Total
2525 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-29161 | 2 Hdfgroup, Redhat | 2 Hdf5, Enterprise Linux Ai | 2025-04-18 | 8.8 High |
| HDF5 through 1.14.3 contains a heap buffer overflow in H5A__attr_release_table, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | ||||
| CVE-2024-29160 | 2 Hdfgroup, Redhat | 2 Hdf5, Enterprise Linux Ai | 2025-04-18 | 7.4 High |
| HDF5 through 1.14.3 contains a heap buffer overflow in H5HG__cache_heap_deserialize, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | ||||
| CVE-2024-29158 | 2 Hdfgroup, Redhat | 2 Hdf5, Enterprise Linux Ai | 2025-04-18 | 7.4 High |
| HDF5 through 1.14.3 contains a stack buffer overflow in H5FL_arr_malloc, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | ||||
| CVE-2024-29162 | 2 Hdfgroup, Redhat | 2 Hdf5, Enterprise Linux Ai | 2025-04-18 | 7.4 High |
| HDF5 through 1.13.3 and/or 1.14.2 contains a stack buffer overflow in H5HG_read, resulting in denial of service or potential code execution. | ||||
| CVE-2024-29163 | 2 Hdfgroup, Redhat | 2 Hdf5, Enterprise Linux Ai | 2025-04-18 | 7.4 High |
| HDF5 through 1.14.3 contains a heap buffer overflow in H5T__bit_find, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | ||||
| CVE-2024-29157 | 2 Hdfgroup, Redhat | 2 Hdf5, Enterprise Linux Ai | 2025-04-18 | 9.8 Critical |
| HDF5 through 1.14.3 contains a heap buffer overflow in H5HG_read, resulting in the corruption of the instruction pointer and causing denial of service or potential code execution. | ||||
| CVE-2025-0611 | 1 Google | 1 Chrome | 2025-04-18 | 8.2 High |
| Object corruption in V8 in Google Chrome prior to 132.0.6834.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-3024 | 1 Broadcom | 1 Tcpreplay | 2025-04-16 | 5.3 Medium |
| A vulnerability was found in appneta tcpreplay up to 4.4.4. It has been classified as problematic. This affects the function get_layer4_v6 of the file /tcpreplay/src/common/get.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The identifier VDB-258333 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-25390 | 1 Rt-thread | 1 Rt-thread | 2025-04-16 | 8.4 High |
| A heap buffer overflow occurs in finsh/msh_file.c and finsh/msh.c in RT-Thread through 5.0.2. | ||||
| CVE-2024-34249 | 1 Wasm3 Project | 1 Wasm3 | 2025-04-16 | 9.8 Critical |
| wasm3 v0.5.0 was discovered to contain a heap buffer overflow which leads to segmentation fault via the function "DeallocateSlot" in wasm3/source/m3_compile.c. | ||||
| CVE-2021-23157 | 1 We-con | 1 Levistudiou | 2025-04-16 | 7.8 High |
| WECON LeviStudioU Versions 2019-09-21 and prior are vulnerable to a heap-based buffer overflow, which may allow an attacker to remotely execute code. | ||||
| CVE-2022-21214 | 1 Fujielectric | 2 Alpha5 Smart Loader, Alpha5 Smart Loader Firmware | 2025-04-16 | 7.8 High |
| The affected product is vulnerable to a heap-based buffer overflow, which may lead to code execution. | ||||
| CVE-2022-30540 | 1 Hornerautomation | 1 Cscape | 2025-04-16 | 7.8 High |
| The affected product is vulnerable to a heap-based buffer overflow via uninitialized pointer, which may allow an attacker to execute arbitrary code | ||||
| CVE-2022-2069 | 1 Siemens | 2 Jt2go, Teamcenter Visualization | 2025-04-16 | 7.8 High |
| The APDFL.dll in Siemens JT2Go prior to V13.3.0.5 and Siemens Teamcenter Visualization prior to V14.0.0.2 contains an out of bounds write past the fixed-length heap-based buffer while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process. | ||||
| CVE-2022-2948 | 1 Ge | 1 Cimplicity | 2025-04-16 | 7.8 High |
| GE CIMPICITY versions 2022 and prior is vulnerable to a heap-based buffer overflow, which could allow an attacker to execute arbitrary code. | ||||
| CVE-2021-38439 | 1 Gurum | 1 Gurumdds | 2025-04-16 | 8.6 High |
| All versions of GurumDDS are vulnerable to heap-based buffer overflow, which may cause a denial-of-service condition or remotely execute arbitrary code. | ||||
| CVE-2022-23537 | 2 Debian, Teluu | 2 Debian Linux, Pjsip | 2025-04-16 | 6.5 Medium |
| PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. Buffer overread is possible when parsing a specially crafted STUN message with unknown attribute. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as a commit in the master branch (2.13.1). | ||||
| CVE-2021-21962 | 1 Sealevel | 2 Seaconnect 370w, Seaconnect 370w Firmware | 2025-04-15 | 8.1 High |
| A heap-based buffer overflow vulnerability exists in the OTA Update u-download functionality of Sealevel Systems, Inc. SeaConnect 370W v1.3.34. A series of specially-crafted MQTT payloads can lead to remote code execution. An attacker must perform a man-in-the-middle attack in order to trigger this vulnerability. | ||||
| CVE-2021-21958 | 1 Hancom | 1 Hancom Office 2020 | 2025-04-15 | 7.8 High |
| A heap-based buffer overflow vulnerability exists in the Hword HwordApp.dll functionality of Hancom Office 2020 11.0.0.2353. A specially-crafted malformed file can lead to memory corruption and potential arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-21914 | 1 Accusoft | 1 Imagegear | 2025-04-15 | 8.8 High |
| A heap-based buffer overflow vulnerability exists in the DecoderStream::Append functionality of Accusoft ImageGear 19.10. A specially-crafted file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||