ReportizFlow
Filtered by vendor
Subscriptions
Total
8908 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-38151 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-10 | 5.5 Medium |
| Windows Kernel Information Disclosure Vulnerability | ||||
| CVE-2024-38148 | 1 Microsoft | 6 Windows 11 21h2, Windows 11 22h2, Windows 11 23h2 and 3 more | 2025-07-10 | 7.5 High |
| Windows Secure Channel Denial of Service Vulnerability | ||||
| CVE-2024-38134 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-10 | 7.8 High |
| Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-38132 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-07-10 | 7.5 High |
| Windows Network Address Translation (NAT) Denial of Service Vulnerability | ||||
| CVE-2024-38117 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-10 | 7.8 High |
| NTFS Elevation of Privilege Vulnerability | ||||
| CVE-2024-38184 | 1 Microsoft | 12 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 9 more | 2025-07-10 | 7.8 High |
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-38123 | 1 Microsoft | 1 Windows 11 24h2 | 2025-07-10 | 4.4 Medium |
| Windows Bluetooth Driver Information Disclosure Vulnerability | ||||
| CVE-2017-5977 | 1 Gdraheim | 1 Zziplib | 2025-07-10 | N/A |
| The zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted ZIP file. | ||||
| CVE-2017-5978 | 1 Gdraheim | 1 Zziplib | 2025-07-10 | N/A |
| The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ZIP file. | ||||
| CVE-2018-7725 | 3 Canonical, Gdraheim, Redhat | 6 Ubuntu Linux, Zziplib, Enterprise Linux and 3 more | 2025-07-10 | N/A |
| An issue was discovered in ZZIPlib 0.13.68. An invalid memory address dereference was discovered in zzip_disk_fread in mmapped.c. The vulnerability causes an application crash, which leads to denial of service. | ||||
| CVE-2025-21008 | 1 Samsung | 1 Android | 2025-07-10 | 5.5 Medium |
| Out-of-bounds read in decoding frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption. | ||||
| CVE-2025-21009 | 1 Samsung | 1 Android | 2025-07-10 | 5.5 Medium |
| Out-of-bounds read in decoding malformed frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption. | ||||
| CVE-2025-20688 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2025-07-09 | 5.5 Medium |
| In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418047; Issue ID: MSV-3480. | ||||
| CVE-2025-20689 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2025-07-09 | 5.5 Medium |
| In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418048; Issue ID: MSV-3479. | ||||
| CVE-2025-20690 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2025-07-09 | 5.5 Medium |
| In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418038; Issue ID: MSV-3478. | ||||
| CVE-2025-20691 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2025-07-09 | 5.5 Medium |
| In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418039; Issue ID: MSV-3477. | ||||
| CVE-2025-20692 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2025-07-09 | 5.5 Medium |
| In wlan AP driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418040; Issue ID: MSV-3476. | ||||
| CVE-2025-20693 | 4 Google, Linuxfoundation, Mediatek and 1 more | 26 Android, Yocto, Mt2737 and 23 more | 2025-07-09 | 6.5 Medium |
| In wlan STA driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote (proximal/adjacent) information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09812521; Issue ID: MSV-3421. | ||||
| CVE-2023-51580 | 2 Bluez, Redhat | 2 Bluez, Enterprise Linux | 2025-07-09 | 5.7 Medium |
| BlueZ Audio Profile AVRCP avrcp_parse_attribute_list Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-20852. | ||||
| CVE-2024-30347 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2025-07-09 | 3.3 Low |
| Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22910. | ||||