Total
3128 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-30983 | 1 Apple | 2 Ipados, Iphone Os | 2025-02-13 | 9.3 HIGH | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 15.2 and iPadOS 15.2. An application may be able to execute arbitrary code with kernel privileges. | |||||
| CVE-2023-26733 | 1 Tinytiff Project | 1 Tinytiff | 2025-02-13 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability found in tinyTIFF v.3.0 allows a local attacker to cause a denial of service via the TinyTiffReader_readNextFrame function in tinytiffreader.c file. | |||||
| CVE-2024-0144 | 2025-02-12 | N/A | 6.8 MEDIUM | ||
| NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a buffer overflow issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to data tampering. | |||||
| CVE-2024-50664 | 1 Gpac | 1 Gpac | 2025-02-11 | N/A | 7.8 HIGH |
| gpac 2.4 contains a heap-buffer-overflow at isomedia/sample_descs.c:1799 in gf_isom_new_mpha_description in gpac/MP4Box. | |||||
| CVE-2020-24736 | 1 Ghost | 1 Sqlite3 | 2025-02-11 | N/A | 5.5 MEDIUM |
| Buffer Overflow vulnerability found in SQLite3 v.3.27.1 and before allows a local attacker to cause a denial of service via a crafted script. | |||||
| CVE-2025-0303 | 1 Openatom | 1 Openharmony | 2025-02-11 | N/A | 8.8 HIGH |
| in OpenHarmony v4.1.2 and prior versions allow a local attacker cause the common permission is upgraded to root and sensitive information leak through buffer overflow. | |||||
| CVE-2024-35106 | 2025-02-11 | N/A | 4.6 MEDIUM | ||
| NEXTU FLETA AX1500 WIFI6 v1.0.3 was discovered to contain a buffer overflow at /boafrm/formIpQoS. This vulnerability allows attackers to cause a Denial of Service (DoS) or potentially arbitrary code execution via a crafted POST request. | |||||
| CVE-2025-24956 | 2025-02-11 | N/A | 6.2 MEDIUM | ||
| A vulnerability has been identified in OpenV2G (All versions < V0.9.6). The OpenV2G EXI parsing feature is missing a length check when parsing X509 serial numbers. Thus, an attacker could introduce a buffer overflow that leads to memory corruption. | |||||
| CVE-2022-47336 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-02-10 | N/A | 5.5 MEDIUM |
| In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | |||||
| CVE-2022-47335 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-02-10 | N/A | 5.5 MEDIUM |
| In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | |||||
| CVE-2022-47464 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-02-10 | N/A | 5.5 MEDIUM |
| In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | |||||
| CVE-2022-47463 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-02-10 | N/A | 5.5 MEDIUM |
| In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | |||||
| CVE-2022-47362 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-02-10 | N/A | 5.5 MEDIUM |
| In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service. | |||||
| CVE-2023-41064 | 1 Apple | 3 Ipados, Iphone Os, Macos | 2025-02-10 | N/A | 7.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 16.6.1 and iPadOS 16.6.1, macOS Monterey 12.6.9, macOS Ventura 13.5.2, iOS 15.7.9 and iPadOS 15.7.9, macOS Big Sur 11.7.10. Processing a maliciously crafted image may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. | |||||
| CVE-2023-27705 | 1 Apng Optimizer Project | 1 Apng Optimizer | 2025-02-06 | N/A | 7.5 HIGH |
| APNG_Optimizer v1.4 was discovered to contain a buffer overflow via the component /apngopt/ubuntu.png. | |||||
| CVE-2025-23236 | 2025-02-06 | N/A | 8.8 HIGH | ||
| Buffer overflow vulnerability exists in Defense Platform Home Edition Ver.3.9.51.x and earlier. If an attacker performs a specific operation, SYSTEM privilege of the Windows system where the product is running may be obtained. | |||||
| CVE-2025-23412 | 2025-02-05 | N/A | 7.5 HIGH | ||
| When BIG-IP APM Access Profile is configured on a virtual server, undisclosed request can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2021-33972 | 1 Browser.360 | 1 Safe Browser | 2025-02-05 | N/A | 10.0 CRITICAL |
| Buffer Overflow vulnerability in Qihoo 360 Safe Browser v13.0.2170.0 allows attacker to escalate priveleges. | |||||
| CVE-2021-33971 | 1 360 | 1 Total Security | 2025-02-05 | N/A | 7.8 HIGH |
| Qihoo 360 (https://www.360.cn/) Qihoo 360 Safeguard (https://www.360.cn/) Qihoo 360 Total Security (http://www.360totalsecurity.com/) is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: This is a set of vulnerabilities affecting popular software, "360 Safeguard(12.1.0.1004,12.1.0.1005,13.1.0.1001)" , "360 Total Security(10.8.0.1060,10.8.0.1213)", "360 Safe Browser & 360 Chrome(13.0.2170.0)". The attack vector is: On the browser vulnerability, just open a link to complete the vulnerability exploitation remotely; on the client software, you need to locally execute the vulnerability exploitation program, which of course can be achieved with the full chain of browser vulnerability. ΒΆΒΆ This is a set of the most serious vulnerabilities that exist on Qihoo 360's PC client a variety of popular software, remote vulnerabilities can be completed by opening a link to arbitrary code execution on both security browsers, with the use of local vulnerabilities, not only help the vulnerability code constitutes an escalation of privileges, er can make the spyware persistent without being scanned permanently resides on the target PC computer (because local vulnerability against Qihoo 360 company's antivirus kernel flaws); this group of remote and local vulnerability of the perfect match, to achieve an information security fallacy, in Qihoo 360's antivirus vulnerability, not only can not be scanned out of the virus, but will help the virus persistently control the target computer, while Qihoo 360 claims to be a safe browser, which exists in the kernel vulnerability but helped the composition of the remote vulnerability. (Security expert "Memory Corruptor" have reported this set of vulnerabilities to the corresponding vendor, all vulnerabilities have been fixed and the vendor rewarded thousands of dollars to the security experts) | |||||
| CVE-2025-24131 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2025-02-05 | N/A | 6.5 MEDIUM |
| The issue was addressed with improved memory handling. This issue is fixed in visionOS 2.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, watchOS 11.3, tvOS 18.3. An attacker in a privileged position may be able to perform a denial-of-service. | |||||