Total
4679 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-37816 | 2026-04-15 | 4.2 Medium | ||
| Quectel EC25-EUX EC25EUXGAR08A05M1G was discovered to contain a stack overflow. | ||||
| CVE-2020-37175 | 1 Ka Ming Cheung | 1 P2pwificam2 For Ios | 2026-04-15 | 7.5 High |
| P2PWIFICAM2 for iOS 10.4.1 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the Camera ID input field. Attackers can paste a 257-character buffer into the Camera ID field to trigger an application crash on iOS devices. | ||||
| CVE-2025-9558 | 1 Zephyrproject-rtos | 1 Zephyr | 2026-04-15 | 7.6 High |
| There is a potential OOB Write vulnerability in the gen_prov_start function in pb_adv.c. The full length of the received data is copied into the link.rx.buf receiver buffer without any validation on the data size. | ||||
| CVE-2024-39207 | 2026-04-15 | 8.2 High | ||
| lua-shmem v1.0-1 was discovered to contain a buffer overflow via the shmem_write function. | ||||
| CVE-2024-0146 | 2026-04-15 | 7.8 High | ||
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering. | ||||
| CVE-2025-32089 | 2 Broadcom, Dell | 2 Bcm5820x, Controlvault3 | 2026-04-15 | 8.8 High |
| A buffer overflow vulnerability exists in the CvManager_SBI functionality of Dell ControlVault3 prior to 5.15.14.19 and Dell ControlVault3 Plus prior to 6.2.36.47. A specially crafted ControlVault API call can lead to a arbitrary code execution. An attacker can issue an api call to trigger this vulnerability. | ||||
| CVE-2020-37189 | 1 Digitalvolcano Software | 1 Taskcanvas | 2026-04-15 | 7.5 High |
| TaskCanvas 1.4.0 contains a denial of service vulnerability in the registration code input field that allows attackers to crash the application. Attackers can generate a 1000-character buffer payload and paste it into the registration field to trigger an application crash. | ||||
| CVE-2024-6351 | 2026-04-15 | 4.3 Medium | ||
| A malformed packet can cause a buffer overflow in the NWK/APS layer of the Ember ZNet stack and lead to an assert | ||||
| CVE-2026-4687 | 1 Mozilla | 2 Firefox, Firefox Esr | 2026-04-14 | 9.6 Critical |
| Sandbox escape due to incorrect boundary conditions in the Telemetry component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | ||||
| CVE-2026-4689 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-04-14 | 10 Critical |
| Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | ||||
| CVE-2026-4690 | 1 Mozilla | 2 Firefox, Firefox Esr | 2026-04-14 | 9.6 Critical |
| Sandbox escape due to incorrect boundary conditions, integer overflow in the XPCOM component. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | ||||
| CVE-2026-4720 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-04-14 | 9.8 Critical |
| Memory safety bugs present in Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | ||||
| CVE-2026-4729 | 1 Mozilla | 2 Firefox, Thunderbird | 2026-04-14 | 9.8 Critical |
| Memory safety bugs present in Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149 and Thunderbird 149. | ||||
| CVE-2026-4721 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-04-14 | 9.8 Critical |
| Memory safety bugs present in Firefox ESR 115.33, Firefox ESR 140.8, Thunderbird ESR 140.8, Firefox 148 and Thunderbird 148. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149, Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9. | ||||
| CVE-2025-52909 | 1 Samsung | 21 Exynos, Exynos 1280, Exynos 1280 Firmware and 18 more | 2026-04-14 | 9.8 Critical |
| An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1280, 1330, 1380, 1480, 1580, W920, W930, and W1000. Incorrect Handling of the NL80211 vendor command leads to a buffer overflow via a certain ioctl message, issue 2 of 2. | ||||
| CVE-2026-5734 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2026-04-14 | 8.1 High |
| Memory safety bugs present in Firefox ESR 140.9.0, Thunderbird ESR 140.9.0, Firefox 149.0.1 and Thunderbird 149.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 149.0.2, Firefox ESR 140.9.1, Thunderbird 149.0.2, and Thunderbird 140.9.1. | ||||
| CVE-2025-45059 | 1 Dlink | 2 Di-8300, Di-8300 Firmware | 2026-04-14 | 7.5 High |
| D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the fn parameter in the tgfile_htm function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2025-52221 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2026-04-14 | 7.5 High |
| Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the formSetCfm function via the funcname, funcpara1, and funcpara2 parameters. | ||||
| CVE-2025-50673 | 2 D-link, Dlink | 3 Di-8003, Di-8003, Di-8003 Firmware | 2026-04-14 | 7.5 High |
| A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the http_lanport parameter in the /webgl.asp endpoint. | ||||
| CVE-2026-5867 | 4 Apple, Google, Linux and 1 more | 4 Macos, Chrome, Linux Kernel and 1 more | 2026-04-14 | 4.3 Medium |
| Heap buffer overflow in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. (Chromium security severity: High) | ||||