Export limit exceeded: 21781 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21781 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-1366 | 1 Escanav | 1 Escan Anti-virus | 2025-10-09 | 5.3 Medium |
| A vulnerability was found in MicroWord eScan Antivirus 7.0.32 on Linux and classified as critical. Affected by this issue is the function strcpy of the component VirusPopUp. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-31031 | 1 Nvidia | 2 Dgx A100, Dgx A100 Firmware | 2025-10-09 | 4.2 Medium |
| NVIDIA DGX Station A100 and DGX Station A800 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and data tampering. | ||||
| CVE-2025-57775 | 2 Digilent, Ni | 2 Dasylab, Dasylab | 2025-10-09 | 7.8 High |
| There is a heap-based Buffer Overflow vulnerability due to improper bounds checking when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab. | ||||
| CVE-2025-57776 | 2 Digilent, Ni | 2 Dasylab, Dasylab | 2025-10-09 | 7.8 High |
| There is an out of bounds write vulnerability due to improper bounds checking resulting in an invalid address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab. | ||||
| CVE-2025-57777 | 2 Digilent, Ni | 2 Dasylab, Dasylab | 2025-10-09 | 7.8 High |
| There is an out of bounds write vulnerability due to improper bounds checking in displ2.dll when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab. | ||||
| CVE-2025-57778 | 2 Digilent, Ni | 2 Dasylab, Dasylab | 2025-10-09 | 7.8 High |
| There is an out of bounds write vulnerability due to improper bounds checking resulting in an invalid source address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab. | ||||
| CVE-2025-9189 | 2 Digilent, Ni | 2 Dasylab, Dasylab | 2025-10-09 | 7.8 High |
| There is an out of bounds write vulnerability due to improper bounds checking resulting in a large destination address when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab. | ||||
| CVE-2025-57774 | 2 Digilent, Ni | 2 Dasylab, Dasylab | 2025-10-09 | 7.8 High |
| There is an out of bounds write vulnerability due to improper bounds checking resulting in invalid data when parsing a DSB file with Digilent DASYLab. This vulnerability may result in arbitrary code execution. Successful exploitation requires an attacker to get a user to open a specially crafted DSB file. The vulnerability affects all versions of DASYLab. | ||||
| CVE-2024-42189 | 1 Hcltech | 1 Bigfix Platform | 2025-10-09 | 6.5 Medium |
| HCL BigFix Web Reports might be subject to a Denial of Service (DoS) attack, due to a potentially weak validation of an API parameter. | ||||
| CVE-2024-41086 | 1 Linux | 1 Linux Kernel | 2025-10-09 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: bcachefs: Fix sb_field_downgrade validation - bch2_sb_downgrade_validate() wasn't checking for a downgrade entry extending past the end of the superblock section - for_each_downgrade_entry() is used in to_text() and needs to work on malformed input; it also was missing a check for a field extending past the end of the section | ||||
| CVE-2025-51306 | 1 Gatling | 1 Gatling | 2025-10-09 | 6.5 Medium |
| In Gatling Enterprise versions below 1.25.0, a user logging-out can still use his session token to continue using the application without expiration, due to incorrect session management. | ||||
| CVE-2025-9525 | 1 Linksys | 2 E1700, E1700 Firmware | 2025-10-09 | 8.8 High |
| A flaw has been found in Linksys E1700 1.0.0.4.003. Affected by this vulnerability is the function setWan of the file /goform/setWan. This manipulation of the argument DeviceName/lanIp causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-9526 | 1 Linksys | 2 E1700, E1700 Firmware | 2025-10-09 | 8.8 High |
| A vulnerability has been found in Linksys E1700 1.0.0.4.003. Affected by this issue is the function setSysAdm of the file /goform/setSysAdm. Such manipulation of the argument rm_port leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-9527 | 1 Linksys | 2 E1700, E1700 Firmware | 2025-10-09 | 8.8 High |
| A vulnerability was found in Linksys E1700 1.0.0.4.003. This affects the function QoSSetup of the file /goform/QoSSetup. Performing manipulation of the argument ack_policy results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-29769 | 2 Debian, Libvips | 2 Debian Linux, Libvips | 2025-10-09 | 5.5 Medium |
| libvips is a demand-driven, horizontally threaded image processing library. The heifsave operation could incorrectly determine the presence of an alpha channel in an input when it was not possible to determine the colour interpretation, known internally within libvips as "multiband". There aren't many ways to create a "multiband" input, but it is possible with a well-crafted TIFF image. If a "multiband" TIFF input image had 4 channels and HEIF-based output was requested, this led to libvips creating a 3 channel HEIF image without an alpha channel but then attempting to write 4 channels of data. This caused a heap buffer overflow, which could crash the process. This vulnerability is fixed in 8.16.1. | ||||
| CVE-2023-36028 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2025-10-09 | 9.8 Critical |
| Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability | ||||
| CVE-2023-36042 | 1 Microsoft | 2 Visual Studio 2019, Visual Studio 2022 | 2025-10-08 | 6.2 Medium |
| Visual Studio Denial of Service Vulnerability | ||||
| CVE-2023-36392 | 1 Microsoft | 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more | 2025-10-08 | 7.5 High |
| DHCP Server Service Denial of Service Vulnerability | ||||
| CVE-2023-36397 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-10-08 | 9.8 Critical |
| Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | ||||
| CVE-2023-36400 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 8 more | 2025-10-08 | 8.8 High |
| Windows HMAC Key Derivation Elevation of Privilege Vulnerability | ||||