Total
13324 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-2853 | 2 Fedoraproject, Google | 3 Fedora, Android, Chrome | 2025-05-22 | N/A | 8.8 HIGH |
| Heap buffer overflow in Downloads in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-22629 | 1 Apple | 7 Ipados, Iphone Os, Itunes and 4 more | 2025-05-22 | N/A | 8.8 HIGH |
| A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.3, Safari 15.4, watchOS 8.5, iTunes 12.12.3 for Windows, iOS 15.4 and iPadOS 15.4, tvOS 15.4. Processing maliciously crafted web content may lead to arbitrary code execution. | |||||
| CVE-2022-40784 | 1 Mipcm | 2 Mipc Camera, Mipc Camera Firmware | 2025-05-22 | N/A | 8.8 HIGH |
| Unlimited strcpy on user input when setting a locale file leads to stack buffer overflow in mIPC camera firmware 5.3.1.2003161406. | |||||
| CVE-2022-3045 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-22 | N/A | 8.8 HIGH |
| Insufficient validation of untrusted input in V8 in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2024-50203 | 1 Linux | 1 Linux Kernel | 2025-05-22 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix address emission with tag-based KASAN enabled When BPF_TRAMP_F_CALL_ORIG is enabled, the address of a bpf_tramp_image struct on the stack is passed during the size calculation pass and an address on the heap is passed during code generation. This may cause a heap buffer overflow if the heap address is tagged because emit_a64_mov_i64() will emit longer code than it did during the size calculation pass. The same problem could occur without tag-based KASAN if one of the 16-bit words of the stack address happened to be all-ones during the size calculation pass. Fix the problem by assuming the worst case (4 instructions) when calculating the size of the bpf_tramp_image address emission. | |||||
| CVE-2025-20963 | 1 Samsung | 1 Android | 2025-05-21 | N/A | 6.6 MEDIUM |
| Out-of-bounds write in memory initialization in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory. | |||||
| CVE-2025-20964 | 1 Samsung | 1 Android | 2025-05-21 | N/A | 6.6 MEDIUM |
| Out-of-bounds write in parsing media files in libsavsvc.so prior to SMR May-2025 Release 1 allows local attackers to write out-of-bounds memory. | |||||
| CVE-2025-4883 | 1 Dlink | 2 Di-8100g, Di-8100g Firmware | 2025-05-21 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability was found in D-Link DI-8100 16.07.26A1. It has been declared as critical. This vulnerability affects the function ctxz_asp of the file /ctxz.asp of the component Connection Limit Page. The manipulation of the argument def/defTcp/defUdp/defIcmp/defOther leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2022-3052 | 2 Fedoraproject, Google | 4 Fedora, Chrome, Chrome Os and 1 more | 2025-05-21 | N/A | 8.8 HIGH |
| Heap buffer overflow in Window Manager in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. | |||||
| CVE-2022-3043 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2025-05-21 | N/A | 8.8 HIGH |
| Heap buffer overflow in Screen Capture in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-3040 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-21 | N/A | 8.8 HIGH |
| Use after free in Layout in Google Chrome prior to 105.0.5195.52 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2022-3200 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-05-21 | N/A | 8.8 HIGH |
| Heap buffer overflow in Internals in Google Chrome prior to 105.0.5195.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2025-1876 | 1 Dlink | 2 Dap-1562, Dap-1562 Firmware | 2025-05-21 | 7.5 HIGH | 7.3 HIGH |
| A vulnerability, which was classified as critical, has been found in D-Link DAP-1562 1.10. Affected by this issue is the function http_request_parse of the component HTTP Header Handler. The manipulation of the argument Authorization leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2022-3051 | 2 Fedoraproject, Google | 4 Fedora, Chrome, Chrome Os and 1 more | 2025-05-21 | N/A | 8.8 HIGH |
| Heap buffer overflow in Exosphere in Google Chrome on Chrome OS, Lacros prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. | |||||
| CVE-2022-3050 | 2 Fedoraproject, Google | 3 Fedora, Chrome, Chrome Os | 2025-05-21 | N/A | 8.8 HIGH |
| Heap buffer overflow in WebUI in Google Chrome on Chrome OS prior to 105.0.5195.52 allowed a remote attacker who convinced a user to engage in specific UI interactions to potentially exploit heap corruption via crafted UI interactions. | |||||
| CVE-2025-0624 | 2025-05-21 | N/A | 7.6 HIGH | ||
| A flaw was found in grub2. During the network boot process, when trying to search for the configuration file, grub copies data from a user controlled environment variable into an internal buffer using the grub_strcpy() function. During this step, it fails to consider the environment variable length when allocating the internal buffer, resulting in an out-of-bounds write. If correctly exploited, this issue may result in remote code execution through the same network segment grub is searching for the boot information, which can be used to by-pass secure boot protections. | |||||
| CVE-2022-40942 | 1 Tenda | 2 Tx3, Tx3 Firmware | 2025-05-21 | N/A | 9.8 CRITICAL |
| Tenda TX3 US_TX3V1.0br_V16.03.13.11 is vulnerable to stack overflow via compare_parentcontrol_time. | |||||
| CVE-2022-38932 | 1 Toaruos | 1 Toaruos | 2025-05-21 | N/A | 7.8 HIGH |
| readelf in ToaruOS 2.0.1 has a global overflow allowing RCE when parsing a crafted ELF file. | |||||
| CVE-2022-1270 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2025-05-21 | N/A | 7.8 HIGH |
| In GraphicsMagick, a heap buffer overflow was found when parsing MIFF. | |||||
| CVE-2022-40363 | 1 Flipperzero | 2 Flipper Zero, Flipper Zero Firmware | 2025-05-21 | N/A | 5.5 MEDIUM |
| A buffer overflow in the component nfc_device_load_mifare_ul_data of Flipper Devices Inc., Flipper Zero before v0.65.2 allows attackers to cause a Denial of Service (DoS) via a crafted NFC file. | |||||