Total
13886 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-2794 | 4 Fedoraproject, Linux, Ofono and 1 more | 4 Fedora, Ofono, Ofono and 1 more | 2025-11-04 | 8.1 High |
| A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_deliver(). | ||||
| CVE-2024-36288 | 1 Linux | 1 Linux Kernel | 2025-11-04 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix loop termination condition in gss_free_in_token_pages() The in_token->pages[] array is not NULL terminated. This results in the following KASAN splat: KASAN: maybe wild-memory-access in range [0x04a2013400000008-0x04a201340000000f] | ||||
| CVE-2024-27851 | 2 Apple, Redhat | 14 Ipados, Iphone Os, Mac Os and 11 more | 2025-11-04 | 7.5 High |
| The issue was addressed with improved bounds checks. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2024-27833 | 2 Apple, Redhat | 12 Ipad Os, Ipados, Iphone Os and 9 more | 2025-11-04 | 7.5 High |
| An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2024-27820 | 2 Apple, Redhat | 15 Ipad Os, Ipados, Iphone Os and 12 more | 2025-11-04 | 7.5 High |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution. | ||||
| CVE-2024-27808 | 2 Apple, Redhat | 14 Ipad Os, Ipados, Iphone Os and 11 more | 2025-11-04 | 7.5 High |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution. | ||||
| CVE-2024-11495 | 2 Oilydbg, Ollydbg | 2 Oilydbg.exe, Ollydbg | 2025-11-04 | 7.5 High |
| Buffer overflow vulnerability in OllyDbg, version 1.10, which could allow a local attacker to execute arbitrary code due to lack of proper bounds checking. | ||||
| CVE-2024-27879 | 1 Apple | 2 Ipados, Iphone Os | 2025-11-04 | 7.5 High |
| The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18. An attacker may be able to cause unexpected app termination. | ||||
| CVE-2023-38406 | 2 Frrouting, Redhat | 3 Frrouting, Enterprise Linux, Rhel Eus | 2025-11-04 | 9.8 Critical |
| bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow." | ||||
| CVE-2025-43504 | 1 Apple | 1 Xcode | 2025-11-04 | 4.9 Medium |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in Xcode 26.1. A user in a privileged network position may be able to cause a denial-of-service. | ||||
| CVE-2022-26129 | 1 Frrouting | 1 Frrouting | 2025-11-04 | 7.8 High |
| Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the subtlv length in the functions, parse_hello_subtlv, parse_ihu_subtlv, and parse_update_subtlv in babeld/message.c. | ||||
| CVE-2022-26128 | 1 Frrouting | 1 Frrouting | 2025-11-04 | 7.8 High |
| A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the babel_packet_examin function in babeld/message.c. | ||||
| CVE-2022-26127 | 1 Frrouting | 1 Frrouting | 2025-11-04 | 7.8 High |
| A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to missing a check on the input packet length in the babel_packet_examin function in babeld/message.c. | ||||
| CVE-2022-26126 | 2 Fedoraproject, Frrouting | 2 Fedora, Frrouting | 2025-11-04 | 7.8 High |
| Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to the use of strdup with a non-zero-terminated binary string in isis_nb_notifications.c. | ||||
| CVE-2022-26125 | 2 Frrouting, Redhat | 2 Frrouting, Enterprise Linux | 2025-11-04 | 7.5 High |
| Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd/isis_tlvs.c. | ||||
| CVE-2022-0204 | 3 Bluez, Debian, Fedoraproject | 3 Bluez, Debian Linux, Fedora | 2025-11-04 | 8.8 High |
| A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service. | ||||
| CVE-2025-8034 | 2 Mozilla, Redhat | 4 Firefox, Firefox Esr, Thunderbird and 1 more | 2025-11-04 | 8.8 High |
| Memory safety bugs present in Firefox ESR 115.25, Firefox ESR 128.12, Thunderbird ESR 128.12, Firefox ESR 140.0, Thunderbird ESR 140.0, Firefox 140 and Thunderbird 140. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 141, Firefox ESR < 115.26, Firefox ESR < 128.13, Firefox ESR < 140.1, Thunderbird < 141, Thunderbird < 128.13, and Thunderbird < 140.1. | ||||
| CVE-2025-26781 | 1 Samsung | 39 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 36 more | 2025-11-04 | 7.5 High |
| An issue was discovered in L2 in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 9110, W920, W930, Modem 5123, and Modem 5300. Incorrect handling of RLC AM PDUs leads to a Denial of Service. | ||||
| CVE-2025-43277 | 1 Apple | 7 Ios, Ipados, Macos and 4 more | 2025-11-04 | 7.8 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.8. Processing a maliciously crafted audio file may lead to memory corruption. | ||||
| CVE-2025-8734 | 1 Gnu | 1 Bison | 2025-11-04 | 3.3 Low |
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Additional analysis indicates that the files referenced in the stack trace do not exist in Bison. | ||||