Export limit exceeded: 351647 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44151 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-24346 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 8.8 High |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the wan_connected parameter at /goform/formEasySetupWizard3. | ||||
| CVE-2023-24345 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 8.8 High |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSetWanDhcpplus. | ||||
| CVE-2023-24344 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 8.8 High |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the webpage parameter at /goform/formWlanGuestSetup. | ||||
| CVE-2023-24343 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2025-03-24 | 8.8 High |
| D-Link N300 WI-FI Router DIR-605L v2.13B01 was discovered to contain a stack overflow via the curTime parameter at /goform/formSchedule. | ||||
| CVE-2023-21012 | 1 Google | 1 Android | 2025-03-24 | 3.7 Low |
| In multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-257029812 | ||||
| CVE-2023-21430 | 1 Samsung | 1 Android | 2025-03-24 | 4.4 Medium |
| An out-of-bound read vulnerability in mapToBuffer function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR JAN-2023 Release 1 allows attacker to cause memory access fault. | ||||
| CVE-2023-0760 | 1 Gpac | 1 Gpac | 2025-03-24 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository gpac/gpac prior to V2.1.0-DEV. | ||||
| CVE-2024-57492 | 1 Redox-os | 1 Redox | 2025-03-24 | 6 Medium |
| An issue in redoxOS relibc before commit 98aa4ea5 allows a local attacker to cause a denial of service via the round_up_to_page funciton. | ||||
| CVE-2023-21420 | 1 Samsung | 1 Android | 2025-03-24 | 7.3 High |
| Use of Externally-Controlled Format String vulnerabilities in STST TA prior to SMR Jan-2023 Release 1 allows arbitrary code execution. | ||||
| CVE-2020-36661 | 1 Konghq | 1 Multipart | 2025-03-24 | 3.5 Low |
| A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic. This vulnerability affects the function is_header of the file src/multipart.lua. The manipulation leads to inefficient regular expression complexity. Upgrading to version 0.5.9-1 is able to address this issue. The patch is identified as d632e5df43a2928fd537784a99a79dec288bf01b. It is recommended to upgrade the affected component. VDB-220642 is the identifier assigned to this vulnerability. | ||||
| CVE-2023-23698 | 1 Dell | 2 Alienware Update, Command Update | 2025-03-24 | 5.5 Medium |
| Dell Command | Update, Dell Update, and Alienware Update versions before 4.6.0 and 4.7.1 contain Insecure Operation on Windows Junction in the installer component. A local malicious user may potentially exploit this vulnerability leading to arbitrary file delete. | ||||
| CVE-2022-34454 | 1 Dell | 1 Emc Powerscale Onefs | 2025-03-24 | 6.7 Medium |
| Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a heap-based buffer overflow. A local privileged malicious user could potentially exploit this vulnerability, leading to system takeover. This impacts compliance mode clusters. | ||||
| CVE-2022-21939 | 1 Johnsoncontrols | 1 Metasys System Configuration Tool | 2025-03-24 | 7.5 High |
| Sensitive Cookie Without 'HttpOnly' Flag vulnerability in Johnson Controls System Configuration Tool (SCT) version 14 prior to 14.2.3 and version 15 prior to 15.0.3 could allow access to the cookie. | ||||
| CVE-2024-24418 | 1 Linuxfoundation | 1 Magma | 2025-03-24 | 7.5 High |
| The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_pdn_address function at /nas/ies/PdnAddress.cpp. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet. | ||||
| CVE-2022-34450 | 1 Dell | 1 Powerpath Management Appliance | 2025-03-24 | 6.7 Medium |
| PowerPath Management Appliance with version 3.3 contains Privilege Escalation vulnerability. An authenticated admin user could potentially exploit this issue and gain unrestricted control/code execution on the system as root. | ||||
| CVE-2023-0780 | 1 Agentejo | 1 Cockpit | 2025-03-24 | 5.4 Medium |
| Improper Restriction of Rendered UI Layers or Frames in GitHub repository cockpit-hq/cockpit prior to 2.3.9-dev. | ||||
| CVE-2024-2495 | 1 Friendlyelec | 1 Friendlywrt | 2025-03-24 | 5.2 Medium |
| Cryptographic key vulnerability encoded in the FriendlyWrt firmware affecting version 2022-11-16.51b3d35. This vulnerability could allow an attacker to compromise the confidentiality and integrity of encrypted data. | ||||
| CVE-2024-41311 | 2 Debian, Struktur | 2 Debian Linux, Libheif | 2025-03-24 | 8.1 High |
| In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write. | ||||
| CVE-2024-13903 | 1 Quickjs-ng | 1 Quickjs | 2025-03-24 | 4.3 Medium |
| A vulnerability was found in quickjs-ng QuickJS up to 0.8.0. It has been declared as problematic. Affected by this vulnerability is the function JS_GetRuntime of the file quickjs.c of the component qjs. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. Upgrading to version 0.9.0 is able to address this issue. The patch is named 99c02eb45170775a9a679c32b45dd4000ea67aff. It is recommended to upgrade the affected component. | ||||
| CVE-2025-30347 | 1 Varnish-software | 1 Varnish Enterprise | 2025-03-24 | 4 Medium |
| Varnish Enterprise before 6.0.13r13 allows remote attackers to obtain sensitive information via an out-of-bounds read for range requests on ephemeral MSE4 stevedore objects. | ||||