Total
8221 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-30596 | 1 Tenda | 2 Fh1202, Fh1202 Firmware | 2025-03-13 | 9.8 Critical |
| Tenda FH1202 v1.2.0.14(408) has a stack overflow vulnerability in the deviceId parameter of the formSetDeviceName function. | ||||
| CVE-2024-40779 | 2 Apple, Redhat | 13 Ipados, Iphone Os, Macos and 10 more | 2025-03-13 | 5.5 Medium |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, Safari 17.6, iOS 17.6 and iPadOS 17.6, watchOS 10.6, tvOS 17.6, visionOS 1.3, macOS Sonoma 14.6. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2024-12693 | 1 Google | 1 Chrome | 2025-03-13 | 8 High |
| Out of bounds memory access in V8 in Google Chrome prior to 131.0.6778.204 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | ||||
| CVE-2024-27378 | 1 Samsung | 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more | 2025-03-13 | 6 Medium |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_send_action_frame_cert(), there is no input validation check on len coming from userspace, which can lead to a heap over-read. | ||||
| CVE-2023-52377 | 1 Huawei | 2 Emui, Harmonyos | 2025-03-13 | 7.4 High |
| Vulnerability of input data not being verified in the cellular data module.Successful exploitation of this vulnerability may cause out-of-bounds access. | ||||
| CVE-2024-32898 | 1 Google | 1 Android | 2025-03-13 | 4.7 Medium |
| In ProtocolCellIdentityParserV4::Parse() of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitation. | ||||
| CVE-2024-20022 | 5 Google, Linuxfoundation, Mediatek and 2 more | 34 Android, Yocto, Mt2737 and 31 more | 2025-03-13 | 6.7 Medium |
| In lk, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08528255; Issue ID: ALPS08528255. | ||||
| CVE-2024-27329 | 1 Pdf-xchange | 2 Pdf-tools, Pdf-xchange Editor | 2025-03-12 | 5.5 Medium |
| PDF-XChange Editor XPS File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XPS files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22285. | ||||
| CVE-2022-46440 | 1 Swftools | 1 Swftools | 2025-03-12 | 5.5 Medium |
| ttftool v0.9.2 was discovered to contain a segmentation violation via the readU16 function at ttf.c. | ||||
| CVE-2021-33367 | 1 Freeimage Project | 1 Freeimage | 2025-03-12 | 5.5 Medium |
| Buffer Overflow vulnerability in Freeimage v3.18.0 allows attacker to cause a denial of service via a crafted JXR file. | ||||
| CVE-2023-23502 | 1 Apple | 5 Ipados, Iphone Os, Macos and 2 more | 2025-03-12 | 5.5 Medium |
| An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in macOS Monterey 12.6.3, macOS Ventura 13.2, iOS 16.3 and iPadOS 16.3, tvOS 16.3, watchOS 9.3. An app may be able to determine kernel memory layout. | ||||
| CVE-2021-35369 | 1 Txjia | 1 Imcat | 2025-03-12 | 6.5 Medium |
| Arbitrary File Read vulnerability found in Peacexie ImCat v.5.2 fixed in v.5.4 allows attackers to obtain sensitive information via the filtering_get_contents function. | ||||
| CVE-2025-21254 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2025-03-12 | 6.5 Medium |
| Internet Connection Sharing (ICS) Denial of Service Vulnerability | ||||
| CVE-2025-21216 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2025-03-12 | 6.5 Medium |
| Internet Connection Sharing (ICS) Denial of Service Vulnerability | ||||
| CVE-2025-21212 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2025-03-12 | 6.5 Medium |
| Internet Connection Sharing (ICS) Denial of Service Vulnerability | ||||
| CVE-2025-21179 | 1 Microsoft | 2 Windows 11 24h2, Windows Server 2025 | 2025-03-12 | 4.8 Medium |
| DHCP Client Service Denial of Service Vulnerability | ||||
| CVE-2022-32830 | 1 Apple | 3 Ipados, Iphone Os, Tvos | 2025-03-11 | 7.5 High |
| An out-of-bounds read issue was addressed with improved bounds checking. This issue is fixed in tvOS 15.6, iOS 15.6 and iPadOS 15.6. Processing a maliciously crafted image may lead to disclosure of user information. | ||||
| CVE-2023-34256 | 3 Debian, Linux, Suse | 3 Debian Linux, Linux Kernel, Linux Enterprise | 2025-03-11 | 5.5 Medium |
| An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties because the kernel is not intended to defend against attackers with the stated "When modifying the block device while it is mounted by the filesystem" access. | ||||
| CVE-2022-35831 | 1 Microsoft | 8 Windows 10, Windows 11, Windows 8.1 and 5 more | 2025-03-11 | 5.5 Medium |
| Windows Remote Access Connection Manager Information Disclosure Vulnerability | ||||
| CVE-2025-23418 | 1 Openatom | 1 Openharmony | 2025-03-11 | 3.3 Low |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | ||||