Search Results (46059 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-29072 1 Nethermind 1 Juno 2025-04-11 7.5 High
An integer overflow in Nethermind Juno before v.12.05 within the Sierra bytecode decompression logic within the "cairo-lang-starknet-classes" library could allow remote attackers to trigger an infinite loop (and high CPU usage) by submitting a malicious Declare v2/v3 transaction. This results in a denial-of-service condition for affected Starknet full-node implementations.
CVE-2022-2584 1 Protocol 1 Go-codec-dagpb 2025-04-11 7.5 High
The dag-pb codec can panic when decoding invalid blocks.
CVE-2020-36567 2 Gin-gonic, Redhat 3 Gin, Migration Toolkit Applications, Rhmt 2025-04-11 7.5 High
Unsanitized input in the default logger in github.com/gin-gonic/gin before v1.6.0 allows remote attackers to inject arbitrary log lines.
CVE-2018-25049 1 Email-existence Project 1 Email-existence 2025-04-11 3 Low
A vulnerability was found in email-existence. It has been rated as problematic. Affected by this issue is some unknown functionality of the file index.js. The manipulation leads to inefficient regular expression complexity. The name of the patch is 0029ba71b6ad0d8ec0baa2ecc6256d038bdd9b56. It is recommended to apply a patch to fix this issue. VDB-216854 is the identifier assigned to this vulnerability.
CVE-2025-2849 1 Upx 1 Upx 2025-04-11 3.3 Low
A vulnerability, which was classified as problematic, was found in UPX up to 5.0.0. Affected is the function PackLinuxElf64::un_DT_INIT of the file src/p_lx_elf.cpp. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The patch is identified as e0b6ff192412f5bb5364c1948f4f6b27a0cd5ea2. It is recommended to apply a patch to fix this issue.
CVE-2022-34673 1 Nvidia 6 Geforce, Gpu Display Driver, Nvs and 3 more 2025-04-11 4.4 Medium
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an out-of-bounds array access may lead to denial of service, information disclosure, or data tampering.
CVE-2022-34676 5 Citrix, Linux, Nvidia and 2 more 6 Hypervisor, Linux Kernel, Cloud Gaming and 3 more 2025-04-11 7.1 High
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds read may lead to denial of service, information disclosure, or data tampering.
CVE-2022-34677 6 Citrix, Debian, Linux and 3 more 13 Hypervisor, Debian Linux, Linux Kernel and 10 more 2025-04-11 5.5 Medium
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering.
CVE-2022-34670 6 Citrix, Debian, Linux and 3 more 13 Hypervisor, Debian Linux, Linux Kernel and 10 more 2025-04-11 7.8 High
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in the conversion, which may lead to denial of service or information disclosure.
CVE-2022-42259 6 Citrix, Debian, Linux and 3 more 13 Hypervisor, Debian Linux, Linux Kernel and 10 more 2025-04-11 4.4 Medium
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service.
CVE-2022-43396 1 Apache 1 Kylin 2025-04-11 8.8 High
In the fix for CVE-2022-24697, a blacklist is used to filter user input commands. But there is a risk of being bypassed. The user can control the command by controlling the kylin.engine.spark-cmd parameter of conf.
CVE-2022-42261 5 Citrix, Linux, Nvidia and 2 more 12 Hypervisor, Linux Kernel, Cloud Gaming and 9 more 2025-04-11 7.8 High
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service.
CVE-2022-42262 5 Citrix, Linux, Nvidia and 2 more 12 Hypervisor, Linux Kernel, Cloud Gaming and 9 more 2025-04-11 7.1 High
NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service.
CVE-2022-42263 5 Citrix, Linux, Nvidia and 2 more 12 Hypervisor, Linux Kernel, Cloud Gaming and 9 more 2025-04-11 7.1 High
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an Integer overflow may lead to denial of service or information disclosure.
CVE-2022-42264 5 Citrix, Linux, Nvidia and 2 more 12 Hypervisor, Linux Kernel, Cloud Gaming and 9 more 2025-04-11 7.1 High
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause the use of an out-of-range pointer offset, which may lead to data tampering, data loss, information disclosure, or denial of service.
CVE-2022-42265 1 Nvidia 6 Geforce, Gpu Display Driver, Nvs and 3 more 2025-04-11 5.3 Medium
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to information disclosure or data tampering.
CVE-2015-10005 1 Markdown-it Project 1 Markdown-it 2025-04-11 3.5 Low
A vulnerability was found in markdown-it up to 2.x. It has been classified as problematic. Affected is an unknown function of the file lib/common/html_re.js. The manipulation leads to inefficient regular expression complexity. Upgrading to version 3.0.0 is able to address this issue. The name of the patch is 89c8620157d6e38f9872811620d25138fc9d1b0d. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216852.
CVE-2024-51409 1 Tenda 2 O3, O3 Firmware 2025-04-11 6.5 Medium
Buffer Overflow vulnerability in Tenda O3 v.1.0.0.5 allows a remote attacker to cause a denial of service via a network packet in a fixed format to a router running the corresponding version of the firmware.
CVE-2022-40660 1 Nikon 1 Nis-elements Viewer 2025-04-11 7.8 High
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15135.
CVE-2024-28764 2 Ibm, Linux 3 Websphere Automation, Websphere Automation For Ibm Cloud Pak For Watson Aiops, Linux Kernel 2025-04-11 6.5 Medium
IBM WebSphere Automation 1.7.0 could allow an attacker with privileged access to the network to conduct a CSV injection. An attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 285623.