Total
8217 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-39089 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-28 | N/A | 4.4 MEDIUM |
|
In mlog service, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
|
|||||
| CVE-2022-47334 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-01-28 | N/A | 4.4 MEDIUM |
|
In phasecheck server, there is a possible out of bounds read due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
|
|||||
| CVE-2021-46794 | 1 Amd | 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more | 2025-01-28 | N/A | 7.5 HIGH |
|
Insufficient bounds checking in ASP (AMD Secure
Processor) may allow for an out of bounds read in SMI (System Management
Interface) mailbox checksum calculation triggering a data abort, resulting in a
potential denial of service.
|
|||||
| CVE-2021-46749 | 1 Amd | 112 Athlon Gold 3150g, Athlon Gold 3150g Firmware, Athlon Gold 3150ge and 109 more | 2025-01-28 | N/A | 7.5 HIGH |
|
Insufficient bounds checking in ASP (AMD Secure
Processor) may allow for an out of bounds read in SMI (System Management
Interface) mailbox checksum calculation triggering a data abort, resulting in a
potential denial of service.
|
|||||
| CVE-2021-26365 | 1 Amd | 108 Amd 3015ce, Amd 3015ce Firmware, Amd 3015e and 105 more | 2025-01-28 | N/A | 8.2 HIGH |
|
Certain size values in firmware binary headers
could trigger out of bounds reads during signature validation, leading to
denial of service or potentially limited leakage of information about
out-of-bounds memory contents.
|
|||||
| CVE-2025-21265 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-27 | N/A | 6.6 MEDIUM |
|
Windows Digital Media Elevation of Privilege Vulnerability
|
|||||
| CVE-2025-21263 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-27 | N/A | 6.6 MEDIUM |
|
Windows Digital Media Elevation of Privilege Vulnerability
|
|||||
| CVE-2025-21261 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-27 | N/A | 6.6 MEDIUM |
|
Windows Digital Media Elevation of Privilege Vulnerability
|
|||||
| CVE-2025-21260 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-27 | N/A | 6.6 MEDIUM |
|
Windows Digital Media Elevation of Privilege Vulnerability
|
|||||
| CVE-2025-21258 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-27 | N/A | 6.6 MEDIUM |
|
Windows Digital Media Elevation of Privilege Vulnerability
|
|||||
| CVE-2025-21257 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2025-01-27 | N/A | 5.5 MEDIUM |
|
Windows WLAN AutoConfig Service Information Disclosure Vulnerability
|
|||||
| CVE-2025-21256 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-27 | N/A | 6.6 MEDIUM |
|
Windows Digital Media Elevation of Privilege Vulnerability
|
|||||
| CVE-2025-21255 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-27 | N/A | 6.6 MEDIUM |
|
Windows Digital Media Elevation of Privilege Vulnerability
|
|||||
| CVE-2025-21229 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-01-27 | N/A | 6.6 MEDIUM |
|
Windows Digital Media Elevation of Privilege Vulnerability
|
|||||
| CVE-2025-21228 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-27 | N/A | 6.6 MEDIUM |
|
Windows Digital Media Elevation of Privilege Vulnerability
|
|||||
| CVE-2025-21227 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-27 | N/A | 6.6 MEDIUM |
|
Windows Digital Media Elevation of Privilege Vulnerability
|
|||||
| CVE-2025-21226 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-27 | N/A | 6.6 MEDIUM |
|
Windows Digital Media Elevation of Privilege Vulnerability
|
|||||
| CVE-2025-21178 | 1 Microsoft | 3 Visual Studio 2017, Visual Studio 2019, Visual Studio 2022 | 2025-01-27 | N/A | 8.8 HIGH |
|
Visual Studio Remote Code Execution Vulnerability
|
|||||
| CVE-2025-21215 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-27 | N/A | 4.6 MEDIUM |
|
Secure Boot Security Feature Bypass Vulnerability
|
|||||
| CVE-2021-46765 | 1 Amd | 88 Ryzen 3100, Ryzen 3100 Firmware, Ryzen 3300x and 85 more | 2025-01-27 | N/A | 7.5 HIGH |
|
Insufficient input validation in ASP may allow
an attacker with a compromised SMM to induce out-of-bounds memory reads within
the ASP, potentially leading to a denial of service.
|
|||||
| CVE-2025-21249 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-24 | N/A | 6.6 MEDIUM |
|
Windows Digital Media Elevation of Privilege Vulnerability
|
|||||
| CVE-2025-21246 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-24 | N/A | 8.8 HIGH |
|
Windows Telephony Service Remote Code Execution Vulnerability
|
|||||
| CVE-2025-21245 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-24 | N/A | 8.8 HIGH |
|
Windows Telephony Service Remote Code Execution Vulnerability
|
|||||
| CVE-2025-21232 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-24 | N/A | 6.6 MEDIUM |
|
Windows Digital Media Elevation of Privilege Vulnerability
|
|||||
| CVE-2025-21310 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-24 | N/A | 6.6 MEDIUM |
|
Windows Digital Media Elevation of Privilege Vulnerability
|
|||||
| CVE-2023-25008 | 1 Autodesk | 1 3ds Max Usd | 2025-01-24 | N/A | 7.8 HIGH |
|
A malicious actor may convince a user to open a malicious USD file that may trigger an out-of-bounds read vulnerability which could result in code execution.
|
|||||
| CVE-2023-20706 | 2 Google, Mediatek | 14 Android, Mt6853, Mt6853t and 11 more | 2025-01-24 | N/A | 5.5 MEDIUM |
|
In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767860; Issue ID: ALPS07767860.
|
|||||
| CVE-2023-20711 | 2 Google, Mediatek | 55 Android, Mt6580, Mt6731 and 52 more | 2025-01-24 | N/A | 4.4 MEDIUM |
|
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07581668; Issue ID: ALPS07581668.
|
|||||
| CVE-2023-21112 | 1 Google | 1 Android | 2025-01-24 | N/A | 5.5 MEDIUM |
|
In AnalyzeMfcResp of NxpMfcReader.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-252763983
|
|||||
| CVE-2023-20703 | 2 Google, Mediatek | 14 Android, Mt6853, Mt6853t and 11 more | 2025-01-24 | N/A | 5.5 MEDIUM |
|
In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767853; Issue ID: ALPS07767853.
|
|||||
| CVE-2023-20719 | 2 Google, Mediatek | 27 Android, Mt6580, Mt6739 and 24 more | 2025-01-24 | N/A | 4.4 MEDIUM |
|
In pqframework, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629583; Issue ID: ALPS07629583.
|
|||||
| CVE-2024-26000 | 1 Phoenixcontact | 8 Charx Sec-3000, Charx Sec-3000 Firmware, Charx Sec-3050 and 5 more | 2025-01-24 | N/A | 5.9 MEDIUM |
|
An unauthenticated remote attacker can read memory out of bounds due to improper input validation in the MQTT stack. The brute force attack is not always successful because of memory randomization.
|
|||||
| CVE-2023-20698 | 2 Google, Mediatek | 54 Android, Mt6580, Mt6731 and 51 more | 2025-01-23 | N/A | 4.4 MEDIUM |
|
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; Issue ID: ALPS07589144.
|
|||||
| CVE-2023-20697 | 2 Google, Mediatek | 54 Android, Mt6580, Mt6731 and 51 more | 2025-01-23 | N/A | 4.4 MEDIUM |
|
In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589148; Issue ID: ALPS07589148.
|
|||||
| CVE-2024-26003 | 1 Phoenixcontact | 8 Charx Sec-3000, Charx Sec-3000 Firmware, Charx Sec-3050 and 5 more | 2025-01-23 | N/A | 7.5 HIGH |
|
An unauthenticated remote attacker can DoS the control agent due to a out-of-bounds read which may prevent or disrupt the charging functionality.
|
|||||
| CVE-2025-21327 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-22 | N/A | 6.6 MEDIUM |
|
Windows Digital Media Elevation of Privilege Vulnerability
|
|||||
| CVE-2025-21324 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-22 | N/A | 6.6 MEDIUM |
|
Windows Digital Media Elevation of Privilege Vulnerability
|
|||||
| CVE-2025-21341 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-21 | N/A | 6.6 MEDIUM |
|
Windows Digital Media Elevation of Privilege Vulnerability
|
|||||
| CVE-2024-48855 | 1 Blackberry | 1 Qnx Software Development Platform | 2025-01-21 | N/A | 5.3 MEDIUM |
|
Out-of-bounds read in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec.
|
|||||
| CVE-2023-0621 | 1 Hornerautomation | 1 Cscape Envision Rv | 2025-01-17 | N/A | 7.8 HIGH |
|
Cscape Envision RV version 4.60 is vulnerable to an out-of-bounds read vulnerability when parsing project (i.e. HMI) files. The product lacks proper validation of user-supplied data, which could result in reads past the end of allocated data structures. An attacker could leverage these vulnerabilities to execute arbitrary code in the context of the current process.
|
|||||