Skip to main content
CVE-2024-38420 HIGH This Month

Memory corruption while configuring a Hypervisor based input virtual device. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Aqt1000 Firmware Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +153
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2024-38418 HIGH PATCH This Month

Memory corruption while parsing the memory map info in IOCTL calls. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.

Buffer Overflow C V2x 9150 Firmware Csrb31024 Firmware Fastconnect 6800 Firmware Fastconnect 6900 Firmware +57
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-38417 MEDIUM PATCH This Month

Information disclosure while processing IO control commands. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware C V2x 9150 Firmware Fastconnect 6900 Firmware +53
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2024-38416 MEDIUM PATCH This Month

Information disclosure during audio playback. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Ar8035 Firmware C V2x 9150 Firmware Fastconnect 6800 Firmware +68
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2024-38414 MEDIUM PATCH This Month

Information disclosure while processing information on firmware image during core initialization. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity.

Buffer Overflow Information Disclosure Fastconnect 6900 Firmware Fastconnect 7800 Firmware Qam8295p Firmware +25
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2024-38413 MEDIUM PATCH This Month

Memory corruption while processing frame packets. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity.

Buffer Overflow Fastconnect 7800 Firmware Snapdragon 8 Gen 3 Mobile Firmware Wcd9390 Firmware Wcd9395 Firmware +3
NVD
CVSS 3.1
6.6
EPSS
0.1%
CVE-2024-38412 MEDIUM PATCH This Month

Memory corruption while invoking IOCTL calls from user-space to kernel-space to handle session errors. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Memory Corruption Use After Free Fastconnect 7800 Firmware Snapdragon 8 Gen 3 Mobile Firmware +5
NVD
CVSS 3.1
6.6
EPSS
0.1%
CVE-2024-38411 MEDIUM PATCH This Month

Memory corruption while registering a buffer from user-space to kernel-space using IOCTL calls. Rated medium severity (CVSS 6.6), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Buffer Overflow Memory Corruption Use After Free Fastconnect 6900 Firmware Fastconnect 7800 Firmware +15
NVD
CVSS 3.1
6.6
EPSS
0.1%
CVE-2024-38404 HIGH This Month

Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 7800 Firmware Qca6584au Firmware Qca6698aq Firmware +36
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-57522 MEDIUM POC This Month

SourceCodester Packers and Movers Management System v1.0 is vulnerable to Cross Site Scripting (XSS) in Users.php. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP XSS Packers And Movers Management System
NVD GitHub
CVSS 3.1
6.4
EPSS
0.9%
CVE-2025-0015 HIGH This Month

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to make improper GPU processing. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Use After Free Denial Of Service 5th Gen Gpu Architecture Kernel Driver Valhall Gpu Kernel Driver
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-6790 MEDIUM This Month

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. No vendor patch available.

Denial Of Service 5th Gen Gpu Architecture Kernel Driver Bifrost Gpu Kernel Driver Valhall Gpu Kernel Driver
NVD
CVSS 3.1
6.1
EPSS
0.1%
CVE-2024-10395 HIGH PATCH This Month

No proper validation of the length of user input in http_server_get_content_type_from_extension. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Zephyr
NVD GitHub
CVSS 3.1
8.6
EPSS
0.3%
CVE-2025-25066 HIGH PATCH This Month

nDPI through 4.12 has a potential stack-based buffer overflow in ndpi_address_cache_restore in lib/ndpi_cache.c. Rated high severity (CVSS 8.1), this vulnerability is no authentication required.

Stack Overflow Buffer Overflow Ndpi Suse
NVD GitHub
CVSS 3.1
8.1
EPSS
0.1%
CVE-2024-13347 MEDIUM POC This Week

The Essential WP Real Estate WordPress plugin through 1.1.3 does not escape generated URLs before outputting them in attributes, leading to Reflected Cross-Site Scripting. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Essential Wp Real Estate
NVD WPScan
CVSS 3.1
6.8
EPSS
0.1%
CVE-2024-57966 MEDIUM PATCH This Month

libarchiveplugin.cpp in KDE ark before 24.12.0 can extract to an absolute path from an archive. Rated medium severity (CVSS 5.0), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Suse
NVD GitHub
CVSS 3.1
5.0
EPSS
0.0%
CVE-2025-25063 MEDIUM Monitor

An XSS issue was discovered in Backdrop CMS 1.28.x before 1.28.5 and 1.29.x before 1.29.3. Rated medium severity (CVSS 4.4), this vulnerability is remotely exploitable. No vendor patch available.

XSS Backdrop Cms
NVD
CVSS 3.1
4.4
EPSS
0.8%
CVE-2025-20643 LOW Monitor

In DA, there is a possible out of bounds read due to a missing bounds check. Rated low severity (CVSS 3.9), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Google
NVD
CVSS 3.1
3.9
EPSS
0.0%
CVE-2025-20642 MEDIUM This Month

In DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-20641 MEDIUM This Month

In DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-20640 MEDIUM Monitor

In DA, there is a possible out of bounds read due to a missing bounds check. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure Android Google
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-20639 MEDIUM This Month

In DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-20638 MEDIUM Monitor

In DA, there is a possible read of uninitialized heap data due to uninitialized data. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Android Google
NVD
CVSS 3.1
4.3
EPSS
0.1%
CVE-2025-20637 HIGH This Month

In network HW, there is a possible system hang due to an uncaught exception. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Software Development Kit
NVD
CVSS 3.1
7.5
EPSS
4.8%
CVE-2025-20636 MEDIUM This Month

In secmem, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2025-20635 MEDIUM This Month

In V6 DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Yocto Rdk B +3
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-20634 CRITICAL This Week

In Modem, there is a possible out of bounds write due to a missing bounds check. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow Nr16 Nr17 +1
NVD
CVSS 3.1
9.8
EPSS
7.0%
CVE-2025-20633 HIGH This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

RCE Memory Corruption Buffer Overflow Software Development Kit
NVD
CVSS 3.1
8.8
EPSS
0.3%
CVE-2025-20632 HIGH This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Software Development Kit
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2025-20631 HIGH This Month

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Software Development Kit
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2024-20147 MEDIUM This Month

In Bluetooth FW, there is a possible reachable assertion due to improper exception handling. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Yocto Software Development Kit Android Openwrt +1
NVD
CVSS 3.1
5.3
EPSS
2.2%
CVE-2024-20142 MEDIUM This Month

In V5 DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2024-20141 MEDIUM This Month

In V5 DA, there is a possible out of bounds write due to a missing bounds check. Rated medium severity (CVSS 6.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Privilege Escalation Android Google
NVD
CVSS 3.1
6.6
EPSS
0.0%
CVE-2025-0973 MEDIUM POC This Month

A vulnerability classified as critical was found in CmsEasy 7.7.7.9. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

PHP Path Traversal Cmseasy
NVD GitHub VulDB
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-0972 MEDIUM This Month

A vulnerability classified as problematic has been found in Zenvia Movidesk up to 25.01.22. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Movidesk
NVD VulDB GitHub
CVSS 4.0
5.3
EPSS
0.0%
CVE-2025-0971 MEDIUM This Month

A vulnerability was found in Zenvia Movidesk up to 25.01.22. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Movidesk
NVD VulDB
CVSS 4.0
5.3
EPSS
0.2%
Prev Page 4 of 4

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy