Export limit exceeded: 15456 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (15456 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2009-1057 | 1 Microsmarts | 1 Zipitfast\! | 2025-04-09 | N/A |
| MicroSmarts Enterprise ZipItFast! 3.0 allows remote attackers to execute arbitrary code via a crafted .zip file that triggers memory corruption, related to a "format string buffer overflow." NOTE: CVE has not investigated whether the specified file.zip file can be used for exploitation of this product. | ||||
| CVE-2009-1041 | 1 Freebsd | 1 Freebsd | 2025-04-09 | N/A |
| The ktimer feature (sys/kern/kern_time.c) in FreeBSD 7.0, 7.1, and 7.2 allows local users to overwrite arbitrary kernel memory via an out-of-bounds timer value. | ||||
| CVE-2009-1040 | 1 Winasm | 1 Winasm Studio | 2025-04-09 | N/A |
| Buffer overflow in WinAsm Studio 5.1.5.0 allows user-assisted remote attackers to execute arbitrary code via a crafted project (.wap) file. | ||||
| CVE-2009-1039 | 1 Cdexos | 1 Cdex | 2025-04-09 | N/A |
| Buffer overflow in CDex 1.70b2 allows remote attackers to execute arbitrary code via a crafted Info header in an Ogg Vorbis (.ogg) file. | ||||
| CVE-2009-1029 | 1 Poppeeper | 1 Pop Peeper | 2025-04-09 | N/A |
| Stack-based buffer overflow in POP Peeper 3.4.0.0 and earlier allows remote POP3 servers to execute arbitrary code via a long Date header, related to Imap.dll. | ||||
| CVE-2022-47935 | 1 Siemens | 3 Jt Open Toolkit, Jt Utilities, Solid Edge | 2025-04-08 | 7.8 High |
| A vulnerability has been identified in JT Open (All versions < V11.1.1.0), JT Utilities (All versions < V13.1.1.0), Solid Edge (All versions < V2023). The Jt1001.dll contains a memory corruption vulnerability while parsing specially crafted JT files. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-19078) | ||||
| CVE-2025-3166 | 1 Code-projects | 1 Product Management System | 2025-04-08 | 5.3 Medium |
| A vulnerability classified as critical was found in code-projects Product Management System 1.0. This vulnerability affects the function search_item of the component Search Product Menu. The manipulation of the argument target leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2022-3628 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2025-04-08 | 6.6 Medium |
| A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges. | ||||
| CVE-2022-47967 | 1 Siemens | 1 Solid Edge | 2025-04-08 | 7.8 High |
| A vulnerability has been identified in Solid Edge (All versions < V2023 MP1). The DOCMGMT.DLL contains a memory corruption vulnerability that could be triggered while parsing files in different file formats such as PAR, ASM, DFT. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2025-3203 | 1 Tenda | 2 W18e, W18e Firmware | 2025-04-08 | 4.3 Medium |
| A vulnerability classified as problematic was found in Tenda W18E 16.01.0.11. Affected by this vulnerability is the function formSetAccountList of the file /goform/setModules. The manipulation of the argument Password leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-2369 | 1 Totolink | 2 Ex1800t, Ex1800t Firmware | 2025-04-07 | 8.8 High |
| A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been classified as critical. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument admpass leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-2370 | 1 Totolink | 2 Ex1800t, Ex1800t Firmware | 2025-04-07 | 8.8 High |
| A vulnerability was found in TOTOLINK EX1800T up to 9.1.0cu.2112_B20220316. It has been declared as critical. Affected by this vulnerability is the function setWiFiExtenderConfig of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument apcliSsid leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-20531 | 1 Amd | 100 Epyc 7002, Epyc 7002 Firmware, Epyc 7003 and 97 more | 2025-04-07 | 7.5 High |
| Insufficient bound checks in the SMU may allow an attacker to update the SRAM from/to address space to an invalid value potentially resulting in a denial of service. | ||||
| CVE-2023-20529 | 1 Amd | 100 Epyc 7002, Epyc 7002 Firmware, Epyc 7003 and 97 more | 2025-04-07 | 7.5 High |
| Insufficient bound checks in the SMU may allow an attacker to update the from/to address space to an invalid value potentially resulting in a denial of service. | ||||
| CVE-2025-3259 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2025-04-07 | 8.8 High |
| A vulnerability, which was classified as critical, has been found in Tenda RX3 16.03.13.11. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3266 | 1 Qinguoyi | 1 Tinywebserver | 2025-04-07 | 7.3 High |
| A vulnerability, which was classified as critical, has been found in qinguoyi TinyWebServer up to 1.0. Affected by this issue is some unknown functionality of the file /http/http_conn.cpp. The manipulation of the argument name/password leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3328 | 1 Tenda | 2 Ac1206, Ac1206 Firmware | 2025-04-07 | 8.8 High |
| A vulnerability was found in Tenda AC1206 15.03.06.23. It has been classified as critical. Affected is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. The manipulation of the argument ssid/timeZone leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. | ||||
| CVE-2022-42286 | 1 Nvidia | 2 Dgx A100, Sbios | 2025-04-07 | 6 Medium |
| DGX A100 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, or escalation of privileges. | ||||
| CVE-2022-42278 | 1 Nvidia | 2 Bmc, Dgx A100 | 2025-04-07 | 7.2 High |
| NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can read and write to arbitrary locations within the memory context of the IPMI server process, which may lead to code execution, denial of service, information disclosure and data tampering. | ||||
| CVE-2024-9606 | 1 Litellm | 1 Litellm | 2025-04-07 | 7.5 High |
| In berriai/litellm before version 1.44.12, the `litellm/litellm_core_utils/litellm_logging.py` file contains a vulnerability where the API key masking code only masks the first 5 characters of the key. This results in the leakage of almost the entire API key in the logs, exposing a significant amount of the secret key. The issue affects version v1.44.9. | ||||