Export limit exceeded: 357541 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 22769 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (22769 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-51983 | 2026-04-15 | 7.5 High | ||
| An unauthenticated attacker who can connect to the Web Services feature (HTTP TCP port 80) can issue a WS-Scan SOAP request containing an unexpected JobToken value which will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device. | ||||
| CVE-2024-51982 | 2026-04-15 | 7.5 High | ||
| An unauthenticated attacker who can connect to TCP port 9100 can issue a Printer Job Language (PJL) command that will crash the target device. The device will reboot, after which the attacker can reissue the command to repeatedly crash the device. A malformed PJL variable FORMLINES is set to a non number value causing the target to crash. | ||||
| CVE-2024-51979 | 2026-04-15 | 7.2 High | ||
| An authenticated attacker may trigger a stack based buffer overflow by performing a malformed request to either the HTTP service (TCP port 80), the HTTPS service (TCP port 443), or the IPP service (TCP port 631). The malformed request will contain an empty Origin header value and a malformed Referer header value. The Referer header value will trigger a stack based buffer overflow when the host value in the Referer header is processed and is greater than 64 bytes in length. | ||||
| CVE-2024-51566 | 1 Freebsd | 1 Freebsd | 2026-04-15 | 6.5 Medium |
| The NVMe driver queue processing is vulernable to guest-induced infinite loops. | ||||
| CVE-2024-51565 | 1 Freebsd | 1 Freebsd | 2026-04-15 | 6.5 Medium |
| The hda driver is vulnerable to a buffer over-read from a guest-controlled value. | ||||
| CVE-2024-51562 | 1 Freebsd | 1 Freebsd | 2026-04-15 | 6.5 Medium |
| The NVMe driver function nvme_opc_get_log_page is vulnerable to a buffer over-read from a guest-controlled value. | ||||
| CVE-2024-41631 | 1 Host-host Neuq Board | 1 Host-host Neuq Board | 2026-04-15 | 7.5 High |
| Buffer Overflow vulnerability in host-host NEUQ_board v.1.0 allows a remote attacker to cause a denial of service via the password.h component. | ||||
| CVE-2024-41660 | 1 Openbmc-project | 1 Slpd-lite | 2026-04-15 | 9.8 Critical |
| slpd-lite is a unicast SLP UDP server. Any OpenBMC system that includes the slpd-lite package is impacted. Installing this package is the default when building OpenBMC. Nefarious users can send slp packets to the BMC using UDP port 427 to cause memory overflow issues within the slpd-lite daemon on the BMC. Patches will be available in the latest openbmc/slpd-lite repository. | ||||
| CVE-2024-41721 | 1 Freebsd | 1 Freebsd | 2026-04-15 | 8.1 High |
| An insufficient boundary validation in the USB code could lead to an out-of-bounds read on the heap, which could potentially lead to an arbitrary write and remote code execution. | ||||
| CVE-2024-48075 | 1 Realtimelogic | 1 Sharkssl | 2026-04-15 | 5.3 Medium |
| A Heap buffer overflow in the server-site handshake implementation in Real Time Logic SharkSSL from 09/09/24 and earlier allows a remote attacker to trigger a Denial-of-Service via a malformed TLS Client Key Exchange message. | ||||
| CVE-2024-47944 | 1 Rittal Gmbh And Co.kg | 1 Iot Interface And Cmc Iii Processing Unit | 2026-04-15 | 6.8 Medium |
| The device directly executes .patch firmware upgrade files on a USB stick without any prior authentication in the admin interface. This leads to an unauthenticated code execution via the firmware upgrade function. | ||||
| CVE-2024-47939 | 2026-04-15 | N/A | ||
| Stack-based buffer overflow vulnerability exists in multiple laser printers and MFPs which implement Ricoh Web Image Monitor. If this vulnerability is exploited, receiving a specially crafted request created and sent by an attacker may lead to arbitrary code execution and/or a denial-of-service (DoS) condition. As for the details of affected product names and versions, refer to the information provided by the vendors under [References]. | ||||
| CVE-2024-4760 | 1 Amtel | 4 Same70, Sams70, Samv70 and 1 more | 2026-04-15 | 6.3 Medium |
| A voltage glitch during the startup of EEFC NVM controllers on Microchip SAM E70/S70/V70/V71, SAM G55, SAM 4C/4S/4N/4E, and SAM 3S/3N/3U microcontrollers allows access to the memory bus via the debug interface even if the security bit is set. | ||||
| CVE-2024-46993 | 1 Electron | 1 Electron | 2026-04-15 | N/A |
| Electron is an open source framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. In versions prior to 28.3.2, 29.3.3, and 30.0.3, the nativeImage.createFromPath() and nativeImage.createFromBuffer() functions call a function downstream that is vulnerable to a heap buffer overflow. An Electron program that uses either of the affected functions is vulnerable to a buffer overflow if an attacker is in control of the image's height, width, and contents. This issue has been patched in versions 28.3.2, 29.3.3, and 30.0.3. There are no workarounds for this issue. | ||||
| CVE-2023-22656 | 2026-04-15 | 3.9 Low | ||
| Out-of-bounds read in Intel(R) Media SDK and some Intel(R) oneVPL software before version 23.3.5 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2024-43168 | 1 Redhat | 3 Enterprise Linux, Openshift, Openstack | 2026-04-15 | 4.8 Medium |
| DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of the application. Red Hat has made a claim that there is a security risk within Red Hat products. NLnet Labs has no further information about the claim, and suggests that affected Red Hat customers refer to available Red Hat documentation or support channels. ORIGINAL DESCRIPTION: A heap-buffer-overflow flaw was found in the cfg_mark_ports function within Unbound's config_file.c, which can lead to memory corruption. This issue could allow an attacker with local access to provide specially crafted input, potentially causing the application to crash or allowing arbitrary code execution. This could result in a denial of service or unauthorized actions on the system. | ||||
| CVE-2024-46215 | 1 Mercury | 1 Km08-708h Firmware | 2026-04-15 | 6.5 Medium |
| A vulnerability was discovered in KM08-708H-v1.1, There is a buffer overflow in the sub_445BDC() function within the /usr/sbin/goahead program; The strcpy function is executed without checking the length of the string, leading to a buffer overflow. | ||||
| CVE-2024-44415 | 1 Dlink | 1 Di-8200 Firmware | 2026-04-15 | 6.5 Medium |
| A vulnerability was discovered in DI_8200-16.07.26A1, There is a buffer overflow in the dbsrv_asp function; The strcpy function is executed without checking the length of the string, leading to a buffer overflow. | ||||
| CVE-2024-44331 | 1 Gstreamer Project | 1 Gst-rtsp-server | 2026-04-15 | 7.5 High |
| Incorrect Access Control in GStreamer RTSP server 1.25.0 in gst-rtsp-server/rtsp-media.c allows remote attackers to cause a denial of service via a series of specially crafted hexstream requests. | ||||
| CVE-2024-43661 | 2026-04-15 | 9.8 Critical | ||
| The <redacted>.so library, which is used by <redacted>, is vulnerable to a buffer overflow in the code that handles the deletion of certificates. This buffer overflow can be triggered by providing a long file path to the <redacted> action of the <redacted>.exe CGI binary or to the <redacted>.sh CGI script. This binary or script will write this file path to <redacted>, which is then read by <redacted>.so This issue affects Iocharger firmware for AC models before version 24120701. Likelihood: Moderate – An attacker will have to find this exploit by either obtaining the binaries involved in this vulnerability, or by trial and error. Furthermore, the attacker will need a (low privilege) account to gain access to the <redacted>.exe CGI binary or <redacted>.sh script to trigger the vulnerability, or convince a user with such access send an HTTP request that triggers it. Impact: High – The <redacted> process, which we assume is responsible for OCPP communication, will keep crashing after performing the exploit. This happens because the buffer overflow causes the process to segfault before <redacted> is removed. This means that, even though <redacted> is automatically restarted, it will crash again as soon as it tries to parse the text file. CVSS clarification. The attack can be executed over any network connection the station is listening to and serves the web interface (AV:N), and there are no additional security measure sin place that need to be circumvented (AC:L), the attack does not rely on preconditions (AT:N). The attack does require authentication, but the level of authentication is irrelevant (PR:L), it does not require user interaction (UI:N). The attack leads to reducred availability of the device (VC:N/VI:N/VA:H). THere is not impact on subsequent systems. (SC:N/SI:N/SA:N). Alltough this device is an EV charger handing significant amounts of power, we do not forsee a safety impact. The attack can be automated (AU:Y). Because the DoS condition is written to disk persistantly, it cannot be recovered by the user (R:I). | ||||