Search Results (14569 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-51395 1 Silabs 1 Z-wave Software Development Kit 2026-04-15 8.8 High
The vulnerability described by CVE-2023-0972 has been additionally discovered in Silicon Labs Z-Wave end devices. This vulnerability may allow an unauthenticated attacker within Z-Wave range to overflow a stack buffer, leading to arbitrary code execution.
CVE-2024-43688 2 Openbsd, Vixie 2 Openbsd, Cron 2026-04-15 7.3 High
cron/entry.c in vixie cron before 9cc8ab1, as used in OpenBSD 7.4 and 7.5, allows a heap-based buffer underflow and memory corruption. NOTE: this issue was introduced during a May 2023 refactoring.
CVE-2024-36355 1 Amd 25 Epyc 9004 Series Processors, Epyc Embedded 9004 Series Processors, Ryzen 5000 Series Desktop Processors and 22 more 2026-04-15 N/A
Improper input validation in the SMM handler could allow an attacker with Ring0 access to write to SMRAM and modify execution flow for S3 (sleep) wake up, potentially resulting in arbitrary code execution.
CVE-2024-7137 2026-04-15 6.5 Medium
The L2CAP receive data buffer for L2CAP packets is restricted to packet sizes smaller than the maximum supported packet size. Receiving a packet that exceeds the restricted buffer length may cause a crash. A hard reset is required to recover the crashed device.
CVE-2024-36324 1 Amd 25 Amd Ryzen™ Ai 300 Series Processors, Radeon Pro V520, Radeon Pro V620 and 22 more 2026-04-15 8.8 High
Improper input validation in AMD Graphics Driver could allow an attacker to supply a specially crafted pointer, potentially leading to arbitrary code execution.
CVE-2025-0234 2026-04-15 5.3 Medium
Out-of-bounds vulnerability in curve segmentation processing of Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver.
CVE-2025-0235 2026-04-15 5.3 Medium
Out-of-bounds vulnerability due to improper memory release during image rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver.
CVE-2024-32672 1 Samsung Open Source 1 Escargot 2026-04-15 5.3 Medium
A Segmentation Fault issue discovered in Samsung Open Source Escargot JavaScript engine allows remote attackers to cause a denial of service via crafted input. This issue affects Escargot: 4.0.0.
CVE-2023-22351 1 Ieisystem 1 Uefi Firmware 2026-04-15 6.1 Medium
Out-of-bounds write in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2024-32669 1 Samsung Open Source 1 Escargot 2026-04-15 5.3 Medium
Improper Input Validation vulnerability in Samsung Open Source escargot JavaScript engine allows Overflow Buffers. However, it occurs in the test code and does not include in the release. This issue affects escargot: 4.0.0.
CVE-2024-39840 1 Factorio 1 Factorio 2026-04-15 8.8 High
Factorio before 1.1.101 allows a crafted server to execute arbitrary code on clients via a custom map that leverages the ability of certain Lua base module functions to execute bytecode and generate fake objects.
CVE-2024-32639 1 Siemens 1 Tecnomatix Plant Simulation 2026-04-15 7.8 High
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302.0011). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted MODEL file. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-22974)
CVE-2025-64129 1 Zenitel 1 Tciv-3+ 2026-04-15 7.6 High
Zenitel TCIV-3+ is vulnerable to an out-of-bounds write vulnerability, which could allow a remote attacker to crash the device.
CVE-2024-55884 2026-04-15 9 Critical
In the Mullvad VPN client 2024.6 (Desktop), 2024.8 (iOS), and 2024.8-beta1 (Android), the exception-handling alternate stack can be exhausted, leading to heap-based out-of-bounds writes in enable() in exception_logging/unix.rs, aka MLLVD-CR-24-01. NOTE: achieving code execution is considered non-trivial.
CVE-2025-5943 1 Microdicom 1 Dicom Viewer 2026-04-15 8.8 High
MicroDicom DICOM Viewer suffers from an out-of-bounds write vulnerability. Remote attackers are able to exploit this issue to potentially execute arbitrary code on affected installations of DICOM Viewer. User interaction is required to exploit the vulnerability in that the user must either visit a malicious website or open a malicious DICOM file locally.
CVE-2024-41928 1 Freebsd 1 Freebsd 2026-04-15 8.4 High
Malicious software running in a guest VM can exploit the buffer overflow to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process.
CVE-2025-41649 2026-04-15 7.5 High
An unauthenticated remote attacker can exploit insufficient input validation to write data beyond the bounds of a buffer, potentially leading to a denial-of-service condition for the devices.
CVE-2025-42971 2026-04-15 4 Medium
A memory corruption vulnerability exists in SAPCAR allowing an attacker to craft malicious SAPCAR archives. When a high privileged victim extracts this malicious archive, it gets processed by SAPCAR on their system, resulting in out-of-bounds memory read and write. This could lead to file extraction and file overwrite outside the intended directories. This vulnerability has low impact on the confidentiality, integrity and availability of the application.
CVE-2025-23299 1 Nvidia 2 Bluefield, Connectx 2026-04-15 6.7 Medium
NVIDIA Bluefield and ConnectX contain a vulnerability in the management interface that could allow a malicious actor with high privilege access to execute arbitrary code.
CVE-2025-52939 2026-04-15 N/A
Out-of-bounds Write vulnerability in dail8859 NotepadNext (src/lua/src modules). This vulnerability is associated with program files ldebug.C, lvm.C. This issue affects NotepadNext: through v0.11.