Skip to main content
CVE-2024-38413 MEDIUM PATCH This Month

Memory corruption while processing frame packets. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity.

Buffer Overflow Fastconnect 7800 Firmware Snapdragon 8 Gen 3 Mobile Firmware Wcd9390 Firmware Wcd9395 Firmware +3
NVD
CVSS 3.1
6.6
EPSS
0.1%
CVE-2024-38412 MEDIUM PATCH This Month

Memory corruption while invoking IOCTL calls from user-space to kernel-space to handle session errors. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Memory Corruption Use After Free Fastconnect 7800 Firmware Snapdragon 8 Gen 3 Mobile Firmware +5
NVD
CVSS 3.1
6.6
EPSS
0.1%
CVE-2024-38411 MEDIUM PATCH This Month

Memory corruption while registering a buffer from user-space to kernel-space using IOCTL calls. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Memory Corruption Use After Free Fastconnect 6900 Firmware Fastconnect 7800 Firmware +15
NVD
CVSS 3.1
6.6
EPSS
0.1%
CVE-2024-57522 MEDIUM POC This Month

SourceCodester Packers and Movers Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in Users.php. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Packers And Movers Management System
NVD GitHub
CVSS 3.1
6.4
EPSS
0.9%
CVE-2024-6790 MEDIUM This Month

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service 5th Gen Gpu Architecture Kernel Driver Bifrost Gpu Kernel Driver Valhall Gpu Kernel Driver
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2024-13347 MEDIUM POC This Week

The Essential WP Real Estate WordPress plugin through 1.1.3 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Essential Wp Real Estate
NVD WPScan
CVSS 3.1
6.8
EPSS
0.1%
CVE-2024-57966 MEDIUM PATCH This Month

libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive. Rated medium severity (CVSS 5.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Suse
NVD GitHub
CVSS 3.1
5.0
EPSS
0.0%
CVE-2025-25063 MEDIUM Monitor

An XSS issue was discovered in Backdrop CMS 1.28.x before 1.28.5 and 1.29.x before 1.29.3. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

XSS Backdrop Cms
NVD
CVSS 3.1
4.4
EPSS
0.8%
CVE-2025-20642 MEDIUM This Month

In DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-20641 MEDIUM This Month

In DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-20640 MEDIUM Monitor

In DA, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Google
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-20639 MEDIUM This Month

In DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-20638 MEDIUM Monitor

In DA, there is a possible read of uninitialized heap data due to uninitialized data. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Android Google
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-20636 MEDIUM This Month

In secmem, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20635 MEDIUM This Month

In V6 DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +3
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2024-20147 MEDIUM This Month

In Bluetooth FW, there is a possible reachable assertion due to improper exception handling. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Yocto Software Development Kit Android Openwrt +1
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2024-20142 MEDIUM This Month

In V5 DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2024-20141 MEDIUM This Month

In V5 DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-0973 MEDIUM POC This Month

A vulnerability classified as critical was found in CmsEasy 7.7.7.9. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Cmseasy
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-0972 MEDIUM This Month

A vulnerability classified as problematic has been found in Zenvia Movidesk up to 25.01.22. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Movidesk
NVD VulDB GitHub
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-0971 MEDIUM This Month

A vulnerability was found in Zenvia Movidesk up to 25.01.22. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Movidesk
NVD VulDB
CVSS 4.0
5.3
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy