Export limit exceeded: 23548 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (23548 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-23301 1 Nvidia 5 Dgx, Dgx-1, Dgx-2 and 2 more 2026-04-15 4.2 Medium
NVIDIA HGX and DGX contain a vulnerability where a misconfiguration of the VBIOS could enable an attacker to set an unsafe debug access level. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-8808 1 Tianti Project 1 Tianti 2026-04-15 4.3 Medium
A vulnerability was found in xujeff tianti 天梯 up to 2.3. It has been rated as problematic. This issue affects the function exportOrder of the file /tianti-module-admin/user/ajax/save of the component com.jeff.tianti.controller. The manipulation leads to csv injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2025-32776 2026-04-15 5.5 Medium
OpenRazer is an open source driver and user-space daemon to control Razer device lighting and other features on GNU/Linux. By writing specially crafted data to the `matrix_custom_frame` file, an attacker can cause the custom kernel driver to read more bytes than provided by user space. This data will be written into the RGB arguments which will be sent to the USB device. This issue has been patched in v3.10.2.
CVE-2024-30516 2 Saasproject, Wordpress 2 Booking Package, Wordpress 2026-04-15 7.5 High
Improper Validation of Specified Quantity in Input vulnerability in SaasProject Booking Package allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Booking Package: from n/a through 1.6.27.
CVE-2025-14196 1 H3c 1 Magic B1 2026-04-15 8.8 High
A weakness has been identified in H3C Magic B1 up to 100R004. The affected element is the function sub_44de0 of the file /goform/aspForm. This manipulation of the argument param causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
CVE-2024-8000 2026-04-15 5.3 Medium
On affected platforms running Arista EOS with 802.1X configured, certain conditions may occur where a dynamic ACL is received from the AAA server resulting in only the first line of the ACL being installed after an Accelerated Software Upgrade (ASU) restart. Note: supplicants with pending captive-portal authentication during ASU would be impacted with this bug.
CVE-2025-42916 1 Sap 1 S/4hana 2026-04-15 8.1 High
Due to missing input validation, an attacker with high privilege access to ABAP reports could delete the content of arbitrary database tables, if the tables are not protected by an authorization group. This leads to a high impact on integrity and availability of the database but no impact on confidentiality.
CVE-2023-20601 1 Amd 2 Radeon Pro Vii, Radeon Vii 2026-04-15 N/A
Improper input validation within RAS TA Driver can allow a local attacker to access out-of-bounds memory, potentially resulting in a denial-of-service condition.
CVE-2025-31354 2026-04-15 4.3 Medium
Subnet Solutions PowerSYSTEM Center's SMTPS notification service can be affected by importing an EC certificate with crafted F2m parameters, which can lead to excessive CPU consumption during the evaluation of the curve parameters.
CVE-2023-50739 1 Lexmark 1 Printer Firmware 2026-04-15 8.8 High
A buffer overflow vulnerability has been identified in the Internet Printing Protocol (IPP) in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.
CVE-2024-8159 1 Faronics 1 Deep Freeze 2026-04-15 6.4 Medium
Deep Freeze 9.00.020.5760 is vulnerable to an out-of-bounds read vulnerability by triggering the 0x70014 IOCTL code of the FarDisk.sys driver.
CVE-2025-61873 1 Bestpractical 1 Request Tracker 2026-04-15 2.6 Low
Best Practical Request Tracker (RT) before 4.4.9, 5.0.9, and 6.0.2 allows CSV Injection via ticket values when TSV export is used.
CVE-2025-11775 1 Asus 1 Armoury Crate 2026-04-15 N/A
An out-of-bounds read vulnerability has been identified in the asComSvc service. This vulnerability can be triggered by sending specially crafted requests, which may lead to a service crash or partial loss of functionality. This vulnerability only affects ASUS motherboard series products. Refer to the 'Security Update for Armoury Crate App' section on the ASUS Security Advisory for more information.
CVE-2009-20007 1 Talkative 1 Irc 2026-04-15 N/A
Talkative IRC v0.4.4.16 is vulnerable to a stack-based buffer overflow when processing specially crafted response strings sent to a connected client. An attacker can exploit this flaw by sending an overly long message that overflows a fixed-length buffer, potentially leading to arbitrary code execution in the context of the vulnerable process. This vulnerability is exploitable remotely and does not require authentication.
CVE-2024-6351 2026-04-15 4.3 Medium
A malformed packet can cause a buffer overflow in the NWK/APS layer of the Ember ZNet stack and lead to an assert
CVE-2025-7623 1 Supermicro 1 Mbd-x13sedw-f 2026-04-15 5.4 Medium
Stack-based buffer overflow in the SMASH-CLP shell. An authenticated attacker with SSH access to the BMC can exploit a stack buffer overflow via a crafted SMASH command, overwrite the return address and registers, and achieve arbitrary code execution on the BMC firmware operating system
CVE-2025-31700 1 Dahua 2 Ipc, Sd 2026-04-15 8.1 High
A vulnerability has been found in Dahua products. Attackers could exploit a buffer overflow vulnerability by sending specially crafted malicious packets, potentially causing service disruption (e.g., crashes) or remote code execution (RCE). Some devices may have deployed protection mechanisms such as Address Space Layout Randomization (ASLR), which reduces the likelihood of successful RCE exploitation. However, denial-of-service (DoS) attacks remain a concern.
CVE-2024-34020 1 Hcode 1 Hcode 2026-04-15 6.5 Medium
A stack-based buffer overflow was found in the putSDN() function of mail.c in hcode through 2.1.
CVE-2025-8424 1 Netscaler 2 Adc, Gateway 2026-04-15 N/A
Improper access control on the NetScaler Management Interface in NetScaler ADC and NetScaler Gateway when an attacker can get access to the appliance NSIP, Cluster Management IP or local GSLB Site IP or SNIP with Management Access
CVE-2025-49849 2026-04-15 N/A
An Out-of-bounds Read vulnerability exists within the parsing of PRJ files. The issues result from the lack of proper validation of user-supplied data, which can result in different memory corruption issues within the application, such as reading and writing past the end of allocated data structures.