Search Results (23265 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-24405 2 Color, Internationalcolorconsortium 2 Iccdev, Iccdev 2026-04-18 8.8 High
iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have a Heap Buffer Overflow vulnerability in CIccMpeCalculator::Read(). This occurs when user-controllable input is unsafely incorporated into ICC profile data or other structured binary blobs. Successful exploitation may allow an attacker to perform DoS, manipulate data, bypass application logic and Code Execution. This issue has been fixed in version 2.3.1.2.
CVE-2026-1283 1 Dassault 1 Edrawings 2026-04-18 7.8 High
A Heap-based Buffer Overflow vulnerability affecting the EPRT file reading procedure in SOLIDWORKS eDrawings from Release SOLIDWORKS Desktop 2025 through Release SOLIDWORKS Desktop 2026 could allow an attacker to execute arbitrary code while opening a specially crafted EPRT file.
CVE-2026-0925 1 Tanium 3 Discover, Service Asset, Tanium 2026-04-18 2.7 Low
Tanium addressed an improper input validation vulnerability in Discover.
CVE-2026-1361 2 Delta Electronics, Deltaww 2 Asdasoft, Asda Soft 2026-04-18 7.8 High
ASDA-Soft Stack-based Buffer Overflow Vulnerability
CVE-2026-24799 1 Davisking 1 Dlib 2026-04-18 N/A
Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in davisking dlib (dlib/external/zlib modules). This vulnerability is associated with program files inflate.C. This issue affects dlib: before v19.24.9.
CVE-2026-24810 1 Rethinkdb 1 Rethinkdb 2026-04-18 N/A
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in rethinkdb (src/cjson modules). This vulnerability is associated with program files cJSON.Cc. This issue affects rethinkdb: through v2.4.4.
CVE-2026-24818 1 Praydog 1 Uevr 2026-04-18 N/A
Out-of-bounds Read vulnerability in praydog UEVR (dependencies/lua/src modules). This vulnerability is associated with program files lparser.C. This issue affects UEVR: before 1.05.
CVE-2026-24822 1 Ttttupup 1 Wxhelper 2026-04-18 N/A
Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in ttttupup wxhelper (src modules). This vulnerability is associated with program files mongoose.C. This issue affects wxhelper: through 3.9.10.19-v1.
CVE-2026-24344 1 Actions-micro 2 Ezcast Pro Ii, Ezcast Pro Ii Firmware 2026-04-18 N/A
Multiple Buffer Overflows in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to cause a program crash and potential remote code execution
CVE-2026-24826 1 Cadaver 1 Turso3d 2026-04-18 N/A
Out-of-bounds Write, Divide By Zero, NULL Pointer Dereference, Use of Uninitialized Resource, Out-of-bounds Read, Reachable Assertion vulnerability in cadaver turso3d.This issue affects .
CVE-2026-24829 1 Is-daouda 1 Is-engine 2026-04-18 6.5 Medium
Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in Is-Daouda is-Engine.This issue affects is-Engine: before 3.3.4.
CVE-2026-24873 1 Rinnegatamante 1 Lpp-vita 2026-04-18 7.8 High
Out-of-bounds Read vulnerability in Rinnegatamante lpp-vita.This issue affects lpp-vita: before lpp-vita r6.
CVE-2026-1457 1 Tp-link 2 Vigi C385, Vigi C385 Firmware 2026-04-18 8.8 High
An authenticated buffer handling flaw in TP-Link VIGI C385 V1 Web API lacking input sanitization, may allow memory corruption leading to remote code execution. Authenticated attackers may trigger buffer overflow and potentially execute arbitrary code with elevated privileges.
CVE-2026-25502 2 Color, Internationalcolorconsortium 2 Iccdev, Iccdev 2026-04-18 7.8 High
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.2, stack-based buffer overflow in icFixXml() function when processing malformed ICC profiles, allows potential arbitrary code execution through crafted NamedColor2 tags. This issue has been patched in version 2.3.1.2.
CVE-2026-20119 1 Cisco 5 Roomos, Telepresence Ce, Telepresence Ce Software and 2 more 2026-04-18 7.5 High
A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to insufficient validation of input received by an affected device. An attacker could exploit this vulnerability by getting the affected device to render crafted text, for example, a crafted meeting invitation. As indicated in the CVSS score, no user interaction is required, such as accepting the meeting invitation. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
CVE-2026-25582 2 Color, Internationalcolorconsortium 2 Iccdev, Iccdev 2026-04-18 7.8 High
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a heap buffer overflow (read) vulnerability in CIccIO::WriteUInt16Float() when converting malformed XML to ICC profiles via iccFromXml tool. This issue has been patched in version 2.3.1.3.
CVE-2026-25583 2 Color, Internationalcolorconsortium 2 Iccdev, Iccdev 2026-04-18 7.8 High
iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of ICC color management profiles. Prior to version 2.3.1.3, there is a heap buffer overflow vulnerability in CIccFileIO::Read8() when processing malformed ICC profile files via unchecked fread operation. This issue has been patched in version 2.3.1.3.
CVE-2026-2016 1 Happyfish100 1 Libfastcommon 2026-04-18 5.3 Medium
A security vulnerability has been detected in happyfish100 libfastcommon up to 1.0.84. Affected by this vulnerability is the function base64_decode of the file src/base64.c. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. The identifier of the patch is 82f66af3e252e3e137dba0c3891570f085e79adf. Applying a patch is the recommended action to fix this issue.
CVE-2026-2071 1 Utt 2 520w, 520w Firmware 2026-04-18 8.8 High
A vulnerability was found in UTT 进取 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formP2PLimitConfig. Performing a manipulation of the argument except results in buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2026-2086 1 Utt 3 810g, 810g Firmware, Hiper 810g 2026-04-18 8.8 High
A vulnerability was detected in UTT HiPER 810G up to 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formFireWall of the component Management Interface. The manipulation of the argument GroupName results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.