Export limit exceeded: 19553 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19553 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-29387 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2025-03-17 | 7.1 High |
| In Tenda AC9 v1.0 V15.03.05.14_multi, the wanSpeed parameter of /goform/AdvSetMacMtuWan has a stack overflow vulnerability, which can lead to remote arbitrary code execution. | ||||
| CVE-2023-20659 | 4 Google, Linux, Mediatek and 1 more | 37 Android, Linux Kernel, Mt5221 and 34 more | 2025-03-17 | 6.7 Medium |
| In wlan, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588413; Issue ID: ALPS07588413. | ||||
| CVE-2023-20658 | 2 Google, Mediatek | 8 Android, Mt6895, Mt6983 and 5 more | 2025-03-17 | 6.7 Medium |
| In isp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07537393; Issue ID: ALPS07180396. | ||||
| CVE-2023-20657 | 2 Google, Mediatek | 40 Android, Mt6580, Mt6735 and 37 more | 2025-03-17 | 6.7 Medium |
| In mtee, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571485; Issue ID: ALPS07571485. | ||||
| CVE-2023-20656 | 2 Google, Mediatek | 34 Android, Mt6765, Mt6768 and 31 more | 2025-03-17 | 6.7 Medium |
| In geniezone, there is a possible out of bounds write due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07571494; Issue ID: ALPS07571494. | ||||
| CVE-2023-20654 | 2 Google, Mediatek | 60 Android, Mt6580, Mt6731 and 57 more | 2025-03-17 | 6.7 Medium |
| In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589148. | ||||
| CVE-2022-37937 | 1 Hpe | 1 Serviceguard For Linux | 2025-03-17 | 9.8 Critical |
| Pre-auth memory corruption in HPE Serviceguard | ||||
| CVE-2024-3176 | 1 Google | 1 Chrome | 2025-03-17 | 8.8 High |
| Out of bounds write in SwiftShader in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-57011 | 1 Totolink | 2 X5000r, X5000r Firmware | 2025-03-17 | 8.8 High |
| TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "minute" parameters in setScheduleCfg. | ||||
| CVE-2023-5002 | 2 Fedoraproject, Pgadmin | 2 Fedora, Pgadmin 4 | 2025-03-17 | 6 Medium |
| A flaw was found in pgAdmin. This issue occurs when the pgAdmin server HTTP API validates the path a user selects to external PostgreSQL utilities such as pg_dump and pg_restore. Versions of pgAdmin prior to 7.6 failed to properly control the server code executed on this API, allowing an authenticated user to run arbitrary commands on the server. | ||||
| CVE-2024-35519 | 1 Netgear | 6 Ex3700, Ex3700 Firmware, Ex6100 and 3 more | 2025-03-17 | 8.4 High |
| Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi via the ap_mode parameter. | ||||
| CVE-2024-27387 | 1 Samsung | 18 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 15 more | 2025-03-17 | 6.7 Medium |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_rx_range_done_ind(), there is no input validation check on rtt_id coming from userspace, which can lead to a heap overwrite. | ||||
| CVE-2025-25664 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | 9.8 Critical |
| Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_49E098 function. | ||||
| CVE-2025-27512 | 2025-03-17 | N/A | ||
| Zincati is an auto-update agent for Fedora CoreOS hosts. Zincati ships a polkit rule which allows the `zincati` system user to use the actions `org.projectatomic.rpmostree1.deploy` to deploy updates to the system and `org.projectatomic.rpmostree1.finalize-deployment` to reboot the system into the deployed update. Since Zincati v0.0.24, this polkit rule contains a logic error which broadens access of those polkit actions to any unprivileged user rather than just the `zincati` system user. In practice, this means that any unprivileged user with access to the system D-Bus socket is able to deploy older Fedora CoreOS versions (which may have other known vulnerabilities). Note that rpm-ostree enforces that the selected version must be from the same branch the system is currently on so this cannot directly be used to deploy an attacker-controlled update payload. This primarily impacts users running untrusted workloads with access to the system D-Bus socket. Note that in general, untrusted workloads should not be given this access, whether containerized or not. By default, containers do not have access to the system D-Bus socket. The logic error is fixed in Zincati v0.0.30. A workaround is to manually add a following polkit rule, instructions for which are available in the GitHub Security Advisory. | ||||
| CVE-2024-46261 | 2 Cute Png, Randygaul | 2 Cute Png, Cute Png | 2025-03-17 | 7.8 High |
| cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_make32() function at cute_png.h. | ||||
| CVE-2025-25663 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | 9.8 Critical |
| A vulnerability was found in Tenda AC8V4 V16.03.34.06. Affected is the function SUB_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. | ||||
| CVE-2024-57704 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | 4.6 Medium |
| Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime leads to stack-based buffer overflow. | ||||
| CVE-2024-46652 | 1 Tenda | 3 Ac8, Ac8 Firmware, Ac8v4 Firmware | 2025-03-17 | 9.8 Critical |
| Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability in the fromAdvSetMacMtuWan function. | ||||
| CVE-2024-57703 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-03-17 | 7.3 High |
| Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedEndTime leads to stack-based buffer overflow. | ||||
| CVE-2024-57578 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-17 | 5.7 Medium |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the funcpara1 parameter in the formSetCfm function. | ||||