Total
13901 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-5165 | 1 Assimp | 1 Assimp | 2025-06-03 | 3.3 Low |
| A vulnerability was found in Open Asset Import Library Assimp 5.4.3 and classified as problematic. This issue affects the function MDCImporter::ValidateSurfaceHeader of the file assimp/code/AssetLib/MDC/MDCLoader.cpp. The manipulation of the argument pcSurface2 leads to out-of-bounds read. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The project decided to collect all Fuzzer bugs in a main-issue to address them in the future. | ||||
| CVE-2023-32884 | 2 Google, Mediatek | 60 Android, Mt2713, Mt6580 and 57 more | 2025-06-03 | 6.7 Medium |
| In netdagent, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944011; Issue ID: ALPS07944011. | ||||
| CVE-2024-27344 | 1 Tungstenautomation | 1 Power Pdf | 2025-06-03 | 7.8 High |
| Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22931. | ||||
| CVE-2025-5408 | 2025-06-02 | 9.8 Critical | ||
| A vulnerability was found in WAVLINK QUANTUM D2G, QUANTUM D3G, WL-WN530G3A, WL-WN530HG3, WL-WN532A3 and WL-WN576K1 up to V1410_240222 and classified as critical. Affected by this issue is the function sys_login of the file /cgi-bin/login.cgi of the component HTTP POST Request Handler. The manipulation of the argument login_page leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-31263 | 1 Apple | 1 Macos | 2025-06-02 | 9.1 Critical |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.4. An app may be able to corrupt coprocessor memory. | ||||
| CVE-2023-43815 | 1 Deltaww | 1 Dopsoft | 2025-06-02 | 7.1 High |
| A buffer overflow vulnerability exists in Delta Electronics Delta Industrial Automation DOPSoft version 2 when parsing the wScreenDESCTextLen field of a DPS file. An anonymous attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve code execution. | ||||
| CVE-2023-43823 | 1 Deltaww | 1 Dopsoft | 2025-06-02 | 8.8 High |
| A stack based buffer overflow exists in Delta Electronics Delta Industrial Automation DOPSoft when parsing the wTTitleLen field of a DPS file. A remote, unauthenticated attacker can exploit this vulnerability by enticing a user to open a specially crafted DPS file to achieve remote code execution. | ||||
| CVE-2022-37434 | 7 Apple, Debian, Fedoraproject and 4 more | 24 Ipados, Iphone Os, Macos and 21 more | 2025-05-30 | 9.8 Critical |
| zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference). | ||||
| CVE-2022-26763 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2025-05-30 | 7.8 High |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.5, iOS 15.5 and iPadOS 15.5, Security Update 2022-004 Catalina, watchOS 8.6, macOS Big Sur 11.6.6, macOS Monterey 12.4. A malicious application may be able to execute arbitrary code with system privileges. | ||||
| CVE-2022-26776 | 1 Apple | 1 Macos | 2025-05-30 | 9.8 Critical |
| This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.4, macOS Big Sur 11.6.6. An attacker may be able to cause unexpected application termination or arbitrary code execution. | ||||
| CVE-2022-26772 | 1 Apple | 1 Macos | 2025-05-30 | 7.8 High |
| A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges. | ||||
| CVE-2024-20082 | 1 Mediatek | 35 Mt2735, Mt2737, Mt6833 and 32 more | 2025-05-30 | 9.8 Critical |
| In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01182594; Issue ID: MSV-1529. | ||||
| CVE-2022-32839 | 1 Apple | 6 Ipados, Iphone Os, Mac Os X and 3 more | 2025-05-29 | 9.8 Critical |
| The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. A remote user may cause an unexpected app termination or arbitrary code execution. | ||||
| CVE-2025-2998 | 1 Linuxfoundation | 1 Pytorch | 2025-05-29 | 5.3 Medium |
| A vulnerability was found in PyTorch 2.6.0. It has been declared as critical. Affected by this vulnerability is the function torch.nn.utils.rnn.pad_packed_sequence. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-2999 | 1 Linuxfoundation | 1 Pytorch | 2025-05-29 | 5.3 Medium |
| A vulnerability was found in PyTorch 2.6.0. It has been rated as critical. Affected by this issue is the function torch.nn.utils.rnn.unpack_sequence. The manipulation leads to memory corruption. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3000 | 1 Linuxfoundation | 1 Pytorch | 2025-05-29 | 5.3 Medium |
| A vulnerability classified as critical has been found in PyTorch 2.6.0. This affects the function torch.jit.script. The manipulation leads to memory corruption. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3001 | 1 Linuxfoundation | 1 Pytorch | 2025-05-29 | 5.3 Medium |
| A vulnerability classified as critical was found in PyTorch 2.6.0. This vulnerability affects the function torch.lstm_cell. The manipulation leads to memory corruption. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-23613 | 1 Broadcom | 1 Symantec Deployment Solutions | 2025-05-29 | 10 Critical |
| A buffer overflow vulnerability exists in Symantec Deployment Solution version 7.9 when parsing UpdateComputer tokens. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as SYSTEM. | ||||
| CVE-2024-23615 | 1 Broadcom | 1 Symantec Messaging Gateway | 2025-05-29 | 10 Critical |
| A buffer overflow vulnerability exists in Symantec Messaging Gateway versions 10.5 and before. A remote, anonymous attacker can exploit this vulnerability to achieve remote code execution as root. | ||||
| CVE-2022-32886 | 4 Apple, Debian, Fedoraproject and 1 more | 7 Ipados, Iphone Os, Safari and 4 more | 2025-05-29 | 8.8 High |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||