Total
12287 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-32891 | 2 Google, Mediatek | 46 Android, Lr13, Mt2735 and 43 more | 2025-06-18 | N/A | 6.7 MEDIUM |
| In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559. | |||||
| CVE-2023-32889 | 2 Google, Mediatek | 58 Android, Mt6580, Mt6731 and 55 more | 2025-06-18 | N/A | 7.5 HIGH |
| In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161825; Issue ID: MOLY01161825 (MSV-895). | |||||
| CVE-2023-32882 | 2 Google, Mediatek | 22 Android, Mt6762, Mt6765 and 19 more | 2025-06-18 | N/A | 6.7 MEDIUM |
| In battery, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308616. | |||||
| CVE-2023-32879 | 2 Google, Mediatek | 22 Android, Mt6762, Mt6765 and 19 more | 2025-06-18 | N/A | 6.7 MEDIUM |
| In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308064. | |||||
| CVE-2025-41413 | 2025-06-18 | N/A | 7.8 HIGH | ||
| Fuji Electric Smart EditorĀ is vulnerable to an out-of-bounds write, which may allow an attacker to execute arbitrary code. | |||||
| CVE-2025-49848 | 2025-06-17 | N/A | N/A | ||
| An Out-of-bounds Write vulnerability exists within the parsing of PRJ files. The issues result from the lack of proper validation of user-supplied data, which can result in different memory corruption issues within the application, such as reading and writing past the end of allocated data structures. | |||||
| CVE-2024-29753 | 1 Google | 1 Android | 2025-06-17 | N/A | 7.7 HIGH |
| In tmu_set_control_temp_step of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-29752 | 1 Google | 1 Android | 2025-06-17 | N/A | 7.8 HIGH |
| In tmu_set_tr_num_thresholds of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-29749 | 1 Google | 1 Android | 2025-06-17 | N/A | 8.4 HIGH |
| In tmu_set_tr_thresholds of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-29746 | 1 Google | 1 Android | 2025-06-17 | N/A | 8.4 HIGH |
| In lpm_req_handler of lpm.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-29743 | 1 Google | 1 Android | 2025-06-17 | N/A | 7.7 HIGH |
| In tmu_set_temp_lut of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-29740 | 1 Google | 1 Android | 2025-06-17 | N/A | 7.4 HIGH |
| In tmu_set_table of tmu.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-5503 | 1 Totolink | 2 X15, X15 Firmware | 2025-06-17 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability, which was classified as critical, was found in TOTOLINK X15 1.0.0-B20230714.1105. This affects the function formMapReboot of the file /boafrm/formMapReboot. The manipulation of the argument deviceMacAddr leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2022-36660 | 1 Xhyve Project | 1 Xhyve | 2025-06-17 | N/A | 9.8 CRITICAL |
| xhyve commit dfbe09b was discovered to contain a stack buffer overflow via the component pci_vtrnd_notify(). | |||||
| CVE-2022-36513 | 1 H3c | 2 Gr-1200w, Gr-1200w Firmware | 2025-06-17 | N/A | 9.8 CRITICAL |
| H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function edditactionlist. | |||||
| CVE-2022-36511 | 1 H3c | 2 Gr-1200w, Gr-1200w Firmware | 2025-06-17 | N/A | 9.8 CRITICAL |
| H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function EditApAdvanceInfo. | |||||
| CVE-2022-36508 | 1 H3c | 2 Magic Nx18 Plus, Magic Nx18 Plus Firmware | 2025-06-17 | N/A | 7.8 HIGH |
| H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetAPInfoById. | |||||
| CVE-2022-36504 | 1 H3c | 2 Magic Nx18 Plus, Magic Nx18 Plus Firmware | 2025-06-17 | N/A | 7.8 HIGH |
| H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Edit_BasicSSID. | |||||
| CVE-2025-6111 | 1 Tenda | 2 Fh1205, Fh1205 Firmware | 2025-06-17 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in Tenda FH1205 2.0.0.7(775). This vulnerability affects the function fromVirtualSer of the file /goform/VirtualSer. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-6110 | 1 Tenda | 2 Fh1201, Fh1201 Firmware | 2025-06-17 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical has been found in Tenda FH1201 1.2.0.14(408). This affects an unknown part of the file /goform/SafeMacFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | |||||