Export limit exceeded: 338516 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 338516 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19453 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-32370 | 2 Hsc, Hsclabs | 2 Mailinspector, Mailinspector | 2025-06-17 | 9.8 Critical |
| An issue in HSC Cybersecurity HC Mailinspector 5.2.17-3 through 5.2.18 allows a remote attacker to obtain sensitive information via a crafted payload to the id parameter in the mliSystemUsers.php component. | ||||
| CVE-2024-23060 | 1 Totolink | 2 A3300r, A3300r Firmware | 2025-06-17 | 9.8 Critical |
| TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDmzCfg function. | ||||
| CVE-2024-21821 | 1 Tp-link | 6 Archer Ax3000, Archer Ax3000 Firmware, Archer Ax5400 and 3 more | 2025-06-17 | 8 High |
| Multiple TP-LINK products allow a network-adjacent authenticated attacker with access to the product from the LAN port or Wi-Fi to execute arbitrary OS commands. | ||||
| CVE-2022-36660 | 1 Xhyve Project | 1 Xhyve | 2025-06-17 | 9.8 Critical |
| xhyve commit dfbe09b was discovered to contain a stack buffer overflow via the component pci_vtrnd_notify(). | ||||
| CVE-2022-36513 | 1 H3c | 2 Gr-1200w, Gr-1200w Firmware | 2025-06-17 | 9.8 Critical |
| H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function edditactionlist. | ||||
| CVE-2022-36511 | 1 H3c | 2 Gr-1200w, Gr-1200w Firmware | 2025-06-17 | 9.8 Critical |
| H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function EditApAdvanceInfo. | ||||
| CVE-2022-36510 | 1 H3c | 2 Gr2200, Gr2200 Firmware | 2025-06-17 | 7.8 High |
| H3C GR2200 MiniGR1A0V100R014 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList. | ||||
| CVE-2022-36509 | 1 H3c | 2 Gr3200, Gr3200 Firmware | 2025-06-17 | 7.8 High |
| H3C GR3200 MiniGR1B0V100R014 was discovered to contain a command injection vulnerability via the param parameter at DelL2tpLNSList. | ||||
| CVE-2022-36508 | 1 H3c | 2 Magic Nx18 Plus, Magic Nx18 Plus Firmware | 2025-06-17 | 7.8 High |
| H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetAPInfoById. | ||||
| CVE-2022-36504 | 1 H3c | 2 Magic Nx18 Plus, Magic Nx18 Plus Firmware | 2025-06-17 | 7.8 High |
| H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Edit_BasicSSID. | ||||
| CVE-2025-47868 | 1 Apache | 1 Nuttx | 2025-06-17 | 9.8 Critical |
| Out-of-bounds Write resulting in possible Heap-based Buffer Overflow vulnerability was discovered in tools/bdf-converter font conversion utility that is part of Apache NuttX RTOS repository. This standalone program is optional and neither part of NuttX RTOS nor Applications runtime, but active bdf-converter users may be affected when this tool is exposed to external provided user data data (i.e. publicly available automation). This issue affects Apache NuttX: from 6.9 before 12.9.0. Users are recommended to upgrade to version 12.9.0, which fixes the issue. | ||||
| CVE-2025-39240 | 2025-06-17 | 7.2 High | ||
| Some Hikvision Wireless Access Point are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leading to arbitrary command execution. | ||||
| CVE-2022-46721 | 1 Apple | 1 Macos | 2025-06-17 | 7.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13. An app may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2023-50671 | 1 Aertherwide | 1 Exiftags | 2025-06-17 | 7.8 High |
| In exiftags 1.01, nikon_prop1 in nikon.c has a heap-based buffer overflow (write of size 28) because snprintf can write to an unexpected address. | ||||
| CVE-2024-1283 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-06-17 | 8.8 High |
| Heap buffer overflow in Skia in Google Chrome prior to 121.0.6167.160 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2023-32877 | 2 Google, Mediatek | 22 Android, Mt6762, Mt6765 and 19 more | 2025-06-17 | 6.7 Medium |
| In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308070. | ||||
| CVE-2020-13878 | 1 Irfanview | 1 B3d | 2025-06-17 | 9.8 Critical |
| IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+27ef heap-based out-of-bounds write. | ||||
| CVE-2024-33792 | 1 Netis-systems | 2 Mex605, Mex605 Firmware | 2025-06-17 | 9.8 Critical |
| netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the tracert page. | ||||
| CVE-2024-33793 | 1 Netis-systems | 2 Mex605, Mex605 Firmware | 2025-06-17 | 5.3 Medium |
| netis-systems MEX605 v2.00.06 allows attackers to execute arbitrary OS commands via a crafted payload to the ping test page. | ||||
| CVE-2024-20002 | 2 Google, Mediatek | 59 Android, Mt5583, Mt5586 and 56 more | 2025-06-17 | 6.7 Medium |
| In TVAPI, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: DTV03961715; Issue ID: DTV03961715. | ||||