Search Results (46109 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-48910 1 Huawei 1 Harmonyos 2025-07-11 5.5 Medium
Buffer overflow vulnerability in the DFile module Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2025-2762 1 Carlinkit 2 Autokit, Cpc200-ccpa 2025-07-11 N/A
CarlinKit CPC200-CCPA Missing Root of Trust Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of CarlinKit CPC200-CCPA devices. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the configuration of the application system-on-chip (SoC). The issue results from the lack of a properly configured hardware root of trust. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the boot process. Was ZDI-CAN-25948.
CVE-2025-2073 2 Google, Linux 2 Chrome Os, Linux Kernel 2025-07-11 8.8 High
Out-of-Bounds Read in netfilter/ipset in Linux Kernel ChromeOS [6.1, 5.15, 5.10, 5.4, 4.19] allows a local attacker with low privileges to trigger an out-of-bounds read, potentially leading to information disclosure
CVE-2024-53450 1 Infiniflow 1 Ragflow 2025-07-10 7.5 High
RAGFlow 0.13.0 suffers from improper access control in document-hooks.ts, allowing unauthorized access to user documents.
CVE-2024-39853 2 Adolphdudu, Swiperjs 2 Ratio-swiper, Swiper 2025-07-10 6.5 Medium
adolph_dudu ratio-swiper 0.0.2 was discovered to contain a prototype pollution via the function parse. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via injecting arbitrary properties.
CVE-2024-39929 1 Exim 1 Exim 2025-07-10 5.4 Medium
Exim through 4.97.1 misparses a multiline RFC 2231 header filename, and thus remote attackers can bypass a $mime_filename extension-blocking protection mechanism, and potentially deliver executable attachments to the mailboxes of end users.
CVE-2018-9383 1 Google 1 Android 2025-07-10 4.4 Medium
In asn1_ber_decoder of asn1_decoder.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
CVE-2018-9387 1 Google 1 Android 2025-07-10 7.8 High
In multiple functions of mnh-sm.c, there is a possible way to trigger a heap overflow due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2018-9464 1 Google 1 Android 2025-07-10 7.8 High
In multiple locations, there is a possible way to read protected files due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
CVE-2017-13317 1 Google 1 Android 2025-07-10 5.7 Medium
In HeifDecoderImpl::getScanline of HeifDecoderImpl.cpp, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2017-13318 1 Google 1 Android 2025-07-10 5.7 Medium
In HeifDataSource::readAt of HeifDecoderImpl.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
CVE-2023-29344 1 Microsoft 3 365 Apps, Office, Office Long Term Servicing Channel 2025-07-10 7.8 High
Microsoft Office Remote Code Execution Vulnerability
CVE-2023-29341 1 Microsoft 1 Av1 Video Extension 2025-07-10 7.8 High
AV1 Video Extension Remote Code Execution Vulnerability
CVE-2023-24949 1 Microsoft 8 Windows 10 1809, Windows 10 20h2, Windows 10 21h2 and 5 more 2025-07-10 7.8 High
Windows Kernel Elevation of Privilege Vulnerability
CVE-2023-24948 1 Microsoft 10 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 7 more 2025-07-10 7.4 High
Windows Bluetooth Driver Elevation of Privilege Vulnerability
CVE-2023-24945 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2025-07-10 5.5 Medium
Windows iSCSI Target Service Information Disclosure Vulnerability
CVE-2023-24943 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2025-07-10 9.8 Critical
Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVE-2023-24942 1 Microsoft 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more 2025-07-10 7.5 High
Remote Procedure Call Runtime Denial of Service Vulnerability
CVE-2023-24902 1 Microsoft 2 Windows 11 21h2, Windows 11 22h2 2025-07-10 7.8 High
Win32k Elevation of Privilege Vulnerability
CVE-2023-24901 1 Microsoft 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more 2025-07-10 7.5 High
Windows NFS Portmapper Information Disclosure Vulnerability