Export limit exceeded: 42842 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 21311 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21311 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-0657 | 1 Carrier | 2 Automatedlogic Webctrl, I-vu | 2025-12-01 | N/A |
| A weakness in Automated Logic and Carrier i-Vu Gen5 router on driver version drv_gen5_106-01-2380, allows malformed packets to be sent through BACnet MS/TP network causing the devices to enter a fault state. This fault state requires a manual power cycle to return the device to network visibility. | ||||
| CVE-2025-12143 | 1 Abb | 1 Terra Ac Wallbox Jp | 2025-12-01 | 6.1 Medium |
| Stack-based Buffer Overflow vulnerability in ABB Terra AC wallbox.This issue affects Terra AC wallbox: through 1.8.33. | ||||
| CVE-2025-52539 | 1 Amd | 1 Xilinx Run Time | 2025-12-01 | 7.3 High |
| A buffer overflow with Xilinx Run Time Environment may allow a local attacker to read or corrupt data from the advanced extensible interface (AXI), potentially resulting in loss of confidentiality, integrity, and/or availability. | ||||
| CVE-2024-27008 | 4 Debian, Fedoraproject, Linux and 1 more | 4 Debian Linux, Fedora, Linux Kernel and 1 more | 2025-12-01 | 7.8 High |
| In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access When Output Resource (dcb->or) value is assigned in fabricate_dcb_output(), there may be out of bounds access to dac_users array in case dcb->or is zero because ffs(dcb->or) is used as index there. The 'or' argument of fabricate_dcb_output() must be interpreted as a number of bit to set, not value. Utilize macros from 'enum nouveau_or' in calls instead of hardcoding. Found by Linux Verification Center (linuxtesting.org) with SVACE. | ||||
| CVE-2025-36134 | 1 Ibm | 2 Sterling B2b Integrator, Sterling File Gateway | 2025-12-01 | 3.7 Low |
| IBM Sterling B2B Integrator and IBM Sterling File Gateway 6.0.0.0 through 6.1.2.7 and 6.2.0.0 through 6.2.0.5 and 6.2.1.1 could disclose sensitive information due to a missing or insecure SameSite attribute for a sensitive cookie. | ||||
| CVE-2024-53020 | 1 Qualcomm | 468 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 465 more | 2025-11-28 | 8.2 High |
| Information disclosure may occur while decoding the RTP packet with invalid header extension from network. | ||||
| CVE-2025-52584 | 1 Ashlar | 5 Argon, Cobalt, Cobalt Share and 2 more | 2025-11-28 | 7.8 High |
| In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing XE files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2025-46269 | 1 Ashlar | 5 Argon, Cobalt, Cobalt Share and 2 more | 2025-11-28 | 7.8 High |
| In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing VC6 files. This could lead to a heap-based buffer overflow. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2025-41392 | 1 Ashlar | 5 Argon, Cobalt, Cobalt Share and 2 more | 2025-11-28 | 7.8 High |
| In Ashlar-Vellum Cobalt, Xenon, Argon, Lithium, and Cobalt Share versions prior to 12.6.1204.204, the affected applications lack proper validation of user-supplied data when parsing AR files. This could lead to an out-of-bounds read. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. | ||||
| CVE-2025-21465 | 1 Qualcomm | 699 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 696 more | 2025-11-28 | 6.5 Medium |
| Information disclosure while processing the hash segment in an MBN file. | ||||
| CVE-2025-21464 | 1 Qualcomm | 685 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 682 more | 2025-11-28 | 6.5 Medium |
| Information disclosure while reading data from an image using specified offset and size parameters. | ||||
| CVE-2025-21463 | 1 Qualcomm | 422 Ar8035, Ar8035 Firmware, Csr8811 and 419 more | 2025-11-28 | 7.5 High |
| Transient DOS while processing the EHT operation IE in the received beacon frame. | ||||
| CVE-2024-53026 | 1 Qualcomm | 468 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 465 more | 2025-11-28 | 8.2 High |
| Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call. | ||||
| CVE-2024-53021 | 1 Qualcomm | 450 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 447 more | 2025-11-28 | 8.2 High |
| Information disclosure may occur while processing goodbye RTCP packet from network. | ||||
| CVE-2025-21487 | 1 Qualcomm | 455 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 452 more | 2025-11-28 | 8.2 High |
| Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the available buffer length. | ||||
| CVE-2025-47318 | 1 Qualcomm | 407 Apq8017, Apq8017 Firmware, Apq8064au and 404 more | 2025-11-28 | 7.5 High |
| Transient DOS while parsing the EPTM test control message to get the test pattern. | ||||
| CVE-2025-21488 | 1 Qualcomm | 217 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 214 more | 2025-11-28 | 8.2 High |
| Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set. | ||||
| CVE-2025-48502 | 1 Amd | 1 Uprof | 2025-11-26 | 5.5 Medium |
| Improper input validation within AMD uprof can allow a local attacker to overwrite MSR registers, potentially resulting in crash or denial of service. | ||||
| CVE-2025-48511 | 1 Amd | 1 Uprof | 2025-11-26 | 5.5 Medium |
| Improper input validation within AMD uprof can allow a local attacker to write to an arbitrary physical address, potentially resulting in crash or denial of service. | ||||
| CVE-2025-64720 | 1 Libpng | 1 Libpng | 2025-11-26 | 7.1 High |
| LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images with PNG_FLAG_OPTIMIZE_ALPHA enabled. The palette compositing code in png_init_read_transformations incorrectly applies background compositing during premultiplication, violating the invariant component ≤ alpha × 257 required by the simplified PNG API. This issue has been patched in version 1.6.51. | ||||