Export limit exceeded: 13942 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 14465 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14465 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-55286 | 2025-08-18 | N/A | ||
| z2d is a pure Zig 2D graphics library. z2d v0.7.0 released with a new multi-sample anti-aliasing (MSAA) method, which uses a new buffering mechanism for storing coverage data. This differs from the standard alpha mask surface used for the previous super-sample anti-aliasing (SSAA) method. Under certain circumstances where the path being drawn existed in whole or partly outside of the rendering surface, incorrect bounding could cause out-of-bounds access within the coverage buffer. This affects the higher-level drawing operations, such as Context.fill, Context.stroke, painter.fill, and painter.stroke, when either the .default or .multisample_4x anti-aliasing modes were used. .supersample_4x was not affected, nor was drawing without anti-aliasing. In non-safe optimization modes (consumers compiling with ReleaseFast or ReleaseSmall), this could potentially lead to invalid memory accesses or corruption. z2d v0.7.1 fixes this issue, and it's recommended to upgrade to v0.7.1, or, given the small period of time v0.7.0 has been released, use v0.7.1 immediately, skipping v0.7.0. | ||||
| CVE-2025-9046 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2025-08-18 | 8.8 High |
| A vulnerability was identified in Tenda AC20 16.03.08.12. This issue affects the function sub_46A2AC of the file /goform/setMacFilterCfg. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8949 | 2 D-link, Dlink | 3 Dir-825, Dir-825, Dir-825 Firmware | 2025-08-18 | 7.2 High |
| A vulnerability was identified in D-Link DIR-825 2.10. Affected by this vulnerability is the function get_ping_app_stat of the file ping_response.cgi of the component httpd. The manipulation of the argument ping_ipaddr leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2021-34595 | 2 Codesys, Wago | 57 Codesys, Plcwinnt, Runtime Toolkit and 54 more | 2025-08-15 | 8.1 High |
| A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite. | ||||
| CVE-2025-8810 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2025-08-14 | 8.8 High |
| A vulnerability classified as critical was found in Tenda AC20 16.03.08.05. Affected by this vulnerability is the function strcpy of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2016-8598 | 1 Libcsp | 1 Libcsp | 2025-08-14 | N/A |
| Buffer overflow in the zmq interface in csp_if_zmqhub.c in the libcsp library v1.4 and earlier allows hostile computers connected via a zmq interface to execute arbitrary code via a long packet. | ||||
| CVE-2016-8596 | 1 Libcsp | 1 Libcsp | 2025-08-14 | N/A |
| Buffer overflow in the csp_can_process_frame in csp_if_can.c in the libcsp library v1.4 and earlier allows hostile components connected to the canbus to execute arbitrary code via a long csp packet. | ||||
| CVE-2016-8597 | 1 Libcsp | 1 Libcsp | 2025-08-14 | N/A |
| Buffer overflow in the csp_sfp_recv_fp in csp_sfp.c in the libcsp library v1.4 and earlier allows hostile components with network access to the SFP underlying network layers to execute arbitrary code via specially crafted SFP packets. | ||||
| CVE-2015-7747 | 3 Audiofile, Canonical, Fedoraproject | 3 Audiofile, Ubuntu Linux, Fedora | 2025-08-13 | 8.8 High |
| Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c. | ||||
| CVE-2025-1215 | 2 Netapp, Vim | 2 Bootstrap Os, Vim | 2025-08-13 | 2.8 Low |
| A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is able to address this issue. The patch is identified as c5654b84480822817bb7b69ebc97c174c91185e9. It is recommended to upgrade the affected component. | ||||
| CVE-2023-51608 | 2 Kofax, Tungstenautomation | 2 Power Pdf, Power Pdf | 2025-08-13 | N/A |
| Kofax Power PDF J2K File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of J2K files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21833. | ||||
| CVE-2024-11611 | 1 Automationdirect | 18 C-more Ea9-rhmi, C-more Ea9-rhmi Firmware, C-more Ea9-t10cl and 15 more | 2025-08-12 | N/A |
| AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EAP9 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24774. | ||||
| CVE-2024-11610 | 1 Automationdirect | 18 C-more Ea9-rhmi, C-more Ea9-rhmi Firmware, C-more Ea9-t10cl and 15 more | 2025-08-12 | N/A |
| AutomationDirect C-More EA9 EAP9 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of AutomationDirect C-More EA9. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of EAP9 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-24773. | ||||
| CVE-2023-33079 | 1 Qualcomm | 288 Apq5053-aa, Apq5053-aa Firmware, Ar8035 and 285 more | 2025-08-11 | 7.8 High |
| Memory corruption in Audio while running invalid audio recording from ADSP. | ||||
| CVE-2023-43554 | 1 Qualcomm | 84 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 81 more | 2025-08-11 | 8.4 High |
| Memory corruption while processing IOCTL handler in FastRPC. | ||||
| CVE-2023-43534 | 1 Qualcomm | 132 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 129 more | 2025-08-11 | 8.6 High |
| Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point. | ||||
| CVE-2024-21481 | 1 Qualcomm | 333 Aqt1000, Aqt1000 Firmware, Ar8035 and 330 more | 2025-08-11 | 8.4 High |
| Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager. | ||||
| CVE-2024-21475 | 1 Qualcomm | 472 215 Mobile, 215 Mobile Firmware, 315 5g Iot Modem and 469 more | 2025-08-11 | 7.8 High |
| Memory corruption when the payload received from firmware is not as per the expected protocol size. | ||||
| CVE-2023-33092 | 1 Qualcomm | 190 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 187 more | 2025-08-11 | 8.4 High |
| Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size. | ||||
| CVE-2024-23369 | 1 Qualcomm | 237 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 234 more | 2025-08-11 | 7.8 High |
| Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers. | ||||