Total
2647 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-21948 | 2 Anycubic, Chitubox | 2 Chitubox, Chitubox Basic | 2025-04-15 | 7.8 High |
| A heap-based buffer overflow vulnerability exists in the readDatHeadVec functionality of AnyCubic Chitubox AnyCubic Plugin 1.0.0. A specially-crafted GF file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2025-31344 | 2025-04-15 | 7.3 High | ||
| Heap-based Buffer Overflow vulnerability in openEuler giflib on Linux. This vulnerability is associated with program files gif2rgb.C. This issue affects giflib: through 5.2.2. | ||||
| CVE-2025-29481 | 1 Libbpf Project | 1 Libbpf | 2025-04-15 | 6.2 Medium |
| Buffer Overflow vulnerability in libbpf 1.5.0 allows a local attacker to execute arbitrary code via the bpf_object__init_prog` function of libbpf. | ||||
| CVE-2022-41639 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2025-04-15 | 9.8 Critical |
| A heap based buffer overflow vulnerability exists in tile decoding code of TIFF image parser in OpenImageIO master-branch-9aeece7a and v2.3.19.0. A specially-crafted TIFF file can lead to an out of bounds memory corruption, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2022-41794 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2025-04-15 | 9.8 Critical |
| A heap based buffer overflow vulnerability exists in the PSD thumbnail resource parsing code of OpenImageIO 2.3.19.0. A specially-crafted PSD file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2022-41838 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2025-04-15 | 9.8 Critical |
| A code execution vulnerability exists in the DDS scanline parsing functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially-crafted .dds can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2022-43597 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2025-04-15 | 8.1 High |
| Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT8`. | ||||
| CVE-2022-23547 | 1 Pjsip | 1 Pjsip | 2025-04-15 | 6.5 Medium |
| PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. This issue is similar to GHSA-9pfh-r8x4-w26w. Possible buffer overread when parsing a certain STUN message. The vulnerability affects applications that uses STUN including PJNATH and PJSUA-LIB. The patch is available as commit in the master branch. | ||||
| CVE-2023-36417 | 1 Microsoft | 2 Ole Db Driver For Sql Server, Sql Server | 2025-04-14 | 7.8 High |
| Microsoft SQL OLE DB Remote Code Execution Vulnerability | ||||
| CVE-2023-36577 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1809, Windows 10 21h1 and 8 more | 2025-04-14 | 8.8 High |
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2023-36598 | 1 Microsoft | 11 Windows 10 1507, Windows 10 1809, Windows 10 21h1 and 8 more | 2025-04-14 | 7.8 High |
| Microsoft WDAC ODBC Driver Remote Code Execution Vulnerability | ||||
| CVE-2023-36730 | 1 Microsoft | 2 Odbc Driver For Sql Server, Sql Server | 2025-04-14 | 7.8 High |
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | ||||
| CVE-2022-43598 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2025-04-14 | 8.1 High |
| Multiple memory corruption vulnerabilities exist in the IFFOutput alignment padding functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to arbitrary code execution. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `m_spec.format` is `TypeDesc::UINT16`. | ||||
| CVE-2022-43599 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2025-04-14 | 8.1 High |
| Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `xmax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT8` | ||||
| CVE-2022-43600 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2025-04-14 | 8.1 High |
| Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `xmax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT16` | ||||
| CVE-2022-43601 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2025-04-14 | 8.1 High |
| Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `ymax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT16` | ||||
| CVE-2022-43602 | 2 Debian, Openimageio | 2 Debian Linux, Openimageio | 2025-04-14 | 8.1 High |
| Multiple code execution vulnerabilities exist in the IFFOutput::close() functionality of OpenImageIO Project OpenImageIO v2.4.4.2. A specially crafted ImageOutput Object can lead to a heap buffer overflow. An attacker can provide malicious input to trigger these vulnerabilities.This vulnerability arises when the `ymax` variable is set to 0xFFFF and `m_spec.format` is `TypeDesc::UINT8` | ||||
| CVE-2025-27177 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-04-14 | 7.8 High |
| InDesign Desktop versions ID20.1, ID19.5.2 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-29479 | 2025-04-12 | 4.0 Medium | ||
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | ||||
| CVE-2015-4491 | 9 Canonical, Fedoraproject, Gnome and 6 more | 9 Ubuntu Linux, Fedora, Gdk-pixbuf and 6 more | 2025-04-12 | N/A |
| Integer overflow in the make_filter_table function in pixops/pixops.c in gdk-pixbuf before 2.31.5, as used in Mozilla Firefox before 40.0 and Firefox ESR 38.x before 38.2 on Linux, Google Chrome on Linux, and other products, allows remote attackers to execute arbitrary code or cause a denial of service (heap-based buffer overflow and application crash) via crafted bitmap dimensions that are mishandled during scaling. | ||||