Export limit exceeded: 14578 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14578 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-32008 | 1 Intel | 1 Intel Amt And Intel Standard Manageability | 2026-04-15 | 8.6 High |
| Out-of-bounds write in the firmware for the Intel(R) AMT and Intel(R) Standard Manageability within Ring 3: User Applications may allow a denial of service. Network adversary with an unauthenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via network access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (none) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (low) impacts. | ||||
| CVE-2025-4640 | 2026-04-15 | N/A | ||
| Out-of-bounds Write vulnerability in PointCloudLibrary pcl allows Overflow Buffers. Since version 1.14.0, PCL by default uses a zlib installation from the system, unless the user sets WITH_SYSTEM_ZLIB=FALSE. So this potential vulnerability is only relevant if the PCL version is older than 1.14.0 or the user specifically requests to not use the system zlib. | ||||
| CVE-2025-41237 | 1 Vmware | 3 Esxi, Fusion, Workstation | 2026-04-15 | 9.3 Critical |
| VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed. | ||||
| CVE-2025-12050 | 1 Insyde | 1 Insydeh2o | 2026-04-15 | 7.8 High |
| The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow. | ||||
| CVE-2025-12053 | 1 Insyde | 1 Insydeh2o | 2026-04-15 | 7.8 High |
| The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow. | ||||
| CVE-2025-30015 | 2026-04-15 | 4.1 Medium | ||
| Due to incorrect memory address handling in ABAP SQL of SAP NetWeaver and ABAP Platform (Application Server ABAP), an authenticated attacker with high privileges could execute certain forms of SQL queries leading to manipulation of content in the output variable. This vulnerability has a low impact on the confidentiality, integrity and the availability of the application. | ||||
| CVE-2023-20513 | 2026-04-15 | 3.3 Low | ||
| An insufficient bounds check in PMFW (Power Management Firmware) may allow an attacker to utilize a malicious VF (virtualization function) to send a malformed message, potentially resulting in a denial of service. | ||||
| CVE-2025-41413 | 2026-04-15 | 7.8 High | ||
| Fuji Electric Smart Editor is vulnerable to an out-of-bounds write, which may allow an attacker to execute arbitrary code. | ||||
| CVE-2025-11964 | 2 Microsoft, Tcpdump | 2 Windows, Libpcap | 2026-04-15 | 1.9 Low |
| On Windows only, if libpcap needs to convert a Windows error message to UTF-8 and the message includes characters that UTF-8 represents using 4 bytes, utf_16le_to_utf_8_truncated() can write data beyond the end of the provided buffer. | ||||
| CVE-2023-5912 | 1 Lenovo | 1 Notebook | 2026-04-15 | 6.7 Medium |
| A potential memory leakage vulnerability was reported in some Lenovo Notebook products that may allow a local attacker with elevated privileges to write to NVRAM variables. | ||||
| CVE-2025-9178 | 1 Rockwellautomation | 1 1715-aentr Eternet/ip Adapter | 2026-04-15 | N/A |
| A denial-of-service security issue exists in the affected product and version. The security issue is caused through CIP communication using crafted payloads. The security issue could result in no CIP communication with 1715 EtherNet/IP Adapter.A restart is required to recover. | ||||
| CVE-2025-0236 | 2026-04-15 | 5.3 Medium | ||
| Out-of-bounds vulnerability in slope processing during curve rendering in Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver. | ||||
| CVE-2024-4467 | 1 Redhat | 7 Advanced Virtualization, Container Native Virtualization, Enterprise Linux and 4 more | 2026-04-15 | 7.8 High |
| A flaw was found in the QEMU disk image utility (qemu-img) 'info' command. A specially crafted image file containing a `json:{}` value describing block devices in QMP could cause the qemu-img process on the host to consume large amounts of memory or CPU time, leading to denial of service or read/write to an existing external file. | ||||
| CVE-2024-55884 | 2026-04-15 | 9 Critical | ||
| In the Mullvad VPN client 2024.6 (Desktop), 2024.8 (iOS), and 2024.8-beta1 (Android), the exception-handling alternate stack can be exhausted, leading to heap-based out-of-bounds writes in enable() in exception_logging/unix.rs, aka MLLVD-CR-24-01. NOTE: achieving code execution is considered non-trivial. | ||||
| CVE-2021-47719 | 1 Commax | 1 Webviewer Activex Control | 2026-04-15 | N/A |
| COMMAX WebViewer ActiveX Control 2.1.4.5 contains a buffer overflow vulnerability that allows attackers to execute arbitrary code by providing excessively long string arrays through multiple functions. Attackers can exploit boundary errors in Commax_WebViewer.ocx to cause buffer overflow conditions and potentially gain code execution. | ||||
| CVE-2021-26383 | 1 Amd | 9 Instinct Mi210, Instinct Mi250, Radeon Pro V520 and 6 more | 2026-04-15 | 7.9 High |
| Insufficient bounds checking in AMD TEE (Trusted Execution Environment) could allow an attacker with a compromised userspace to invoke a command with malformed arguments leading to out of bounds memory access, potentially resulting in loss of integrity or availability. | ||||
| CVE-2025-35971 | 2 Intel, Microsoft | 4 Proset, Proset/wireless, Proset/wireless Software and 1 more | 2026-04-15 | 8.2 High |
| Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software for Windows before version 23.160 within Ring 2: Device Drivers may allow a denial of service. Unprivileged software adversary with an unauthenticated user combined with a low complexity attack may enable denial of service. This result may potentially occur via adjacent access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (low) and availability (high) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (high) impacts. | ||||
| CVE-2025-0234 | 2026-04-15 | 5.3 Medium | ||
| Out-of-bounds vulnerability in curve segmentation processing of Generic PCL6 V4 Printer Driver / Generic UFR II V4 Printer Driver / Generic LIPSLX V4 Printer Driver. | ||||
| CVE-2024-39927 | 2026-04-15 | 8.2 High | ||
| Out-of-bounds write vulnerability exists in Ricoh MFPs and printers. If a remote attacker sends a specially crafted request to the affected products, the products may be able to cause a denial-of-service (DoS) condition and/or user's data may be destroyed. | ||||
| CVE-2025-35975 | 1 Microdicom | 1 Dicom Viewer | 2026-04-15 | 8.8 High |
| MicroDicom DICOM Viewer is vulnerable to an out-of-bounds write which may allow an attacker to execute arbitrary code. The user must open a malicious DCM file for exploitation. | ||||