CVE-2025-23247

MEDIUM Year: 2025
CVSS v3 Score
4.4
Medium
Weakness Type
CWE-130
View all →

Vulnerability Description

NVIDIA CUDA Toolkit for all platforms contains a vulnerability in the cuobjdump binary, where a failure to check the length of a buffer could allow a user to cause the tool to crash or execute arbitrary code by passing in a malformed ELF file. A successful exploit of this vulnerability might lead to arbitrary code execution.

Related Vulnerabilities

CVE-2021-27861

MEDIUM
CVSS:4.7(Medium)

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length (and optionally VLAN0 headers)

CWE-1302021

CVE-2021-27862

MEDIUM
CVSS:4.7(Medium)

Layer 2 network filtering capabilities such as IPv6 RA guard can be bypassed using LLC/SNAP headers with invalid length and Ethernet to Wifi frame conversion (and optionally VLAN0 headers).

CWE-1302021

CVE-2025-32366

MEDIUM
CVSS:4.8(Medium)

In ConnMan through 1.44, parse_rr in dnsproxy.c has a memcpy length that depends on an RR RDLENGTH value, i.e., *rdlen=ntohs(rr->rdlen) and memcpy(response+offset,*end,*rdlen) without a check for whet...

CWE-1302025

CVE-2024-24976

MEDIUM
CVSS:4.9(Medium)

A denial of service vulnerability exists in the OAS Engine File Data Source Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requ...

CWE-1302024

CVE-2025-29931

MEDIUM
CVSS:3.7(Low)

A vulnerability has been identified in TeleControl Server Basic (All versions < V3.1.2.2). The affected product does not properly validate a length field in a serialized message which it uses to deter...

CWE-1302025

CVE-2022-20686

MEDIUM
CVSS:5.3(Medium)

Multiple vulnerabilities in the Link Layer Discovery Protocol (LLDP) functionality of Cisco ATA 190 Series Analog Telephone Adapter firmware could allow an unauthenticated, remote attacker to execute ...

CWE-1302022