Total
7228 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-32415 | 1 Xmlsoft | 1 Libxml2 | 2025-04-23 | N/A | 2.9 LOW |
| In libxml2 before 2.13.8 and 2.14.x before 2.14.2, xmlSchemaIDCFillNodeTables in xmlschemas.c has a heap-based buffer under-read. To exploit this, a crafted XML document must be validated against an XML schema with certain identity constraints, or a crafted XML schema must be used. | |||||
| CVE-2022-2380 | 1 Linux | 1 Linux Kernel | 2025-04-23 | N/A | 5.5 MEDIUM |
| The Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel. | |||||
| CVE-2022-40663 | 1 Nikon | 1 Nis-elements Viewer | 2025-04-23 | N/A | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of NIKON NIS-Elements Viewer 1.2100.1483.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TIF images. Crafted data in a TIF image can trigger a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-15697. | |||||
| CVE-2025-30305 | 1 Adobe | 1 Xmp Toolkit Software Development Kit | 2025-04-23 | N/A | 5.5 MEDIUM |
| XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2022-42769 | 2 Google, Unisoc | 14 Android, S8014, Sc7731e and 11 more | 2025-04-23 | N/A | 3.3 LOW |
| In wlan driver, there is a possible missing bounds check, This could lead to local denial of service in wlan services. | |||||
| CVE-2024-20041 | 2 Google, Mediatek | 16 Android, Mt2713, Mt6781 and 13 more | 2025-04-23 | N/A | 4.4 MEDIUM |
| In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541746; Issue ID: ALPS08541746. | |||||
| CVE-2024-20045 | 2 Google, Mediatek | 34 Android, Mt6833, Mt6835 and 31 more | 2025-04-23 | N/A | 2.3 LOW |
| In audio, there is a possible out of bounds read due to an incorrect calculation of buffer size. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08024748; Issue ID: ALPS08029526. | |||||
| CVE-2024-20055 | 3 Google, Linuxfoundation, Mediatek | 19 Android, Yocto, Iot Yocto and 16 more | 2025-04-23 | N/A | 6.3 MEDIUM |
| In imgsys, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation Patch ID: ALPS08518692; Issue ID: MSV-1012. | |||||
| CVE-2025-30306 | 1 Adobe | 1 Xmp Toolkit Software Development Kit | 2025-04-22 | N/A | 5.5 MEDIUM |
| XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-30307 | 1 Adobe | 1 Xmp Toolkit Software Development Kit | 2025-04-22 | N/A | 5.5 MEDIUM |
| XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-30308 | 1 Adobe | 1 Xmp Toolkit Software Development Kit | 2025-04-22 | N/A | 5.5 MEDIUM |
| XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-30309 | 1 Adobe | 1 Xmp Toolkit Software Development Kit | 2025-04-22 | N/A | 5.5 MEDIUM |
| XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2024-20038 | 2 Google, Mediatek | 31 Android, Mt6739, Mt6761 and 28 more | 2025-04-22 | N/A | 3.4 LOW |
| In pq, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08495932; Issue ID: ALPS08495932. | |||||
| CVE-2022-33237 | 1 Qualcomm | 476 Aqt1000, Aqt1000 Firmware, Ar8031 and 473 more | 2025-04-22 | N/A | 7.5 HIGH |
| Transient DOS due to buffer over-read in WLAN firmware while processing PPE threshold. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2022-33236 | 1 Qualcomm | 156 Ar8035, Ar8035 Firmware, Csr8811 and 153 more | 2025-04-22 | N/A | 7.5 HIGH |
| Transient DOS due to buffer over-read in WLAN firmware while parsing cipher suite info attributes. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2022-33235 | 1 Qualcomm | 492 Apq8009, Apq8009 Firmware, Apq8096au and 489 more | 2025-04-22 | N/A | 8.2 HIGH |
| Information disclosure due to buffer over-read in WLAN firmware while parsing security context info attributes. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2022-25749 | 1 Qualcomm | 552 Apq8009, Apq8009 Firmware, Apq8017 and 549 more | 2025-04-22 | N/A | 7.5 HIGH |
| Transient Denial-of-Service in WLAN due to buffer over-read while parsing MDNS frames. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2022-25676 | 1 Qualcomm | 214 Aqt1000, Aqt1000 Firmware, Qam8295p and 211 more | 2025-04-22 | N/A | 6.8 MEDIUM |
| Information disclosure in video due to buffer over-read while parsing avi files in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
| CVE-2022-20473 | 1 Google | 1 Android | 2025-04-22 | N/A | 9.8 CRITICAL |
| In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-239267173 | |||||
| CVE-2022-20472 | 1 Google | 1 Android | 2025-04-22 | N/A | 9.8 CRITICAL |
| In toLanguageTag of LocaleListCache.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-11 Android-12 Android-12L Android-13Android ID: A-239210579 | |||||