Total
2353 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-24057 | 2025-05-13 | 7.8 High | ||
| Heap-based buffer overflow in Microsoft Office allows an unauthorized attacker to execute code locally. | ||||
| CVE-2024-49138 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-05-13 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-49081 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-05-13 | 6.6 Medium |
| Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | ||||
| CVE-2024-49080 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-05-13 | 8.8 High |
| Windows IP Routing Management Snapin Remote Code Execution Vulnerability | ||||
| CVE-2024-49072 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-05-13 | 7.8 High |
| Windows Task Scheduler Elevation of Privilege Vulnerability | ||||
| CVE-2024-49125 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-05-13 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-49104 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-05-13 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-49102 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-05-13 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-49094 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-05-13 | 6.6 Medium |
| Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | ||||
| CVE-2024-49089 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-05-13 | 7.2 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-49086 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-05-13 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2024-49085 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-05-13 | 8.8 High |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability | ||||
| CVE-2025-47814 | 2025-05-13 | 4.5 Medium | ||
| libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from spv_read_xml_member) in zip-reader.c. | ||||
| CVE-2024-22532 | 1 Xnview | 1 Nconvert | 2025-05-13 | 6.5 Medium |
| Buffer Overflow vulnerability in XNSoft NConvert 7.163 (for Windows x86) allows attackers to cause a denial of service via crafted xwd file. | ||||
| CVE-2023-44418 | 1 Dlink | 2 Dir-x3260, Dir-x3260 Firmware | 2025-05-13 | 8.8 High |
| D-Link DIR-X3260 Prog.cgi Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd webserver. The issue results from the lack of proper validation of the length an user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-20727. | ||||
| CVE-2024-56827 | 1 Redhat | 1 Enterprise Linux | 2025-05-13 | 5.6 Medium |
| A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. | ||||
| CVE-2024-56826 | 1 Redhat | 1 Enterprise Linux | 2025-05-13 | 5.6 Medium |
| A flaw was found in the OpenJPEG project. A heap buffer overflow condition may be triggered when certain options are specified while using the opj_decompress utility. This can lead to an application crash or other undefined behavior. | ||||
| CVE-2025-47815 | 2025-05-12 | 4.5 Medium | ||
| libpspp-core.a in GNU PSPP through 2.0.1 allows attackers to cause a heap-based buffer overflow in inflate_read (called indirectly from zip_member_read_all) in zip-reader.c. | ||||
| CVE-2025-3712 | 2025-05-12 | 7.5 High | ||
| The LCD KVM over IP Switch CL5708IM has a Heap-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to perform a denial-of-service attack. | ||||
| CVE-2025-3713 | 2025-05-12 | 7.5 High | ||
| The LCD KVM over IP Switch CL5708IM has a Heap-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to perform a denial-of-service attack. | ||||