Total
13807 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-2794 | 4 Fedoraproject, Linux, Ofono and 1 more | 4 Fedora, Ofono, Ofono and 1 more | 2025-11-04 | 8.1 High |
| A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_deliver(). | ||||
| CVE-2024-36288 | 1 Linux | 1 Linux Kernel | 2025-11-04 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix loop termination condition in gss_free_in_token_pages() The in_token->pages[] array is not NULL terminated. This results in the following KASAN splat: KASAN: maybe wild-memory-access in range [0x04a2013400000008-0x04a201340000000f] | ||||
| CVE-2024-27851 | 2 Apple, Redhat | 14 Ipados, Iphone Os, Mac Os and 11 more | 2025-11-04 | 7.5 High |
| The issue was addressed with improved bounds checks. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2024-27833 | 2 Apple, Redhat | 12 Ipad Os, Ipados, Iphone Os and 9 more | 2025-11-04 | 7.5 High |
| An integer overflow was addressed with improved input validation. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5. Processing maliciously crafted web content may lead to arbitrary code execution. | ||||
| CVE-2024-27820 | 2 Apple, Redhat | 15 Ipad Os, Ipados, Iphone Os and 12 more | 2025-11-04 | 7.5 High |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, iOS 16.7.8 and iPadOS 16.7.8, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution. | ||||
| CVE-2024-27808 | 2 Apple, Redhat | 14 Ipad Os, Ipados, Iphone Os and 11 more | 2025-11-04 | 7.5 High |
| The issue was addressed with improved memory handling. This issue is fixed in tvOS 17.5, visionOS 1.2, Safari 17.5, iOS 17.5 and iPadOS 17.5, watchOS 10.5, macOS Sonoma 14.5. Processing web content may lead to arbitrary code execution. | ||||
| CVE-2024-22391 | 3 Fedoraproject, Grassroot, Grassroots Dicom Project | 3 Fedora, Grassroot Platform, Grassroots Dicom | 2025-11-04 | 7.7 High |
| A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted malformed file can lead to memory corruption. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2024-22373 | 2 Fedoraproject, Grassroots Dicom Project | 2 Fedora, Grassroots Dicom | 2025-11-04 | 8.1 High |
| An out-of-bounds write vulnerability exists in the JPEG2000Codec::DecodeByStreamsCommon functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2024-11495 | 2 Oilydbg, Ollydbg | 2 Oilydbg.exe, Ollydbg | 2025-11-04 | 7.5 High |
| Buffer overflow vulnerability in OllyDbg, version 1.10, which could allow a local attacker to execute arbitrary code due to lack of proper bounds checking. | ||||
| CVE-2025-43447 | 1 Apple | 5 Ios, Ipados, Iphone Os and 2 more | 2025-11-04 | 5.5 Medium |
| The issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS 26.1 and iPadOS 26.1, visionOS 26.1. An app may be able to cause unexpected system termination or corrupt kernel memory. | ||||
| CVE-2024-27879 | 1 Apple | 2 Ipados, Iphone Os | 2025-11-04 | 7.5 High |
| The issue was addressed with improved bounds checks. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18. An attacker may be able to cause unexpected app termination. | ||||
| CVE-2023-38406 | 2 Frrouting, Redhat | 3 Frrouting, Enterprise Linux, Rhel Eus | 2025-11-04 | 9.8 Critical |
| bgpd/bgp_flowspec.c in FRRouting (FRR) before 8.4.3 mishandles an nlri length of zero, aka a "flowspec overflow." | ||||
| CVE-2025-43373 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2025-11-04 | 7.5 High |
| The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.8.2, macOS Sequoia 15.7.2. An app may be able to cause unexpected system termination or corrupt kernel memory. | ||||
| CVE-2025-43504 | 1 Apple | 1 Xcode | 2025-11-04 | 4.9 Medium |
| A buffer overflow was addressed with improved bounds checking. This issue is fixed in Xcode 26.1. A user in a privileged network position may be able to cause a denial-of-service. | ||||
| CVE-2022-26129 | 1 Frrouting | 1 Frrouting | 2025-11-04 | 7.8 High |
| Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the subtlv length in the functions, parse_hello_subtlv, parse_ihu_subtlv, and parse_update_subtlv in babeld/message.c. | ||||
| CVE-2022-26128 | 1 Frrouting | 1 Frrouting | 2025-11-04 | 7.8 High |
| A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the babel_packet_examin function in babeld/message.c. | ||||
| CVE-2022-26127 | 1 Frrouting | 1 Frrouting | 2025-11-04 | 7.8 High |
| A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to missing a check on the input packet length in the babel_packet_examin function in babeld/message.c. | ||||
| CVE-2022-26126 | 2 Fedoraproject, Frrouting | 2 Fedora, Frrouting | 2025-11-04 | 7.8 High |
| Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to the use of strdup with a non-zero-terminated binary string in isis_nb_notifications.c. | ||||
| CVE-2022-26125 | 2 Frrouting, Redhat | 2 Frrouting, Enterprise Linux | 2025-11-04 | 7.5 High |
| Buffer overflow vulnerabilities exist in FRRouting through 8.1.0 due to wrong checks on the input packet length in isisd/isis_tlvs.c. | ||||
| CVE-2022-0204 | 3 Bluez, Debian, Fedoraproject | 3 Bluez, Debian Linux, Fedora | 2025-11-04 | 8.8 High |
| A heap overflow vulnerability was found in bluez in versions prior to 5.63. An attacker with local network access could pass specially crafted files causing an application to halt or crash, leading to a denial of service. | ||||