Total
3844 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-51823 | 2 Libcsp, Libcsp Project | 2 Libcsp, Libcsp | 2025-08-14 | 6.5 Medium |
| libcsp 2.0 is vulnerable to Buffer Overflow in the csp_eth_init() function due to improper handling of the ifname parameter. The function uses strcpy to copy the interface name into a structure member (ctx->name) without validating the input length. | ||||
| CVE-2025-51824 | 2 Libcsp, Libcsp Project | 2 Libcsp, Libcsp | 2025-08-14 | 6.5 Medium |
| libcsp 2.0 is vulnerable to Buffer Overflow in the csp_usart_open() function at drivers/usart/zephyr.c. | ||||
| CVE-2020-25969 | 1 Gnuplot | 1 Gnuplot | 2025-08-14 | 9.8 Critical |
| gnuplot v5.5 was discovered to contain a buffer overflow via the function plotrequest(). | ||||
| CVE-2015-7747 | 3 Audiofile, Canonical, Fedoraproject | 3 Audiofile, Ubuntu Linux, Fedora | 2025-08-13 | 8.8 High |
| Buffer overflow in the afReadFrames function in audiofile (aka libaudiofile and Audio File Library) allows user-assisted remote attackers to cause a denial of service (program crash) or possibly execute arbitrary code via a crafted audio file, as demonstrated by sixteen-stereo-to-eight-mono.c. | ||||
| CVE-2025-8760 | 2025-08-13 | 9.8 Critical | ||
| A vulnerability was identified in INSTAR 2K+ and 4K 3.11.1 Build 1124. This affects the function base64_decode of the component fcgi_server. The manipulation of the argument Authorization leads to buffer overflow. It is possible to initiate the attack remotely. | ||||
| CVE-2025-5601 | 1 Wireshark | 1 Wireshark | 2025-08-13 | 7.8 High |
| Column handling crashes in Wireshark 4.4.0 to 4.4.6 and 4.2.0 to 4.2.12 allows denial of service via packet injection or crafted capture file | ||||
| CVE-2025-25527 | 1 Ruijie | 2 Rg-nbr2600s, Rg-nbr2600s Firmware | 2025-08-13 | 5.1 Medium |
| Buffer overflow vulnerability in Ruijie RG-NBR2600S Gateway 10.3(4b12) due to the lack of length verification, which is related to the configuration of source address NAT rules. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands. | ||||
| CVE-2020-19695 | 1 F5 | 1 Njs | 2025-08-12 | 9.8 Critical |
| Buffer Overflow found in Nginx NJS allows a remote attacker to execute arbitrary code via the njs_object_property parameter of the njs/njs_vm.c function. | ||||
| CVE-2020-19692 | 1 F5 | 1 Njs | 2025-08-12 | 9.8 Critical |
| Buffer Overflow vulnerabilty found in Nginx NJS v.0feca92 allows a remote attacker to execute arbitrary code via the njs_module_read in the njs_module.c file. | ||||
| CVE-2025-0689 | 2 Gnu, Redhat | 3 Grub2, Enterprise Linux, Openshift | 2025-08-12 | 6.7 Medium |
| When reading data from disk, the grub's UDF filesystem module utilizes the user controlled data length metadata to allocate its internal buffers. In certain scenarios, while iterating through disk sectors, it assumes the read size from the disk is always smaller than the allocated buffer size which is not guaranteed. A crafted filesystem image may lead to a heap-based buffer overflow resulting in critical data to be corrupted, resulting in the risk of arbitrary code execution by-passing secure boot protections. | ||||
| CVE-2025-54632 | 1 Huawei | 1 Harmonyos | 2025-08-12 | 6.8 Medium |
| Vulnerability of insufficient data length verification in the HVB module. Impact: Successful exploitation of this vulnerability may affect service integrity. | ||||
| CVE-2025-8854 | 1 Bullet3 Project | 1 Bullet3 | 2025-08-12 | N/A |
| Stack-based buffer overflow in LoadOFF in bulletphysics bullet3 before 3.26 on all platforms allows remote attackers to execute arbitrary code via a crafted OFF file with an overlong initial token processed by the VHACD test utility or invoked indirectly through PyBullet's vhacd function. | ||||
| CVE-2025-8736 | 1 Gnu | 1 Cflow | 2025-08-12 | 5.3 Medium |
| A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-54642 | 1 Huawei | 2 Emui, Harmonyos | 2025-08-11 | 6.7 Medium |
| Issue of buffer overflow caused by insufficient data verification in the kernel gyroscope module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-54641 | 1 Huawei | 2 Emui, Harmonyos | 2025-08-11 | 6.7 Medium |
| Issue of buffer overflow caused by insufficient data verification in the kernel acceleration module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2024-45541 | 1 Qualcomm | 102 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 99 more | 2025-08-11 | 7.8 High |
| Memory corruption when IOCTL call is invoked from user-space to read board data. | ||||
| CVE-2024-33054 | 1 Qualcomm | 70 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 67 more | 2025-08-11 | 7.8 High |
| Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine. | ||||
| CVE-2023-43556 | 1 Qualcomm | 136 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 133 more | 2025-08-11 | 9.3 Critical |
| Memory corruption in Hypervisor when platform information mentioned is not aligned. | ||||
| CVE-2023-33077 | 1 Qualcomm | 192 Aqt1000, Aqt1000 Firmware, Ar8035 and 189 more | 2025-08-11 | 6.7 Medium |
| Memory corruption in HLOS while converting from authorization token to HIDL vector. | ||||
| CVE-2023-28570 | 1 Qualcomm | 168 Aqt1000, Aqt1000 Firmware, Ar8035 and 165 more | 2025-08-11 | 6.7 Medium |
| Memory corruption while processing audio effects. | ||||