Search Results (46091 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-20913 2 Samsung, Samsung Mobile 2 Notes, Samsung Notes 2025-07-17 5.5 Medium
Out-of-bounds read in applying binary of drawing content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
CVE-2025-20901 1 Samsung 1 Blockchain Keystore 2025-07-17 4.4 Medium
Out-of-bounds read in Blockchain Keystore prior to version 1.3.16.5 allows local privileged attackers to read out-of-bounds memory.
CVE-2025-20976 2 Samsung, Samsung Mobile 2 Notes, Samsung Notes 2025-07-17 5.5 Medium
Out-of-bounds read in applying binary of text content in Samsung Notes prior to version 4.4.29.23 allows attackers to read out-of-bounds memory.
CVE-2025-50096 1 Oracle 2 Mysql, Mysql Server 2025-07-16 4.4 Medium
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2025-50092 1 Oracle 1 Mysql 2025-07-16 4.9 Medium
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.0-8.0.42, 8.4.0-8.4.5 and 9.0.0-9.3.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2025-6614 2 D-link, Dlink 3 Dir-619l, Dir-619l, Dir-619l Firmware 2025-07-16 8.8 High
A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.06B01. Affected by this issue is the function formSetWANType_Wizard5 of the file /goform/formSetWANType_Wizard5. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2025-6627 1 Totolink 2 A702r, A702r Firmware 2025-07-16 8.8 High
A vulnerability has been found in TOTOLINK A702R 4.0.0-B20230721.1521 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formIpv6Setup of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-5969 1 Dlink 2 Dir-632, Dir-632 Firmware 2025-07-16 8.8 High
A vulnerability has been found in D-Link DIR-632 FW103B08 and classified as critical. Affected by this vulnerability is the function FUN_00425fd8 of the file /biurl_grou of the component HTTP POST Request Handler. The manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2024-42648 1 Emqx 1 Nanomq 2025-07-16 6.5 Medium
NanoMQ v0.22.10 was discovered to contain a heap overflow which allows attackers to cause a Denial of Service (DoS) via a crafted CONNECT message.
CVE-2024-42646 1 Emqx 1 Nanomq 2025-07-16 7.5 High
A segmentation fault in NanoMQ v0.21.10 allows attackers to cause a Denial of Service (DoS) via crafted messages.
CVE-2025-22460 1 Ivanti 1 Cloud Services Appliance 2025-07-16 7.8 High
Default credentials in Ivanti Cloud Services Application before version 5.0.5 allows a local authenticated attacker to escalate their privileges.
CVE-2025-20930 1 Samsung 1 Notes 2025-07-16 5.5 Medium
Out-of-bounds read in parsing jpeg image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory.
CVE-2025-20932 2 Samsung, Samsung Mobile 2 Notes, Samsung Notes 2025-07-16 5.5 Medium
Out-of-bounds read in parsing rle of bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to혻read out-of-bounds memory.
CVE-2025-20933 1 Samsung 1 Notes 2025-07-16 5.5 Medium
Out-of-bounds read in parsing bmp image in Samsung Notes prior to version 4.4.26.71 allows local attackers to read out-of-bounds memory.
CVE-2025-20916 1 Samsung 1 Notes 2025-07-16 5.5 Medium
Out-of-bounds read in reading string of SPen in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
CVE-2025-20917 2 Samsung, Samsung Mobile 2 Notes, Samsung Notes 2025-07-16 5.5 Medium
Out-of-bounds read in applying binary of pdf content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
CVE-2025-20918 1 Samsung 1 Notes 2025-07-16 5.5 Medium
Out-of-bounds read in applying extra data of base content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
CVE-2025-20919 1 Samsung 1 Notes 2025-07-16 5.5 Medium
Out-of-bounds read in applying binary of video content in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
CVE-2025-20920 1 Samsung 1 Notes 2025-07-16 5.5 Medium
Out-of-bounds read in action link data in Samsung Notes prior to version 4.4.26.71 allows attackers to read out-of-bounds memory.
CVE-2025-6511 1 Netgear 2 Ex6150, Ex6150 Firmware 2025-07-16 8.8 High
A vulnerability classified as critical has been found in Netgear EX6150 1.0.0.46_1.0.76. This affects the function sub_410090. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer.