Total
11285 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-18781 | 1 Audiofile | 1 Audiofile | 2024-10-04 | 5.5 Medium |
| Heap buffer overflow vulnerability in FilePOSIX::read in File.cpp in audiofile 0.3.6 may cause denial-of-service via a crafted wav file, this bug can be triggered by the executable sfconvert. | ||||
| CVE-2020-18831 | 1 Exiv2 | 1 Exiv2 | 2024-10-04 | 7.8 High |
| Buffer Overflow vulnerability in tEXtToDataBuf function in pngimage.cpp in Exiv2 0.27.1 allows remote attackers to cause a denial of service and other unspecified impacts via use of crafted file. | ||||
| CVE-2020-18839 | 1 Freedesktop | 1 Poppler | 2024-10-04 | 6.5 Medium |
| Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service. | ||||
| CVE-2020-21890 | 1 Artifex | 1 Ghostscript | 2024-10-04 | 7.8 High |
| Buffer Overflow vulnerability in clj_media_size function in devices/gdevclj.c in Artifex Ghostscript 9.50 allows remote attackers to cause a denial of service or other unspecified impact(s) via opening of crafted PDF document. | ||||
| CVE-2021-29390 | 3 Fedoraproject, Libjpeg-turbo, Redhat | 3 Fedora, Libjpeg-turbo, Enterprise Linux | 2024-10-04 | 7.1 High |
| libjpeg-turbo version 2.0.90 has a heap-based buffer over-read (2 bytes) in decompress_smooth_data in jdcoefct.c. | ||||
| CVE-2021-32420 | 1 Dpic Project | 1 Dpic | 2024-10-04 | 7.5 High |
| dpic 2021.01.01 has a Heap-based Buffer Overflow in thestorestring function in dpic.y. | ||||
| CVE-2022-1304 | 3 E2fsprogs Project, Fedoraproject, Redhat | 3 E2fsprogs, Fedora, Enterprise Linux | 2024-10-04 | 7.8 High |
| An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem. | ||||
| CVE-2023-30681 | 1 Samsung | 1 Android | 2024-10-04 | 4.4 Medium |
| An improper input validation vulnerability within initialize function in HAL VaultKeeper prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write. | ||||
| CVE-2023-20832 | 5 Google, Linuxfoundation, Mediatek and 2 more | 40 Android, Yocto, Mt2735 and 37 more | 2024-10-04 | 6.7 Medium |
| In gps, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08014144; Issue ID: ALPS08013530. | ||||
| CVE-2024-45306 | 1 Vim | 1 Vim | 2024-10-04 | 4.5 Medium |
| Vim is an open source, command line text editor. Patch v9.1.0038 optimized how the cursor position is calculated and removed a loop, that verified that the cursor position always points inside a line and does not become invalid by pointing beyond the end of a line. Back then we assumed this loop is unnecessary. However, this change made it possible that the cursor position stays invalid and points beyond the end of a line, which would eventually cause a heap-buffer-overflow when trying to access the line pointer at the specified cursor position. It's not quite clear yet, what can lead to this situation that the cursor points to an invalid position. That's why patch v9.1.0707 does not include a test case. The only observed impact has been a program crash. This issue has been addressed in with the patch v9.1.0707. All users are advised to upgrade. | ||||
| CVE-2023-30697 | 1 Samsung | 1 Android | 2024-10-04 | 4.4 Medium |
| An improper input validation in IpcTxCfgSetSimlockPayload in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write. | ||||
| CVE-2023-30696 | 1 Samsung | 1 Android | 2024-10-04 | 4.4 Medium |
| An improper input validation in IpcTxGetVerifyAkey in libsec-ril prior to SMR Aug-2023 Release 1 allows attacker to cause out-of-bounds write. | ||||
| CVE-2024-41595 | 1 Draytek | 1 Vigor3910 Firmware | 2024-10-04 | 8 High |
| DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to change settings or cause a denial of service via .cgi pages because of missing bounds checks on read and write operations. | ||||
| CVE-2024-22053 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2024-10-03 | 8.2 High |
| A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack or in certain conditions read contents from memory. | ||||
| CVE-2024-21894 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2024-10-03 | 9.8 Critical |
| A heap overflow vulnerability in IPSec component of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack. In certain conditions this may lead to execution of arbitrary code | ||||
| CVE-2023-2457 | 1 Google | 2 Chrome, Chrome Os | 2024-10-03 | 8.8 High |
| Out of bounds write in ChromeOS Audio Server in Google Chrome on ChromeOS prior to 113.0.5672.114 allowed a remote attacker to potentially exploit heap corruption via crafted audio file. (Chromium security severity: High) | ||||
| CVE-2020-21723 | 1 Ogg Video Tools Project | 1 Ogg Video Tools | 2024-10-03 | 5.5 Medium |
| A Segmentation Fault issue discovered StreamSerializer::extractStreams function in streamSerializer.cpp in oggvideotools 0.9.1 allows remote attackers to cause a denial of service (crash) via opening of crafted ogg file. | ||||
| CVE-2023-33877 | 1 Intel | 2 Realsense 450 Fa, Realsense 450 Fa Firmware | 2024-10-03 | 3.3 Low |
| Out-of-bounds write in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2020-21724 | 1 Ogg Video Tools Project | 1 Ogg Video Tools | 2024-10-03 | 7.8 High |
| Buffer Overflow vulnerability in ExtractorInformation function in streamExtractor.cpp in oggvideotools 0.9.1 allows remaote attackers to run arbitrary code via opening of crafted ogg file. | ||||
| CVE-2020-21687 | 1 Nasm | 1 Netwide Assembler | 2024-10-03 | 5.5 Medium |
| Buffer Overflow vulnerability in scan function in stdscan.c in nasm 2.15rc0 allows remote attackers to cause a denial of service via crafted asm file. | ||||