Export limit exceeded: 339825 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (3484 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-8909 | 1 Wellchoose | 1 Organization Portal System | 2025-08-21 | 6.5 Medium |
| Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing remote attackers with regular privileges to exploit Absolute Path Traversal to download arbitrary system files. | ||||
| CVE-2025-8912 | 1 Wellchoose | 1 Organization Portal System | 2025-08-21 | 7.5 High |
| Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files. | ||||
| CVE-2024-53018 | 1 Qualcomm | 38 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 35 more | 2025-08-20 | 6.6 Medium |
| Memory corruption may occur while processing the OIS packet parser. | ||||
| CVE-2024-53016 | 1 Qualcomm | 69 Fastconnect 6800, Fastconnect 6800 Firmware, Fastconnect 6900 and 66 more | 2025-08-20 | 6.6 Medium |
| Memory corruption while processing I2C settings in Camera driver. | ||||
| CVE-2025-54655 | 1 Huawei | 1 Harmonyos | 2025-08-20 | 8.1 High |
| Race condition vulnerability in the virtualization base module. Successful exploitation of this vulnerability may affect the confidentiality and integrity of the virtualization graphics module. | ||||
| CVE-2024-41787 | 1 Ibm | 2 Doors Next, Engineering Requirements Management Doors | 2025-08-20 | 9.8 Critical |
| IBM Engineering Requirements Management DOORS Next 7.0.2 and 7.0.3 could allow a remote attacker to bypass security restrictions, caused by a race condition. By sending a specially crafted request, an attacker could exploit this vulnerability to remotely execute code. | ||||
| CVE-2025-21431 | 1 Qualcomm | 72 Qam8255p, Qam8255p Firmware, Qam8295p and 69 more | 2025-08-19 | 5.5 Medium |
| Information disclosure may be there when a guest VM is connected. | ||||
| CVE-2025-27076 | 1 Qualcomm | 91 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 88 more | 2025-08-19 | 7.8 High |
| Memory corruption while processing simultaneous requests via escape path. | ||||
| CVE-2025-6217 | 1 Peak-system | 1 Device Driver | 2025-08-18 | 2.5 Low |
| PEAK-System Driver PCANFD_ADD_FILTERS Time-Of-Check Time-Of-Use Information Disclosure Vulnerability. This vulnerability allows local attackers to disclose sensitive information on affected installations of PEAK-System Driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of the PCANFD_ADD_FILTERS IOCTL. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-24161. | ||||
| CVE-2025-54667 | 2 Mycred, Wordpress | 2 Mycred, Wordpress | 2025-08-16 | 5.3 Medium |
| Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Saad Iqbal myCred allows Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions. This issue affects myCred: from n/a through 2.9.4.3. | ||||
| CVE-2024-41779 | 1 Ibm | 2 Engineering Systems Design Rhapsody, Rhapsody Model Manager | 2025-08-15 | 9.8 Critical |
| IBM Engineering Systems Design Rhapsody - Model Manager 7.0.2 and 7.0.3 could allow a remote attacker to bypass security restrictions, caused by a race condition. By sending a specially crafted request, an attacker could exploit this vulnerability to remotely execute code. | ||||
| CVE-2024-49353 | 1 Ibm | 2 Watson Assistant For Ibm Cloud Pak For Data, Watson Speech Services Cartridge On Cloud Pak For Data | 2025-08-15 | 7.5 High |
| IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data 4.0.0 through 5.0.2 does not properly check inputs to resources that are used concurrently, which might lead to unexpected states, possibly resulting in a crash. | ||||
| CVE-2025-54651 | 1 Huawei | 1 Harmonyos | 2025-08-13 | 4.8 Medium |
| Race condition vulnerability in the kernel hufs module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2023-32156 | 1 Tesla | 2 Model 3, Model 3 Firmware | 2025-08-13 | 8.8 High |
| Tesla Model 3 Gateway Firmware Signature Validation Bypass Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. An attacker must first obtain the ability to execute privileged code on the Tesla infotainment system in order to exploit this vulnerability. The specific flaw exists within the handling of firmware updates. The issue results from improper error-handling during the update process. An attacker can leverage this vulnerability to execute code in the context of Tesla's Gateway ECU. . Was ZDI-CAN-20734. | ||||
| CVE-2025-25278 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2025-08-12 | 8.4 High |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition. | ||||
| CVE-2025-27577 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2025-08-12 | 8.4 High |
| in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition. | ||||
| CVE-2025-23321 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Triton Inference Server | 2025-08-12 | 7.5 High |
| NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause a divide by zero issue by issuing an invalid request. A successful exploit of this vulnerability might lead to denial of service. | ||||
| CVE-2024-6029 | 1 Tesla | 2 Model S, Model S Firmware | 2025-08-12 | N/A |
| Tesla Model S Iris Modem Race Condition Firewall Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass the firewall on the Iris modem in affected Tesla Model S vehicles. Authentication is not required to exploit this vulnerability. The specific flaw exists within the firewall service. The issue results from a failure to obtain the xtables lock. An attacker can leverage this vulnerability to bypass firewall rules. Was ZDI-CAN-23197. | ||||
| CVE-2025-53079 | 1 Samsung | 2 Data Management Server, Data Management Server Firmware | 2025-08-11 | 4.9 Medium |
| Absolute Path Traversal in Samsung DMS(Data Management Server) allows authenticated attacker (Administrator) to read sensitive files | ||||
| CVE-2023-33046 | 1 Qualcomm | 98 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 95 more | 2025-08-11 | 7.8 High |
| Memory corruption in Trusted Execution Environment while deinitializing an object used for license validation. | ||||