Total
12943 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-31748 | 1 Mozilla | 1 Firefox | 2025-04-15 | 9.8 Critical |
| Mozilla developers Gabriele Svelto, Timothy Nikkel, Randell Jesup, Jon Coppeard, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 101. | ||||
| CVE-2022-31747 | 2 Mozilla, Redhat | 6 Firefox, Firefox Esr, Thunderbird and 3 more | 2025-04-15 | 9.8 Critical |
| Mozilla developers Andrew McCreight, Nicolas B. Pierron, and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 100 and Firefox ESR 91.9. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 91.10, Firefox < 101, and Firefox ESR < 91.10. | ||||
| CVE-2021-40398 | 1 Accusoft | 1 Imagegear | 2025-04-15 | 7.8 High |
| An out-of-bounds write vulnerability exists in the parse_raster_data functionality of Accusoft ImageGear 19.10. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2021-40400 | 1 Gerbv Project | 1 Gerbv | 2025-04-15 | 7.5 High |
| An out-of-bounds read vulnerability exists in the RS-274X aperture macro outline primitive functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit d7f42a9a). A specially-crafted Gerber file can lead to information disclosure. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2020-13495 | 2 Apple, Pixar | 2 Mac Os X, Openusd | 2025-04-15 | 5.5 Medium |
| An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary USD files. A specially crafted malformed file can trigger an arbitrary out-of-bounds memory access that could lead to the disclosure of sensitive information. This vulnerability could be used to bypass mitigations and aid additional exploitation. To trigger this vulnerability, the victim needs to access an attacker-provided file. | ||||
| CVE-2022-29465 | 1 Accusoft | 1 Imagegear | 2025-04-15 | 9.8 Critical |
| An out-of-bounds write vulnerability exists in the PSD Header processing memory allocation functionality of Accusoft ImageGear 20.0. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2022-29503 | 3 Anker, Uclibc, Uclibc-ng Project | 4 Eufy Homebase 2, Eufy Homebase 2 Firmware, Uclibc and 1 more | 2025-04-15 | 9.8 Critical |
| A memory corruption vulnerability exists in the libpthread linuxthreads functionality of uClibC 0.9.33.2 and uClibC-ng 1.0.40. Thread allocation can lead to memory corruption. An attacker can create threads to trigger this vulnerability. | ||||
| CVE-2022-32588 | 1 Accusoft | 1 Imagegear | 2025-04-15 | 7.8 High |
| An out-of-bounds write vulnerability exists in the PICT parsing pctwread_14841 functionality of Accusoft ImageGear 20.0. A specially-crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2025-3548 | 2025-04-15 | 5.3 Medium | ||
| A vulnerability, which was classified as critical, has been found in Open Asset Import Library Assimp up to 5.4.3. This issue affects the function aiString::Set in the library include/assimp/types.h of the component File Handler. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2025-3549 | 2025-04-15 | 5.3 Medium | ||
| A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD3Importer::ValidateSurfaceHeaderOffsets of the file code/AssetLib/MD3/MD3Loader.cpp of the component File Handler. The manipulation leads to heap-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3538 | 2025-04-15 | 8.8 High | ||
| A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been rated as critical. This issue affects the function auth_asp of the file /auth.asp of the component jhttpd. The manipulation of the argument callback leads to stack-based buffer overflow. The attack needs to be approached within the local network. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-3588 | 2025-04-15 | 5.3 Medium | ||
| A vulnerability, which was classified as problematic, has been found in joelittlejohn jsonschema2pojo 1.2.2. This issue affects the function apply of the file org/jsonschema2pojo/rules/SchemaRule.java of the component JSON File Handler. The manipulation leads to stack-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-24797 | 2025-04-15 | 9.4 Critical | ||
| Meshtastic is an open source mesh networking solution. A fault in the handling of mesh packets containing invalid protobuf data can result in an attacker-controlled buffer overflow, allowing an attacker to hijack execution flow, potentially resulting in remote code execution. This attack does not require authentication or user interaction, as long as the target device rebroadcasts packets on the default channel. This vulnerability fixed in 2.6.2. | ||||
| CVE-2022-1350 | 1 Artifex | 1 Ghostpcl | 2025-04-15 | 4.3 Medium |
| A vulnerability classified as problematic was found in GhostPCL 9.55.0. This vulnerability affects the function chunk_free_object of the file gsmchunk.c. The manipulation with a malicious file leads to a memory corruption. The attack can be initiated remotely but requires user interaction. The exploit has been disclosed to the public as a POC and may be used. It is recommended to apply the patches to fix this issue. | ||||
| CVE-2019-25063 | 1 Sricam | 1 Deviceviewer | 2025-04-15 | 5.3 Medium |
| A vulnerability was found in Sricam IP CCTV Camera. It has been classified as critical. Affected is an unknown function of the component Device Viewer. The manipulation leads to memory corruption. Local access is required to approach this attack. | ||||
| CVE-2018-25042 | 1 Bittorrent | 1 Utorrent | 2025-04-15 | 5 Medium |
| A vulnerability classified as critical has been found in uTorrent. This affects an unknown part. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to upgrade the affected component. | ||||
| CVE-2014-125002 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-15 | 5.3 Medium |
| A vulnerability was found in FFmpeg 2.0. It has been classified as problematic. Affected is the function dnxhd_init_rc of the file libavcodec/dnxhdenc.c. The manipulation leads to memory corruption. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2014-125003 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-15 | 5.3 Medium |
| A vulnerability was found in FFmpeg 2.0 and classified as problematic. This issue affects the function get_siz of the file libavcodec/jpeg2000dec.c. The manipulation leads to memory corruption. The attack may be initiated remotely. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2014-125004 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-15 | 5.3 Medium |
| A vulnerability has been found in FFmpeg 2.0 and classified as problematic. This vulnerability affects the function decode_hextile of the file libavcodec/vmnc.c. The manipulation leads to memory corruption. The attack can be initiated remotely. It is recommended to apply a patch to fix this issue. | ||||
| CVE-2014-125005 | 1 Ffmpeg | 1 Ffmpeg | 2025-04-15 | 5.3 Medium |
| A vulnerability, which was classified as problematic, was found in FFmpeg 2.0. This affects the function decode_vol_header of the file libavcodec/mpeg4videodec.c. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. It is recommended to apply a patch to fix this issue. | ||||