Search Results (3405 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-40661 1 Nikon 1 Nis-elements Viewer 2025-04-10 7.8 High
This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of BMP images. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15134.
CVE-2023-45591 1 Ailux 1 Imx6 2025-04-10 7.5 High
A CWE-122 “Heap-based Buffer Overflow” vulnerability in the “logger_generic” function of the “Ax_rtu” binary allows a remote authenticated attacker to trigger a memory corruption in the context of the binary. This may result in a Denial-of-Service (DoS) condition, possibly in the execution of arbitrary code with the same privileges of the process (root), or have other unspecified impacts on the device. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2.
CVE-2022-4801 1 Usememos 1 Memos 2025-04-10 5.3 Medium
Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4813 1 Usememos 1 Memos 2025-04-10 4.3 Medium
Insufficient Granularity of Access Control in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-44428 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-10 5.5 Medium
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-44427 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-10 5.5 Medium
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-44430 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-10 5.5 Medium
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
CVE-2022-44429 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-04-10 5.5 Medium
In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.
CVE-2021-3966 1 Zephyrproject 1 Zephyr 2025-04-09 9.6 Critical
usb device bluetooth class includes a buffer overflow related to implementation of net_buf_add_mem.
CVE-2023-0049 2 Fedoraproject, Vim 2 Fedora, Vim 2025-04-09 7.8 High
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.
CVE-2023-0051 1 Vim 1 Vim 2025-04-09 7.8 High
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144.
CVE-2023-29370 1 Microsoft 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more 2025-04-08 7.8 High
Windows Media Remote Code Execution Vulnerability
CVE-2023-29372 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-04-08 8.8 High
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-29363 1 Microsoft 19 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 16 more 2025-04-08 9.8 Critical
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVE-2025-1426 1 Google 1 Chrome 2025-04-07 8.8 High
Heap buffer overflow in GPU in Google Chrome on Android prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2025-0999 1 Google 1 Chrome 2025-04-07 8.8 High
Heap buffer overflow in V8 in Google Chrome prior to 133.0.6943.126 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2023-0288 1 Vim 1 Vim 2025-04-07 7.8 High
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189.
CVE-2022-43591 1 Qt 1 Qt 2025-04-07 8.8 High
A buffer overflow vulnerability exists in the QML QtScript Reflect API of Qt Project Qt 6.3.2. A specially-crafted javascript code can trigger an out-of-bounds memory access, which can lead to arbitrary code execution. Target application would need to access a malicious web page to trigger this vulnerability.
CVE-2022-1891 1 Lenovo 12 Thinkbook 14-iil, Thinkbook 14-iil Firmware, Thinkbook 14-iml and 9 more 2025-04-03 6.7 Medium
A buffer overflow in the SystemLoadDefaultDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.
CVE-2024-27209 1 Google 1 Android 2025-04-03 8.4 High
there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.