Total
13413 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-21157 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-03-03 | 7.8 High |
| InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-21121 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-03-03 | 7.8 High |
| InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-21123 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-03-03 | 7.8 High |
| InDesign Desktop versions ID20.0, ID19.5.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-0870 | 1 Axiosys | 1 Bento4 | 2025-02-28 | 5.6 Medium |
| A vulnerability was found in Axiomatic Bento4 up to 1.6.0-641. It has been rated as critical. Affected by this issue is the function AP4_DataBuffer::GetData in the library Ap4DataBuffer.h. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. | ||||
| CVE-2025-0753 | 1 Axiosys | 1 Bento4 | 2025-02-28 | 6.3 Medium |
| A vulnerability classified as critical was found in Axiomatic Bento4 up to 1.6.0. This vulnerability affects the function AP4_StdcFileByteStream::ReadPartial of the component mp42aac. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-0751 | 1 Axiosys | 1 Bento4 | 2025-02-28 | 6.3 Medium |
| A vulnerability classified as critical has been found in Axiomatic Bento4 up to 1.6.0. This affects the function AP4_BitReader::ReadBits of the component mp42aac. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2023-20931 | 1 Google | 1 Android | 2025-02-28 | 7.8 High |
| In avdt_scb_hdl_write_req of avdt_scb_act.cc, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-242535997 | ||||
| CVE-2022-42499 | 1 Google | 1 Android | 2025-02-28 | 9.8 Critical |
| In sms_SendMmCpErrMsg of sms_MmConManagement.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-242001391References: N/A | ||||
| CVE-2022-42498 | 1 Google | 1 Android | 2025-02-28 | 9.8 Critical |
| In Pixel cellular firmware, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-240662453References: N/A | ||||
| CVE-2023-27117 | 1 Webassembly | 1 Webassembly | 2025-02-28 | 7.8 High |
| WebAssembly v1.0.29 was discovered to contain a heap overflow via the component component wabt::Node::operator. | ||||
| CVE-2021-3549 | 1 Gnu | 1 Binutils | 2025-02-28 | 7.1 High |
| An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avr_elf32_load_records_from_section() probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as well as system availability. | ||||
| CVE-2024-45555 | 1 Qualcomm | 82 Msm8996au, Msm8996au Firmware, Qam8255p and 79 more | 2025-02-28 | 8.4 High |
| Memory corruption can occur if an already verified IFS2 image is overwritten, bypassing boot verification. This allows unauthorized programs to be injected into security-sensitive images, enabling the booting of a tampered IFS2 system image. | ||||
| CVE-2023-21664 | 1 Qualcomm | 274 Aqt1000, Aqt1000 Firmware, Ar8035 and 271 more | 2025-02-27 | 7.8 High |
| Memory Corruption in Core Platform while printing the response buffer in log. | ||||
| CVE-2023-28538 | 1 Qualcomm | 260 Aqt1000, Aqt1000 Firmware, Csra6620 and 257 more | 2025-02-27 | 8.4 High |
| Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region. | ||||
| CVE-2023-28559 | 1 Qualcomm | 426 Aqt1000, Aqt1000 Firmware, Ar8031 and 423 more | 2025-02-27 | 7.8 High |
| Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload. | ||||
| CVE-2023-28560 | 1 Qualcomm | 534 8098, 8098 Firmware, 8998 and 531 more | 2025-02-27 | 7.8 High |
| Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload. | ||||
| CVE-2023-28562 | 1 Qualcomm | 136 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 133 more | 2025-02-27 | 9.8 Critical |
| Memory corruption while handling payloads from remote ESL. | ||||
| CVE-2023-28564 | 1 Qualcomm | 498 Aqt1000, Aqt1000 Firmware, Ar8031 and 495 more | 2025-02-27 | 7.8 High |
| Memory corruption in WLAN HAL while passing command parameters through WMI interfaces. | ||||
| CVE-2023-28565 | 1 Qualcomm | 588 9205 Lte, 9205 Lte Firmware, Apq8017 and 585 more | 2025-02-27 | 7.8 High |
| Memory corruption in WLAN HAL while handling command streams through WMI interfaces. | ||||
| CVE-2023-28567 | 1 Qualcomm | 582 315 5g Iot, 315 5g Iot Firmware, Aqt1000 and 579 more | 2025-02-27 | 7.8 High |
| Memory corruption in WLAN HAL while handling command through WMI interfaces. | ||||