| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame. |
| Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper. |
| Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE. |
| Transient DOS while parse fils IE with length equal to 1. |
| Information Disclosure in data Modem while parsing an FMTP line in an SDP message. |
| Information disclosure in IOE Firmware while handling WMI command. |
| Memory corruption while processing buffer initialization, when trusted report for certain report types are generated. |
| Transient DOS in WLAN Firmware while parsing a NAN management frame. |
| A flaw was found in the freeimage library. Processing a crafted image can cause a buffer over-read of 1 byte in the read_iptc_profile function in the Source/Metadata/IPTC.cpp file because the size of the profile is not being sanitized, causing a crash in the application linked to the library, resulting in a denial of service. |
| The openssl crate before 0.10.55 for Rust allows an out-of-bounds read via an empty string to X509VerifyParamRef::set_host. |
| Buffer Over-read vulnerability in ABB AC500 V2.This issue affects AC500 V2: through 2.5.2. |
| ThinkSystem SR670V2 servers manufactured from approximately June 2021 to July 2023 were left in Manufacturing Mode which could allow
an attacker with privileged logical access to the host or physical access to server internals to modify or disable Intel Boot Guard firmware integrity, SPS security, and other SPS configuration setting. The server’s NIST SP
800-193-compliant Platform Firmware Resiliency (PFR) security subsystem
significantly mitigates this issue. |
| A vulnerability was found in i-Drive i11 and i12 up to 20250227. It has been rated as critical. Affected by this issue is some unknown functionality of the component Device Setting Handler. The manipulation leads to improper access control for register interface. The attack needs to be done within the local network. The complexity of an attack is rather high. The exploitation is known to be difficult. It was not possible to identify the current maintainer of the product. It must be assumed that the product is end-of-life. |
| Remote Procedure Call Runtime Denial of Service Vulnerability |
| Windows NFS Portmapper Information Disclosure Vulnerability |
| Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability |
| Windows Hyper-V Elevation of Privilege Vulnerability |
| Microsoft Office Graphics Remote Code Execution Vulnerability |
| Windows Routing and Remote Access Service (RRAS) Remote Code Execution Vulnerability |
| Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability |
