Total
179 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-8000 | 2025-03-04 | 5.3 Medium | ||
| On affected platforms running Arista EOS with 802.1X configured, certain conditions may occur where a dynamic ACL is received from the AAA server resulting in only the first line of the ACL being installed after an Accelerated Software Upgrade (ASU) restart. Note: supplicants with pending captive-portal authentication during ASU would be impacted with this bug. | ||||
| CVE-2023-34188 | 1 Cesanta | 1 Mongoose | 2025-02-28 | 7.5 High |
| The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. By sending a single attack payload over TCP, an attacker can cause an infinite loop in which the server continuously reparses that payload, and does not respond to any other requests. | ||||
| CVE-2024-53879 | 2025-02-26 | 2.8 Low | ||
| NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. | ||||
| CVE-2024-53878 | 2025-02-25 | 2.8 Low | ||
| NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in the cuobjdump binary, where a user could cause a crash by passing a malformed ELF file to cuobjdump. A successful exploit of this vulnerability might lead to a partial denial of service. | ||||
| CVE-2024-7316 | 2025-02-21 | 5.9 Medium | ||
| Improper Validation of Specified Quantity in Input vulnerability in Mitsubishi Electric CNC Series allows a remote unauthenticated attacker to cause Denial of Service (DoS) condition on the product by sending specially crafted packets to TCP port 683, causing an emergency stop. | ||||
| CVE-2010-3904 | 6 Canonical, Linux, Opensuse and 3 more | 8 Ubuntu Linux, Linux Kernel, Opensuse and 5 more | 2025-02-19 | 7.8 High |
| The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls. | ||||
| CVE-2023-38709 | 2 Apache, Redhat | 3 Http Server, Enterprise Linux, Jboss Core Services | 2025-02-13 | 7.3 High |
| Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58. | ||||
| CVE-2023-0195 | 2 Microsoft, Nvidia | 2 Windows, Virtual Gpu | 2025-02-13 | 2 Low |
| NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer driver nvlddmkm.sys, where an can cause CWE-1284, which may lead to hypothetical Information leak of unimportant data such as local variable data of the driver | ||||
| CVE-2023-0194 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Virtual Gpu | 2025-02-13 | 2 Low |
| NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer driver, where an invalid display configuration may lead to denial of service. | ||||
| CVE-2022-26128 | 1 Frrouting | 1 Frrouting | 2025-02-13 | 7.8 High |
| A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to a wrong check on the input packet length in the babel_packet_examin function in babeld/message.c. | ||||
| CVE-2022-26127 | 1 Frrouting | 1 Frrouting | 2025-02-13 | 7.8 High |
| A buffer overflow vulnerability exists in FRRouting through 8.1.0 due to missing a check on the input packet length in the babel_packet_examin function in babeld/message.c. | ||||
| CVE-2023-20582 | 2025-02-12 | 5.3 Medium | ||
| Improper handling of invalid nested page table entries in the IOMMU may allow a privileged attacker to induce page table entry (PTE) faults to bypass RMP checks in SEV-SNP, potentially leading to a loss of guest memory integrity. | ||||
| CVE-2023-31331 | 2025-02-12 | 3 Low | ||
| Improper access control in the DRTM firmware could allow a privileged attacker to perform multiple driver initializations, resulting in stack memory corruption that could potentially lead to loss of integrity or availability. | ||||
| CVE-2023-20515 | 2025-02-12 | 5.7 Medium | ||
| Improper access control in the fTPM driver in the trusted OS could allow a privileged attacker to corrupt system memory, potentially leading to loss of integrity, confidentiality, or availability. | ||||
| CVE-2023-20581 | 2025-02-12 | 2.5 Low | ||
| Improper access control in the IOMMU may allow a privileged attacker to bypass RMP checks, potentially leading to a loss of guest memory integrity. | ||||
| CVE-2023-20508 | 2025-02-12 | 5 Medium | ||
| Improper access control in the ASP could allow a privileged attacker to perform an out-of-bounds write to a memory location not controlled by the attacker, potentially leading to loss of confidentiality, integrity, or availability. | ||||
| CVE-2025-1014 | 2 Mozilla, Redhat | 8 Firefox, Thunderbird, Enterprise Linux and 5 more | 2025-02-06 | 8.8 High |
| Certificate length was not properly checked when added to a certificate store. In practice only trusted data was processed. This vulnerability affects Firefox < 135, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. | ||||
| CVE-2025-24100 | 1 Apple | 1 Macos | 2025-02-05 | 3.3 Low |
| A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.7.3, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to access information about a user's contacts. | ||||
| CVE-2023-30269 | 1 Cltphp | 1 Cltphp | 2025-02-03 | 8.1 High |
| CLTPHP <=6.0 is vulnerable to Improper Input Validation via application/admin/controller/Template.php. | ||||
| CVE-2023-21111 | 1 Google | 1 Android | 2025-01-31 | 6.2 Medium |
| In several functions of PhoneAccountRegistrar.java, there is a possible way to prevent an access to emergency services due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-256819769 | ||||