Export limit exceeded: 13663 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13663 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-40892 | 1 Tenda | 2 Ac8 Firmware, Ac8v4 | 2025-12-08 | 9.8 Critical |
| Tenda AC8 v4 US_AC8V4.0si_V16.03.34.06_cn was discovered to contain a stack overflow via parameter schedStartTime and schedEndTime at /goform/openSchedWifi. | ||||
| CVE-2024-45539 | 1 Synology | 2 Diskstation Manager, Diskstation Manager Unified Controller | 2025-12-05 | 7.5 High |
| Out-of-bounds write vulnerability in cgi components in Synology DiskStation Manager (DSM) before 7.2.1-69057-2 and 7.2.2-72806 and Synology Unified Controller (DSMUC) before 3.1.4-23079 allows remote attackers to conduct denial-of-service attacks via unspecified vectors. | ||||
| CVE-2025-58477 | 1 Samsung | 2 Android, Mobile Devices | 2025-12-05 | 4.3 Medium |
| Out-of-bounds write in parsing IFD tag in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory. | ||||
| CVE-2025-58478 | 1 Samsung | 2 Android, Mobile Devices | 2025-12-05 | 4.3 Medium |
| Out-of-bounds write in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory. | ||||
| CVE-2025-58480 | 1 Samsung | 2 Android, Mobile Devices | 2025-12-05 | 4.3 Medium |
| Heap-based buffer overflow in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory. | ||||
| CVE-2021-39261 | 3 Debian, Redhat, Tuxera | 4 Debian Linux, Advanced Virtualization, Enterprise Linux and 1 more | 2025-12-05 | 6.7 Medium |
| A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G < 2021.8.22. | ||||
| CVE-2025-64333 | 1 Oisf | 1 Suricata | 2025-12-05 | 7.5 High |
| Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a large HTTP content type, when logged can cause a stack overflow crashing Suricata. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves limiting stream.reassembly.depth to less then half the stack size. Increasing the process stack size makes it less likely the bug will trigger. | ||||
| CVE-2025-64332 | 1 Oisf | 1 Suricata | 2025-12-05 | 7.5 High |
| Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a stack overflow that causes Suricata to crash can occur if SWF decompression is enabled. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling SWF decompression (swf-decompression in suricata.yaml), it is disabled by default; set decompress-depth to lower than half your stack size if swf-decompression must be enabled. | ||||
| CVE-2025-64330 | 1 Oisf | 1 Suricata | 2025-12-05 | 7.5 High |
| Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, a single byte read heap overflow when logging the verdict in eve.alert and eve.drop records can lead to crashes. This requires the per packet alert queue to be filled with alerts and then followed by a pass rule. This issue has been patched in versions 7.0.13 and 8.0.2. To reduce the likelihood of this issue occurring, the alert queue size a should be increased (packet-alert-max in suricata.yaml) if verdict is enabled. | ||||
| CVE-2025-11624 | 1 Wolfssh | 1 Wolfssh | 2025-12-04 | 9.8 Critical |
| Potential stack buffer overwrite on the SFTP server side when receiving a malicious packet that has a handle size larger than the system handle or file descriptor size, but smaller than max handle size allowed. | ||||
| CVE-2025-62164 | 2 Vllm, Vllm-project | 2 Vllm, Vllm | 2025-12-04 | 8.8 High |
| vLLM is an inference and serving engine for large language models (LLMs). From versions 0.10.2 to before 0.11.1, a memory corruption vulnerability could lead to a crash (denial-of-service) and potentially remote code execution (RCE), exists in the Completions API endpoint. When processing user-supplied prompt embeddings, the endpoint loads serialized tensors using torch.load() without sufficient validation. Due to a change introduced in PyTorch 2.8.0, sparse tensor integrity checks are disabled by default. As a result, maliciously crafted tensors can bypass internal bounds checks and trigger an out-of-bounds memory write during the call to to_dense(). This memory corruption can crash vLLM and potentially lead to code execution on the server hosting vLLM. This issue has been patched in version 0.11.1. | ||||
| CVE-2022-50301 | 1 Linux | 1 Linux Kernel | 2025-12-04 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: iommu/omap: Fix buffer overflow in debugfs There are two issues here: 1) The "len" variable needs to be checked before the very first write. Otherwise if omap2_iommu_dump_ctx() with "bytes" less than 32 it is a buffer overflow. 2) The snprintf() function returns the number of bytes that *would* have been copied if there were enough space. But we want to know the number of bytes which were *actually* copied so use scnprintf() instead. | ||||
| CVE-2023-53205 | 1 Linux | 1 Linux Kernel | 2025-12-04 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: KVM: s390/diag: fix racy access of physical cpu number in diag 9c handler We do check for target CPU == -1, but this might change at the time we are going to use it. Hold the physical target CPU in a local variable to avoid out-of-bound accesses to the cpu arrays. | ||||
| CVE-2022-50325 | 1 Linux | 1 Linux Kernel | 2025-12-04 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix potential RX buffer overflow If an event caused firmware to return invalid RX size for LARGE_CONFIG_GET, memcpy_fromio() could end up copying too many bytes. Fix by utilizing min_t(). | ||||
| CVE-2017-5130 | 4 Debian, Google, Redhat and 1 more | 4 Debian Linux, Chrome, Rhel Extras and 1 more | 2025-12-03 | 8.8 High |
| An integer overflow in xmlmemory.c in libxml2 before 2.9.5, as used in Google Chrome prior to 62.0.3202.62 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted XML file. | ||||
| CVE-2025-64344 | 1 Oisf | 1 Suricata | 2025-12-03 | 7.5 High |
| Suricata is a network IDS, IPS and NSM engine developed by the OISF (Open Information Security Foundation) and the Suricata community. Prior to versions 7.0.13 and 8.0.2, working with large buffers in Lua scripts can lead to a stack overflow. Users of Lua rules and output scripts may be affected when working with large buffers. This includes a rule passing a large buffer to a Lua script. This issue has been patched in versions 7.0.13 and 8.0.2. A workaround for this issue involves disabling Lua rules and output scripts, or making sure limits, such as stream.depth.reassembly and HTTP response body limits (response-body-limit), are set to less than half the stack size. | ||||
| CVE-2021-33287 | 4 Debian, Fedoraproject, Redhat and 1 more | 5 Debian Linux, Fedora, Advanced Virtualization and 2 more | 2025-12-03 | 6.7 Medium |
| In NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application. | ||||
| CVE-2021-33285 | 4 Debian, Fedoraproject, Redhat and 1 more | 5 Debian Linux, Fedora, Advanced Virtualization and 2 more | 2025-12-03 | 6.7 Medium |
| In NTFS-3G versions < 2021.8.22, when a specially crafted NTFS attribute is supplied to the function ntfs_get_attribute_value, a heap buffer overflow can occur allowing for memory disclosure or denial of service. The vulnerability is caused by an out-of-bound buffer access which can be triggered by mounting a crafted ntfs partition. The root cause is a missing consistency check after reading an MFT record : the "bytes_in_use" field should be less than the "bytes_allocated" field. When it is not, the parsing of the records proceeds into the wild. | ||||
| CVE-2021-3517 | 6 Debian, Fedoraproject, Netapp and 3 more | 30 Debian Linux, Fedora, Active Iq Unified Manager and 27 more | 2025-12-02 | 8.6 High |
| There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-of-bounds read. The most likely impact of this flaw is to application availability, with some potential impact to confidentiality and integrity if an attacker is able to use memory information to further exploit the application. | ||||
| CVE-2021-39260 | 3 Debian, Redhat, Tuxera | 4 Debian Linux, Advanced Virtualization, Enterprise Linux and 1 more | 2025-12-02 | 6.7 Medium |
| A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G < 2021.8.22. | ||||