Total
3128 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-52735 | 1 Linux | 1 Linux Kernel | 2025-04-02 | N/A | 9.1 CRITICAL |
| In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Don't let sock_map_{close,destroy,unhash} call itself sock_map proto callbacks should never call themselves by design. Protect against bugs like [1] and break out of the recursive loop to avoid a stack overflow in favor of a resource leak. [1] https://lore.kernel.org/all/00000000000073b14905ef2e7401@google.com/ | |||||
| CVE-2021-47347 | 1 Linux | 1 Linux Kernel | 2025-04-02 | N/A | 8.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: wl1251: Fix possible buffer overflow in wl1251_cmd_scan Function wl1251_cmd_scan calls memcpy without checking the length. Harden by checking the length is within the maximum allowed size. | |||||
| CVE-2025-29137 | 1 Tenda | 2 Ac7, Ac7 Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
| Tenda AC7 V1.0 V15.03.06.44 found a buffer overflow caused by the timeZone parameter in the form_fast_setting_wifi_set function, which can cause RCE. | |||||
| CVE-2023-33302 | 2025-04-01 | N/A | 4.7 MEDIUM | ||
| A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiMail webmail and administrative interface version 6.4.0 through 6.4.4 and before 6.2.6 and FortiNDR administrative interface version 7.2.0 and before 7.1.0 allows an authenticated attacker with regular webmail access to trigger a buffer overflow and to possibly execute unauthorized code or commands via specifically crafted HTTP requests. | |||||
| CVE-2025-1660 | 2025-04-01 | N/A | 7.8 HIGH | ||
| A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process. | |||||
| CVE-2024-38541 | 1 Linux | 1 Linux Kernel | 2025-04-01 | N/A | 9.8 CRITICAL |
| In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In of_modalias(), if the buffer happens to be too small even for the 1st snprintf() call, the len parameter will become negative and str parameter (if not NULL initially) will point beyond the buffer's end. Add the buffer overflow check after the 1st snprintf() call and fix such check after the strlen() call (accounting for the terminating NUL char). | |||||
| CVE-2024-38576 | 1 Linux | 1 Linux Kernel | 2025-04-01 | N/A | 7.1 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: rcu: Fix buffer overflow in print_cpu_stall_info() The rcuc-starvation output from print_cpu_stall_info() might overflow the buffer if there is a huge difference in jiffies difference. The situation might seem improbable, but computers sometimes get very confused about time, which can result in full-sized integers, and, in this case, buffer overflow. Also, the unsigned jiffies difference is printed using %ld, which is normally for signed integers. This is intentional for debugging purposes, but it is not obvious from the code. This commit therefore changes sprintf() to snprintf() and adds a clarifying comment about intention of %ld format. Found by Linux Verification Center (linuxtesting.org) with SVACE. | |||||
| CVE-2024-50667 | 1 Trendnet | 2 Tew-820ap, Tew-820ap Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
| The boa httpd of Trendnet TEW-820AP 1.01.B01 has a stack overflow vulnerability in /boafrm/formIPv6Addr, /boafrm/formIpv6Setup, /boafrm/formDnsv6. The reason is that the check of ipv6 address is not sufficient, which allows attackers to construct payloads for attacks. | |||||
| CVE-2024-42813 | 1 Trendnet | 2 Tew-752dru, Tew-752dru Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
| In TRENDnet TEW-752DRU FW1.03B01, there is a buffer overflow vulnerability due to the lack of length verification for the service field in gena.cgi. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands. | |||||
| CVE-2025-27830 | 1 Artifex | 1 Ghostscript | 2025-04-01 | N/A | 7.8 HIGH |
| An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs during serialization of DollarBlend in a font, for base/write_t1.c and psi/zfapi.c. | |||||
| CVE-2025-27831 | 1 Artifex | 1 Ghostscript | 2025-04-01 | N/A | 9.8 CRITICAL |
| An issue was discovered in Artifex Ghostscript before 10.05.0. The DOCXWRITE TXTWRITE device has a text buffer overflow via long characters to devices/vector/doc_common.c. | |||||
| CVE-2025-27832 | 1 Artifex | 1 Ghostscript | 2025-04-01 | N/A | 9.8 CRITICAL |
| An issue was discovered in Artifex Ghostscript before 10.05.0. The NPDL device has a Compression buffer overflow for contrib/japanese/gdevnpdl.c. | |||||
| CVE-2025-27833 | 1 Artifex | 1 Ghostscript | 2025-04-01 | N/A | 7.8 HIGH |
| An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs for a long TTF font name to pdf/pdf_fmap.c. | |||||
| CVE-2025-27834 | 1 Artifex | 1 Ghostscript | 2025-04-01 | N/A | 7.8 HIGH |
| An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs via an oversized Type 4 function in a PDF document to pdf/pdf_func.c. | |||||
| CVE-2025-27835 | 1 Artifex | 1 Ghostscript | 2025-04-01 | N/A | 7.8 HIGH |
| An issue was discovered in Artifex Ghostscript before 10.05.0. A buffer overflow occurs when converting glyphs to Unicode in psi/zbfont.c. | |||||
| CVE-2025-27836 | 1 Artifex | 1 Ghostscript | 2025-04-01 | N/A | 9.8 CRITICAL |
| An issue was discovered in Artifex Ghostscript before 10.05.0. The BJ10V device has a Print buffer overflow in contrib/japanese/gdev10v.c. | |||||
| CVE-2025-26002 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
| Telesquare TLR-2005KSH 1.1.4 is affected by an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setSyncTimeHost. | |||||
| CVE-2025-26004 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
| Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack buffer overflow vulnerability when requesting admin.cgi parameter with setDdns. | |||||
| CVE-2025-26005 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
| Telesquare TLR-2005KSH 1.1.4 is vulnerable to unauthorized stack overflow vulnerability when requesting admin.cgi parameter with setNtp. | |||||
| CVE-2025-26006 | 1 Telesquare | 2 Tlr-2005ksh, Tlr-2005ksh Firmware | 2025-04-01 | N/A | 9.8 CRITICAL |
| Telesquare TLR-2005KSH 1.1.4 has an unauthorized stack overflow vulnerability when requesting the admin.cgi parameter with setAutorest. | |||||