Total
12917 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-39121 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-05-14 | 5.5 Medium |
| In sensor driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. | ||||
| CVE-2022-41602 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | 3.4 Low |
| The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. | ||||
| CVE-2022-41686 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2025-05-14 | 5.1 Medium |
| OpenHarmony-v3.1.2 and prior versions, 3.0.6 and prior versions have an Out-of-bound memory read and write vulnerability in /dev/mmz_userdev device driver. The impact depends on the privileges of the attacker. The unprivileged process run on the device could read out-of-bound memory leading sensitive to information disclosure. The processes with system user UID run on the device would be able to write out-of-bound memory which could lead to unspecified memory corruption. | ||||
| CVE-2022-41601 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | 3.4 Low |
| The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. | ||||
| CVE-2022-41600 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | 3.4 Low |
| The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. | ||||
| CVE-2017-20149 | 1 Mikrotik | 1 Routeros | 2025-05-14 | 9.8 Critical |
| The Mikrotik RouterOS web server allows memory corruption in releases before Stable 6.38.5 and Long-term 6.37.5, aka Chimay-Red. A remote and unauthenticated user can trigger the vulnerability by sending a crafted HTTP request. An attacker can use this vulnerability to execute arbitrary code on the affected system, as exploited in the wild in mid-2017 and later. | ||||
| CVE-2024-0532 | 1 Tenda | 2 A15, A15 Firmware | 2025-05-14 | 7.2 High |
| A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as critical. This vulnerability affects the function set_repeat5 of the file /goform/WifiExtraSet of the component Web-based Management Interface. The manipulation of the argument wpapsk_crypto2_4g/wpapsk_crypto5g leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-30318 | 3 Adobe, Apple, Microsoft | 3 Indesign, Macos, Windows | 2025-05-14 | 7.8 High |
| InDesign Desktop versions ID19.5.2, ID20.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-41603 | 1 Huawei | 2 Emui, Harmonyos | 2025-05-14 | 3.4 Low |
| The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. | ||||
| CVE-2022-41305 | 1 Autodesk | 1 Subassembly Composer | 2025-05-14 | 7.8 High |
| A maliciously crafted PKT file when consumed through SubassemblyComposer.exe application could lead to memory corruption vulnerability by write access violation. This vulnerability in conjunction with other vulnerabilities could lead to code execution in the context of the current process. | ||||
| CVE-2025-4354 | 1 Dlink | 2 Dap-1520, Dap-1520 Firmware | 2025-05-13 | 8.8 High |
| A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02 and classified as critical. Affected by this issue is the function check_dws_cookie of the file /storage. The manipulation leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4355 | 1 Dlink | 2 Dap-1520, Dap-1520 Firmware | 2025-05-13 | 8.8 High |
| A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been classified as critical. This affects the function set_ws_action of the file /dws/api/. The manipulation leads to heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-4356 | 1 Dlink | 2 Dap-1520, Dap-1520 Firmware | 2025-05-13 | 8.8 High |
| A vulnerability was found in Tenda DAP-1520 1.10B04_BETA02. It has been declared as critical. This vulnerability affects the function mod_graph_auth_uri_handler of the file /storage of the component Authentication Handler. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-20937 | 1 Samsung | 1 Android | 2025-05-13 | 6.7 Medium |
| Out-of-bounds write in Keymaster trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. | ||||
| CVE-2025-32405 | 1 Rt-labs | 1 P-net | 2025-05-13 | 7.5 High |
| An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. | ||||
| CVE-2025-32404 | 1 Rt-labs | 1 P-net | 2025-05-13 | 4.8 Medium |
| An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious RPC packet. | ||||
| CVE-2025-32403 | 1 Rt-labs | 1 P-net | 2025-05-13 | 4.8 Medium |
| An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious RPC packet. | ||||
| CVE-2025-32402 | 1 Rt-labs | 1 P-net | 2025-05-13 | 7.5 High |
| An Out-of-bounds Write in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. | ||||
| CVE-2025-32401 | 1 Rt-labs | 1 P-net | 2025-05-13 | 4.8 Medium |
| An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to corrupt the memory of IO devices that use the library by sending a malicious RPC packet. | ||||
| CVE-2025-32400 | 1 Rt-labs | 1 P-net | 2025-05-13 | 7.5 High |
| An Heap-based Buffer Overflow in RT-Labs P-Net version 1.0.1 or earlier allows an attacker to induce a crash in IO devices that use the library by sending a malicious RPC packet. | ||||