Lucene search
+L

476 matches found

nvd
nvd
added 2026/05/04 1:16 a.m.10 views

CVE-2026-42369

GV-VMS V20 is a Video Monitoring Software used to gather the feeds of many surveillance cameras and manage other security devices. It is a native application accessed locally, but it is also possible to enable remote access via the "WebCam Server" feature. Once enabled, it is possible to access t...

10CVSS0.00514EPSS
Exploits0References2
cnnvd
cnnvd
added 2026/05/04 12:0 a.m.10 views

GeoVision GV-VMS 缓冲区错误漏洞

GeoVision GV-VMS is a video management system software developed by GeoVision Corporation in China. The GeoVision GV-VMS V20 20.0.2 version contains a buffer error vulnerability. This vulnerability arises from the unbounded copying of base64-encoded strings in the WebCam Server function, leading ...

10CVSS6.5AI score0.00514EPSS
Exploits0References1
nvd
nvd
added 2026/04/28 4:16 p.m.4 views

CVE-2025-60887

An issue was discovered in Cista v0.15 and below. Insecure deserialization of untrusted input under certain conditions may lead to leaking of stack/heap addresses which may be used to bypass ASLR. Classes with pointer-like mechanics under the cista::raw namespace are prone to reference tampering,...

5.3CVSS0.00227EPSS
Exploits0References1
nvd
nvd
added 2026/04/16 7:16 a.m.6 views

CVE-2026-41034

ONLYOFFICE DocumentServer before 9.3.0 has an untrusted pointer dereference in XLS processing/conversion via pictFmla.cbBufInCtlStm and other vectors, leading to an information leak and ASLR bypass...

5CVSS0.00295EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/04/16 6:6 a.m.3 views

CVE-2026-41034

ONLYOFFICE DocumentServer before 9.3.0 has an untrusted pointer dereference in XLS processing/conversion via pictFmla.cbBufInCtlStm and other vectors, leading to an information leak and ASLR bypass...

5CVSS5.8AI score0.00295EPSS
Exploits0References2
packetstormnews
packetstormnews
added 2026/04/04 12:0 a.m.3 views

Defending Buffer Overflows in WebAssembly: A Transpiler Approach

WebAssembly is quickly becoming a popular compilation target for a variety of code. However, vulnerabilities in the source languages translate to vulnerabilities in the WebAssembly binaries. This work proposes a methodology and a WebAssembly transpiler to prevent buffer overflows in the unmanaged...

6AI score
Exploits0
redhatcve
redhatcve
added 2026/03/26 3:5 p.m.4 views

CVE-2019-25485

R 3.4.4 on Windows x64 contains a buffer overflow vulnerability in the GUI Preferences language menu field that allows local attackers to bypass DEP and ASLR protections. Attackers can inject a crafted payload through the Language for menus preference to trigger a structured exception handler cha...

6.9CVSS6.3AI score0.00119EPSS
Exploits0References1
cvelist
cvelist
added 2026/03/11 6:23 p.m.30 views

CVE-2019-25485 R 3.4.4 Windows x64 Buffer Overflow SEH DEP ASLR Bypass

R 3.4.4 on Windows x64 contains a buffer overflow vulnerability in the GUI Preferences language menu field that allows local attackers to bypass DEP and ASLR protections. Attackers can inject a crafted payload through the Language for menus preference to trigger a structured exception handler cha...

6.9CVSS0.00119EPSS
Exploits0References2
nvd
nvd
added 2026/03/10 6:18 p.m.6 views

CVE-2026-30897

A stack-based buffer overflow vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.3, FortiWeb 7.6.0 through 7.6.6, FortiWeb 7.4.0 through 7.4.11, FortiWeb 7.2 all versions, FortiWeb 7.0 all versions may allow a remote authenticated attacker who can bypass stack protection and ASLR to execute...

6.6CVSS0.00632EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/02/03 8:52 a.m.4 views

CVE-2026-22778

A flaw was found in vLLM, an inference and serving engine for large language models LLMs. A remote attacker can exploit this vulnerability by sending a specially crafted video URL to vLLM's multimodal endpoint. This action causes vLLM to leak a heap memory address, significantly reducing the...

9.8CVSS5.4AI score0.03816EPSS
Exploits0References7
attackerkb
attackerkb
added 2026/01/30 10:7 p.m.4 views

CVE-2020-37043

10-Strike Bandwidth Monitor 3.9 contains a buffer overflow vulnerability that allows attackers to bypass SafeSEH, ASLR, and DEP protections through carefully crafted input. Attackers can exploit the vulnerability by sending a malicious payload to the application's registration key input, enabling...

9.8CVSS6.6AI score0.00709EPSS
Exploits0References3Affected Software1
redhatcve
redhatcve
added 2026/01/30 10:10 a.m.9 views

CVE-2026-23569

An out-of-bounds read vulnerability in the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows a remote attacker to leak stack memory and cause a denial of service via a crafted request. The leaked stack memory could be used ...

7.5CVSS5.9AI score0.00341EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/01/30 12:0 a.m.11 views

PT-2026-5483

Name of the Vulnerable Software and Affected Versions 10-Strike Bandwidth Monitor version 3.9 Description The software contains a buffer overflow issue that allows attackers to bypass SafeSEH, ASLR, and DEP protections. Exploitation occurs through crafted input sent to the application’s...

9.8CVSS6.7AI score0.00709EPSS
Exploits0References5
nvd
nvd
added 2026/01/29 9:16 a.m.10 views

CVE-2026-23569

An out-of-bounds read vulnerability in the TeamViewer DEX Client former 1E Client - Content Distribution Service NomadBranch.exe prior version 26.1 for Windows allows a remote attacker to leak stack memory and cause a denial of service via a crafted request. The leaked stack memory could be used ...

7.5CVSS0.00341EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/01/28 3:18 p.m.13 views

CVE-2025-41728

A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially...

5.3CVSS5.8AI score0.00309EPSS
Exploits0References1
nessus
nessus
added 2026/01/16 12:0 a.m.4 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003650)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003650 advisory. The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs such as /bin/su because installexeccreds is called too late in loadelfbinary in...

4.7CVSS6.9AI score0.00485EPSS
Exploits1References15
nessus
nessus
added 2026/01/15 12:0 a.m.5 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003323)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003323 advisory. The archpickmmaplayout function in arch/x86/mm/mmap.c in the Linux kernel through 4.5.2 does not properly randomize the legacy base address, which makes it easier fo...

7.8CVSS7.4AI score0.0117EPSS
Exploits12References31
packetstorm
packetstorm
added 2025/12/09 12:0 a.m.199 views

📄 Android 7 / 8 / 8.1 Pointer Disclosure

A flaw in Android's Binder IPC allowed applications to craft Parcels where binder-object metadata overlapped with string data. When unmarshalling, the kernel inserted genuine kernel pointers into attacker-controlled buffers. These could then be echoed back through services like clipboard, resulti...

7.8CVSS6.7AI score0.00096EPSS
Exploits1
nessus
nessus
added 2025/11/18 12:0 a.m.7 views

Mozilla Thunderbird < 52.0

The version of Thunderbird installed on the remote macOS or Mac OS X host is prior to 52.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-09 advisory. - Mozilla developers and community members Carsten Book, Calixte Denizet, Christian Holler, Andrew McCreigh...

10CVSS7.9AI score0.17484EPSS
Exploits17References24
nessus
nessus
added 2025/11/18 12:0 a.m.5 views

Mozilla Firefox < 51.0

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 51.0. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2017-01 advisory. - A use-after-free vulnerability in the Media Decoder when working with media files when some events are fired...

9.8CVSS7.6AI score0.33199EPSS
Exploits24References25
Rows per page
Query Builder