| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15134. |
| A CWE-122 “Heap-based Buffer Overflow” vulnerability in the “logger_generic” function of the “Ax_rtu” binary allows a remote authenticated attacker to trigger a memory corruption in the context of the binary. This may result in a Denial-of-Service (DoS) condition, possibly in the execution of arbitrary code with the same privileges of the process (root), or have other unspecified impacts on the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2. |
| Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1. |
| Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1. |
| In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services. |
| usb device bluetooth class includes a buffer overflow related to implementation of net_buf_add_mem. |
| Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144. |
| Windows Media Remote Code Execution Vulnerability |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability |
| Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability |
| Heap buffer overflow in GPU in Google Chrome on Android prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189. |
| A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an out-of-bounds memory access, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this vulnerability. |
| A buffer overflow in the SystemLoadDefaultDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code. |
| there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |