CVE-2025-2338

MEDIUM Year: 2025
CVSS v3 Score
6.3
Medium
CVSS v2 Score
7.5
High
Weakness Type
CWE-119
View all →

Vulnerability Description

A vulnerability, which was classified as critical, was found in tbeu matio 1.5.28. Affected is the function strdup_vprintf of the file src/io.c. The manipulation leads to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

Related Vulnerabilities

CVE-2013-3245

MEDIUM
CVSS:6.3(Medium)

plugins/demux/libmkv_plugin.dll in VideoLAN VLC Media Player 2.0.7, and possibly other versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a ...

CWE-1192013

CVE-2016-1176

MEDIUM
CVSS:6.3(Medium)

Buffer overflow in the ActiveX control in Sharp EVA Animeter allows remote attackers to execute arbitrary code via a crafted web page.

CWE-1192016

CVE-2016-1628

MEDIUM
CVSS:6.3(Medium)

pi.c in OpenJPEG, as used in PDFium in Google Chrome before 48.0.2564.109, does not validate a certain precision value, which allows remote attackers to execute arbitrary code or cause a denial of ser...

CWE-1192016

CVE-2016-1737

MEDIUM
CVSS:6.3(Medium)

Carbon in Apple OS X before 10.11.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dfont file.

CWE-1192016

CVE-2016-2837

MEDIUM
CVSS:6.3(Medium)

Heap-based buffer overflow in the ClearKey Content Decryption Module (CDM) in the Encrypted Media Extensions (EME) API in Mozilla Firefox before 48.0 and Firefox ESR 45.x before 45.3 might allow remot...

CWE-1192016

CVE-2016-5728

MEDIUM
CVSS:6.3(Medium)

Race condition in the vop_ioctl function in drivers/misc/mic/vop/vop_vringh.c in the MIC VOP driver in the Linux kernel before 4.6.1 allows local users to obtain sensitive information from kernel memo...

CWE-1192016