Smart USB Protection SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.
CVE-2025-29149 1 Tenda 2 I12, I12 Firmware 2025-03-27 7.5 High
Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the ping1 parameter in the formSetAutoPing function.
CVE-2022-40136 1 Lenovo 291 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 288 more 2025-03-27 4.4 Medium
An information leak vulnerability in SMI Handler used to configure platform settings over WMI in some Lenovo models may allow an attacker with local access and elevated privileges to read SMM memory.
CVE-2022-40137 1 Lenovo 571 Ideacentre 3-07ada05, Ideacentre 3-07ada05 Firmware, Ideacentre 3-07imb05 and 568 more 2025-03-27 6.7 Medium
A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code.
CVE-2022-34884 1 Lenovo 196 Thinkagile Hx1021, Thinkagile Hx1021 Firmware, Thinkagile Hx1320 and 193 more 2025-03-27 7.2 High
A buffer overflow exists in the Remote Presence subsystem which can potentially allow valid, authenticated users to cause a recoverable subsystem denial of service.
CVE-2022-28331 3 Apache, Microsoft, Redhat 4 Portable Runtime, Windows, Jboss Core Services and 1 more 2025-03-27 9.8 Critical
On Windows, Apache Portable Runtime 1.7.0 and earlier may write beyond the end of a stack based buffer in apr_socket_sendv(). This is a result of integer overflow.
CVE-2022-24963 2 Apache, Redhat 4 Portable Runtime, Enterprise Linux, Jboss Core Services and 1 more 2025-03-27 9.8 Critical
Integer Overflow or Wraparound vulnerability in apr_encode functions of Apache Portable Runtime (APR) allows an attacker to write beyond bounds of a buffer. This issue affects Apache Portable Runtime (APR) version 1.7.0.
CVE-2021-45429 1 Virustotal 1 Yara 2025-03-27 5.5 Medium
A Buffer Overflow vulnerablity exists in VirusTotal YARA git commit: 605b2edf07ed8eb9a2c61ba22eb2e7c362f47ba7 via yr_set_configuration in yara/libyara/libyara.c, which could cause a Denial of Service.
CVE-2021-32559 1 Mhammond 1 Pywin32 2025-03-27 6.5 Medium
An integer overflow exists in pywin32 prior to version b301 when adding an access control entry (ACE) to an access control list (ACL) that would cause the size to be greater than 65535 bytes. An attacker who successfully exploited this vulnerability could crash the vulnerable process.
CVE-2024-1553 3 Debian, Mozilla, Redhat 9 Debian Linux, Firefox, Firefox Esr and 6 more 2025-03-27 8.1 High
Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
CVE-2025-30345 1 Openslides 1 Openslides 2025-03-27 3.5 Low
An issue was discovered in OpenSlides before 4.2.5. When creating new chats via the chat_group.create action, the user is able to specify the name of the chat. Some HTML elements such as SCRIPT are filtered, whereas others are not. In most cases, HTML entities are encoded properly, but not when deleting chats or deleting messages in these chats. This potentially allows attackers to interfere with the layout of the rendered website, but it is unlikely that victims would click on deleted chats or deleted messages.
CVE-2024-1549 3 Debian, Mozilla, Redhat 8 Debian Linux, Firefox, Thunderbird and 5 more 2025-03-27 6.1 Medium
If a website set a large custom cursor, portions of the cursor could have overlapped with the permission dialog, potentially resulting in user confusion and unexpected granted permissions. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
CVE-2024-1546 3 Debian, Mozilla, Redhat 9 Debian Linux, Firefox, Firefox Esr and 6 more 2025-03-27 7.5 High
When storing and re-accessing data on a networking channel, the length of buffers may have been confused, resulting in an out-of-bounds memory read. This vulnerability affects Firefox < 123, Firefox ESR < 115.8, and Thunderbird < 115.8.
CVE-2023-24977 1 Apache 1 Inlong 2025-03-27 7.5 High
Out-of-bounds Read vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7214 https://github.com/apache/inlong/pull/7214  to solve it.