Export limit exceeded: 13676 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (13676 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-61859 | 1 Fujielectric | 2 Monitouch V-sft, V-sft | 2025-10-27 | 7.8 High |
| An out-of-bounds write vulnerability exists in VS6ComFile!CItemDraw::is_motion_tween of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution. | ||||
| CVE-2025-61858 | 1 Fujielectric | 2 Monitouch V-sft, V-sft | 2025-10-27 | 7.8 High |
| An out-of-bounds write vulnerability exists in VS6ComFile!set_AnimationItem of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution. | ||||
| CVE-2025-61857 | 1 Fujielectric | 2 Monitouch V-sft, V-sft | 2025-10-27 | 7.8 High |
| An out-of-bounds write vulnerability exists in VS6ComFile!CItemExChange::WinFontDynStrCheck of V-SFT v6.2.7.0 and earlier. Opening specially crafted V-SFT files may lead to information disclosure, affected system's abnormal end (ABEND), and arbitrary code execution. | ||||
| CVE-2024-45183 | 1 Samsung | 14 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 11 more | 2025-10-27 | 6.5 Medium |
| An issue was discovered in Samsung Mobile Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, and 2400. A lack of a JPEG length check leads to an out-of-bound write. | ||||
| CVE-2020-27930 | 1 Apple | 5 Ipados, Iphone Os, Mac Os X and 2 more | 2025-10-27 | 7.8 High |
| A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. Processing a maliciously crafted font may lead to arbitrary code execution. | ||||
| CVE-2023-23376 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2025-10-27 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2020-14871 | 1 Oracle | 1 Solaris | 2025-10-27 | 10 Critical |
| Vulnerability in the Oracle Solaris product of Oracle Systems (component: Pluggable authentication module). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. Note: This CVE is not exploitable for Solaris 11.1 and later releases, and ZFSSA 8.7 and later releases, thus the CVSS Base Score is 0.0. CVSS 3.1 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). | ||||
| CVE-2021-35211 | 1 Solarwinds | 1 Serv-u | 2025-10-27 | 9 Critical |
| Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. If exploited, a threat actor may be able to gain privileged access to the machine hosting Serv-U Only. SolarWinds Serv-U Managed File Transfer and Serv-U Secure FTP for Windows before 15.2.3 HF2 are affected by this vulnerability. | ||||
| CVE-2025-47202 | 1 Samsung | 38 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 35 more | 2025-10-27 | 9.1 Critical |
| In RRC in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400, the lack of a length check leads to out-of-bounds writes. | ||||
| CVE-2025-60339 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-10-27 | 7.5 High |
| Multiple buffer overflow vulnerabilities in the openSchedWifi function of Tenda AC6 v.15.03.06.50 allows attackers to cause a Denial of Service (DoS) via injecting a crafted payload into the schedStartTime and schedEndTime parameters. | ||||
| CVE-2025-60337 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-10-27 | 7.5 High |
| Tenda AC6 V2.0 15.03.06.50 was discovered to contain a buffer overflow in the speed_dir parameter in the SetSpeedWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2023-48697 | 1 Eclipse | 1 Threadx Usbx | 2025-10-27 | 6.4 Medium |
| Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to memory buffer and pointer vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in pictbridge and host class, related to PIMA, storage, CDC ACM, ECM, audio, hub in RTOS v6.2.1 and below. The fixes have been included in USBX release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2023-48695 | 1 Eclipse | 1 Threadx Usbx | 2025-10-27 | 7.2 High |
| Azure RTOS USBX is a USB host, device, and on-the-go (OTG) embedded stack, that is fully integrated with Azure RTOS ThreadX. An attacker can cause remote code execution due to out of bounds write vulnerabilities in Azure RTOS USBX. The affected components include functions/processes in host and device classes, related to CDC ECM and RNDIS in RTOS v6.2.1 and below. The fixes have been included in USBX release 6.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||
| CVE-2021-30632 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-10-24 | 8.8 High |
| Out of bounds write in V8 in Google Chrome prior to 93.0.4577.82 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2021-21220 | 2 Fedoraproject, Google | 2 Fedora, Chrome | 2025-10-24 | 8.8 High |
| Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2021-21148 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2025-10-24 | 8.8 High |
| Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2019-5825 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2025-10-24 | 6.5 Medium |
| Out of bounds write in JavaScript in Google Chrome prior to 73.0.3683.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2020-15999 | 7 Debian, Fedoraproject, Freetype and 4 more | 10 Debian Linux, Fedora, Freetype and 7 more | 2025-10-24 | 9.6 Critical |
| Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2020-16009 | 7 Cefsharp, Debian, Fedoraproject and 4 more | 9 Cefsharp, Debian Linux, Fedora and 6 more | 2025-10-24 | 8.8 High |
| Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2020-16013 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2025-10-24 | 8.8 High |
| Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||