Export limit exceeded: 22043 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (22043 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-8772 | 2026-04-15 | 4.3 Medium | ||
| 51l3nc3, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API managedoverlayimages.cgi was vulnerable to a race condition attack allowing for an attacker to block access to the overlay configuration page in the web interface of the Axis device. This flaw can only be exploited after authenticating with an operator- or administrator-privileged service account. Axis has released patched AXIS OS versions for the highlighted flaw. Please refer to the Axis security advisory for more information and solution. | ||||
| CVE-2024-53310 | 2026-04-15 | 5.5 Medium | ||
| A Structured Exception Handler based buffer overflow vulnerability exists in Effectmatrix Total Video Converter Command Line (TVCC) 2.50 when a specially crafted file is passed to the -ff parameter. The vulnerability occurs due to improper handling of file input with overly long characters, leading to memory corruption. This can result in arbitrary code execution or denial of service. | ||||
| CVE-2024-53309 | 2026-04-15 | 5.5 Medium | ||
| A stack-based buffer overflow vulnerability exists in Effectmatrix Total Video Converter Command Line (TVCC) 2.50 when an overly long string is passed to the "-f" parameter. This can lead to memory corruption, potentially allowing arbitrary code execution or causing a denial of service via specially crafted input. | ||||
| CVE-2024-9404 | 2026-04-15 | 7.5 High | ||
| This vulnerability could lead to denial-of-service or service crashes. Exploitation of the moxa_cmd service, because of insufficient input validation, allows attackers to disrupt operations. If exposed to public networks, the vulnerability poses a significant remote threat, potentially allowing attackers to shut down affected systems. | ||||
| CVE-2024-52799 | 1 Argoproj | 1 Argo-helm | 2026-04-15 | 8.3 High |
| Argo Workflows Chart is used to set up argo and its needed dependencies through one command. Prior to 0.44.0, the workflow-role has excessive privileges, the worst being create pods/exec, which will allow kubectl exec into any Pod in the same namespace, i.e. arbitrary code execution within those Pods. If a user can be made to run a malicious template, their whole namespace can be compromised. This affects versions of the argo-workflows Chart that use appVersion: 3.4 and above, which no longer need these permissions for the only available Executor, Emissary. It could also affect users below 3.4 depending on their choice of Executor in those versions. This only affects the Helm Chart and not the upstream manifests. This vulnerability is fixed in 0.44.0. | ||||
| CVE-2024-52564 | 1 Iodata | 2 Ud-lt1\/ex Firmware, Ud-lt1 Firmware | 2026-04-15 | N/A |
| Inclusion of undocumented features or chicken bits issue exists in UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier. A remote attacker may disable the firewall function of the affected products. As a result, an arbitrary OS command may be executed and/or configuration settings of the device may be altered. | ||||
| CVE-2024-52547 | 1 Lorextechnology | 1 W461asc-e Firmware | 2026-04-15 | 7.2 High |
| An authenticated attacker can trigger a stack based buffer overflow in the DHIP Service (TCP port 80). This vulnerability has been resolved in firmware version 2.800.0000000.8.R.20241111. | ||||
| CVE-2024-54090 | 2026-04-15 | 5.9 Medium | ||
| A vulnerability has been identified in APOGEE PXC Series (BACnet) (All versions), APOGEE PXC Series (P2 Ethernet) (All versions), TALON TC Series (BACnet) (All versions). Affected devices contain an out-of-bounds read in the memory dump function. This could allow an attacker with Medium (MED) or higher privileges to cause the device to enter an insecure cold start state. | ||||
| CVE-2024-0218 | 1 Nozominetworks | 1 Guardian | 2026-04-15 | 7.5 High |
| A Denial of Service (Dos) vulnerability in Nozomi Networks Guardian, caused by improper input validation in certain fields used in the Radius parsing functionality of our IDS, allows an unauthenticated attacker sending specially crafted malformed network packets to cause the IDS module to stop updating nodes, links, and assets. Network traffic may not be analyzed until the IDS module is restarted. | ||||
| CVE-2023-25494 | 2026-04-15 | 6.7 Medium | ||
| A potential vulnerability were reported in the BIOS of some Desktop, Smart Edge, and ThinkStation products that could allow a local attacker with elevated privileges to write to NVRAM variables. | ||||
| CVE-2024-0149 | 2026-04-15 | 3.3 Low | ||
| NVIDIA GPU Display Driver for Linux contains a vulnerability which could allow an attacker unauthorized access to files. A successful exploit of this vulnerability might lead to limited information disclosure. | ||||
| CVE-2024-0146 | 2026-04-15 | 7.8 High | ||
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause memory corruption. A successful exploit of this vulnerability might lead to code execution, denial of service, information disclosure, or data tampering. | ||||
| CVE-2024-0145 | 2026-04-15 | 6.8 Medium | ||
| NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a heap-based buffer overflow issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to code execution and data tampering. | ||||
| CVE-2024-0144 | 2026-04-15 | 6.8 Medium | ||
| NVIDIA nvJPEG2000 library contains a vulnerability where an attacker can cause a buffer overflow issue by means of a specially crafted JPEG2000 file. A successful exploit of this vulnerability might lead to data tampering. | ||||
| CVE-2023-25546 | 2026-04-15 | 2.5 Low | ||
| Out-of-bounds read in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable denial of service via local access. | ||||
| CVE-2024-0121 | 1 Nvidia | 3 Cloud Gaming Guest, Gpu Display Driver, Virtual Gpu | 2026-04-15 | 7.8 High |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2024-0120 | 1 Nvidia | 3 Cloud Gaming Guest, Gpu Display Driver, Virtual Gpu | 2026-04-15 | 7.8 High |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2024-0119 | 1 Nvidia | 3 Cloud Gaming Guest, Gpu Display Driver, Virtual Gpu | 2026-04-15 | 7.8 High |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2024-0118 | 1 Nvidia | 3 Cloud Gaming Guest, Gpu Display Driver, Virtual Gpu | 2026-04-15 | 7.8 High |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the user mode layer, where an unprivileged regular user can cause an out-of-bounds read. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, and data tampering. | ||||
| CVE-2025-32007 | 1 Intel | 1 Tdx Module | 2026-04-15 | 4.4 Medium |
| Out-of-bounds read for some TDX before version tdx module 1.5.24 within Ring 0: Hypervisor may allow an information disclosure. Authorized adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | ||||