Export limit exceeded: 19933 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45339 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 21316 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21316 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-46867 | 1 Huawei | 2 Emui, Harmonyos | 2025-04-10 | 7.5 High |
| The HW_KEYMASTER module has a problem in releasing memory.Successful exploitation of this vulnerability may result in out-of-bounds memory access. | ||||
| CVE-2022-4433 | 1 Lenovo | 2 Thinkpad X13s, Thinkpad X13s Firmware | 2025-04-10 | 6.7 Medium |
| A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoSetupConfigDxe driver that could allow a local attacker with elevated privileges to cause information disclosure. | ||||
| CVE-2022-4434 | 1 Lenovo | 2 Thinkpad X13s, Thinkpad X13s Firmware | 2025-04-10 | 6.7 Medium |
| A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS driver that could allow a local attacker with elevated privileges to cause information disclosure. | ||||
| CVE-2022-4435 | 1 Lenovo | 2 Thinkpad X13s, Thinkpad X13s Firmware | 2025-04-10 | 6.7 Medium |
| A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoRemoteConfigUpdateDxe driver that could allow a local attacker with elevated privileges to cause information disclosure. | ||||
| CVE-2024-41586 | 1 Draytek | 2 Vigor3910, Vigor3910 Firmware | 2025-04-10 | 8 High |
| A stack-based Buffer Overflow vulnerability in DrayTek Vigor310 devices through 4.3.2.6 allows a remote attacker to execute arbitrary code via a long query string to the cgi-bin/ipfedr.cgi component. | ||||
| CVE-2024-33835 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-04-10 | 9.8 Critical |
| Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the remoteIp parameter from formSetSafeWanWebMan function. | ||||
| CVE-2025-25676 | 1 Tenda | 2 I12, I12 Firmware | 2025-04-10 | 9.8 Critical |
| Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDset function. | ||||
| CVE-2025-25678 | 1 Tenda | 2 I12, I12 Firmware | 2025-04-10 | 9.8 Critical |
| Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the funcpara1 parameter in the formSetCfm function. | ||||
| CVE-2025-25679 | 1 Tenda | 2 I12, I12 Firmware | 2025-04-10 | 8 High |
| Tenda i12 V1.0.0.10(3805) was discovered to contain a buffer overflow via the index parameter in the formWifiMacFilterSet function. | ||||
| CVE-2025-25505 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-04-10 | 6.5 Medium |
| Tenda AC6 15.03.05.16_multi is vulnerable to Buffer Overflow in the sub_452A4 function. | ||||
| CVE-2025-25510 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2025-04-10 | 6.5 Medium |
| Tenda AC8 V16.03.34.06 is vulnerable to Buffer Overflow in the get_parentControl_list_Info function. | ||||
| CVE-2025-1851 | 1 Tenda | 2 Ac7, Ac7 Firmware | 2025-04-10 | 8.8 High |
| A vulnerability, which was classified as critical, was found in Tenda AC7 up to 15.03.06.44. This affects the function formSetFirewallCfg of the file /goform/SetFirewallCfg. The manipulation of the argument firewallEn leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2022-47656 | 1 Gpac | 1 Gpac | 2025-04-09 | 7.8 High |
| GPAC MP4box 2.1-DEV-rev617-g85ce76efd is vulnerable to Buffer Overflow in gf_hevc_read_sps_bs_internal function of media_tools/av_parsers.c:8273 | ||||
| CVE-2022-47095 | 1 Gpac | 1 Gpac | 2025-04-09 | 7.8 High |
| GPAC MP4box 2.1-DEV-rev574-g9d5bb184b is vulnerable to Buffer overflow in hevc_parse_vps_extension function of media_tools/av_parsers.c | ||||
| CVE-2023-5457 | 1 Ailux | 1 Imx6 | 2025-04-09 | 7.5 High |
| A CWE-1269 “Product Released in Non-Release Configuration” vulnerability in the Django web framework used by the web application (due to the “debug” configuration parameter set to “True”) allows a remote unauthenticated attacker to access critical information and have other unspecified impacts to the confidentiality, integrity, and availability of the application. This issue affects: AiLux imx6 bundle below version imx6_1.0.7-2. | ||||
| CVE-2022-33276 | 1 Qualcomm | 268 Ar8035, Ar8035 Firmware, Ar9380 and 265 more | 2025-04-09 | 8.4 High |
| Memory corruption due to buffer copy without checking size of input in modem while receiving WMI_REQUEST_STATS_CMDID command. | ||||
| CVE-2022-33274 | 1 Qualcomm | 22 Qam8295p, Qam8295p Firmware, Qca6574au and 19 more | 2025-04-09 | 8.4 High |
| Memory corruption in android core due to improper validation of array index while returning feature ids after license authentication. | ||||
| CVE-2022-33253 | 1 Qualcomm | 322 Aqt1000, Aqt1000 Firmware, Ar8035 and 319 more | 2025-04-09 | 7.5 High |
| Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames. | ||||
| CVE-2022-33252 | 1 Qualcomm | 322 Aqt1000, Aqt1000 Firmware, Ar8035 and 319 more | 2025-04-09 | 8.2 High |
| Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame. | ||||
| CVE-2022-25746 | 1 Qualcomm | 196 Aqt1000, Aqt1000 Firmware, Ar8035 and 193 more | 2025-04-09 | 8.1 High |
| Memory corruption in kernel due to missing checks when updating the access rights of a memextent mapping. | ||||