Vulnerabilities (CVE)

Filtered by CWE-119
Total 13642 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-26265 1 Openairinterface 1 Openairinterface5g 2026-06-17 N/A 6.5 MEDIUM
A segmentation fault in openairinterface5g v2.1.0 allows attackers to cause a Denial of Service (DoS) via a crafted UE Context Modification response.
CVE-2025-25175 1 Siemens 1 Simcenter Femap 2026-06-17 N/A 7.8 HIGH
A vulnerability has been identified in Simcenter Femap V2401 (All versions < V2401.0003), Simcenter Femap V2406 (All versions < V2406.0002). The affected application contains a memory corruption vulnerability while parsing specially crafted .NEU files. This could allow an attacker to execute code in the context of the current process. (ZDI-CAN-25443)
CVE-2025-24797 1 Meshtastic 1 Meshtastic Firmware 2026-06-17 N/A 9.4 CRITICAL
Meshtastic is an open source mesh networking solution. A fault in the handling of mesh packets containing invalid protobuf data can result in an attacker-controlled buffer overflow, allowing an attacker to hijack execution flow, potentially resulting in remote code execution. This attack does not require authentication or user interaction, as long as the target device rebroadcasts packets on the default channel. This vulnerability fixed in 2.6.2.
CVE-2025-24222 1 Apple 1 Macos 2026-06-17 N/A 6.5 MEDIUM
The issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.5. Processing maliciously crafted web content may lead to an unexpected process crash.
CVE-2025-24216 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2026-06-17 N/A 4.3 MEDIUM
The issue was addressed with improved memory handling. This issue is fixed in Safari 18.4, iOS 18.4 and iPadOS 18.4, iPadOS 17.7.6, macOS Sequoia 15.4, tvOS 18.4, visionOS 2.4, watchOS 11.4. Processing maliciously crafted web content may lead to an unexpected Safari crash.
CVE-2025-24189 1 Apple 7 Ipados, Iphone Os, Macos and 4 more 2026-06-17 N/A 8.8 HIGH
The issue was addressed with improved checks. This issue is fixed in Safari 18.3, iOS 18.3 and iPadOS 18.3, macOS Sequoia 15.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Processing maliciously crafted web content may lead to memory corruption.
CVE-2025-24132 1 Apple 3 Airplay Audio Software Development Kit, Airplay Video Software Development Kit, Carplay Communication Plug-in 2026-06-17 N/A 6.5 MEDIUM
The issue was addressed with improved memory handling. This issue is fixed in AirPlay audio SDK 2.7.1 and AirPlay video SDK 3.6.0.126. An attacker on the local network may cause an unexpected app termination.
CVE-2025-24111 1 Apple 6 Ipados, Iphone Os, Macos and 3 more 2026-06-17 N/A 5.5 MEDIUM
A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.7, macOS Sequoia 15.3, macOS Sonoma 14.7.5, macOS Ventura 13.7.5, tvOS 18.3, visionOS 2.3, watchOS 11.3. An app may be able to cause unexpected system termination.
CVE-2025-23400 1 Siemens 2 Teamcenter Visualization, Tecnomatix Plant Simulation 2026-06-17 N/A 7.8 HIGH
A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.
CVE-2025-23398 1 Siemens 2 Teamcenter Visualization, Tecnomatix Plant Simulation 2026-06-17 N/A 7.8 HIGH
A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.
CVE-2025-23397 1 Siemens 2 Teamcenter Visualization, Tecnomatix Plant Simulation 2026-06-17 N/A 7.8 HIGH
A vulnerability has been identified in Teamcenter Visualization V14.3 (All versions < V14.3.0.13), Teamcenter Visualization V2312 (All versions < V2312.0009), Teamcenter Visualization V2406 (All versions < V2406.0007), Teamcenter Visualization V2412 (All versions < V2412.0002), Tecnomatix Plant Simulation V2302 (All versions < V2302.0021), Tecnomatix Plant Simulation V2404 (All versions < V2404.0010). The affected application is vulnerable to memory corruption while parsing specially crafted WRL files. This could allow an attacker to execute code in the context of the current process.
CVE-2025-22885 2026-06-17 N/A 4.7 MEDIUM
Improper buffer restrictions in the firmware for the TDX Module may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable escalation of privilege. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (low) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CVE-2025-21483 1 Qualcomm 454 Apq8017, Apq8017 Firmware, Apq8064au and 451 more 2026-06-17 N/A 9.8 CRITICAL
Memory corruption when the UE receives an RTP packet from the network, during the reassembly of NALUs.
CVE-2025-21096 2026-06-17 N/A 1.9 LOW
Improper buffer restrictions in the firmware for some Intel(R) TDX may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2025-20073 2026-06-17 N/A N/A
Improper buffer restrictions in the UEFI DXE module for some Intel(R) Reference Platforms within UEFI may allow an information disclosure. System software adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (low), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CVE-2025-20053 2026-06-17 N/A 7.2 HIGH
Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmware with SGX enabled may allow a privileged user to potentially enable escalation of privilege via local access.
CVE-2025-20005 2026-06-17 N/A N/A
Improper buffer restrictions in some UEFI firmware for some Intel(R) reference platforms may allow an escalation of privilege. System software adversary with a privileged user combined with a high complexity attack may enable data manipulation. This result may potentially occur via local access when attack requirements are not present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (none), integrity (high) and availability (low) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts.
CVE-2025-1899 1 Tenda 2 Tx3, Tx3 Firmware 2026-06-17 6.8 MEDIUM 6.5 MEDIUM
A vulnerability has been found in Tenda TX3 16.03.13.11_multi and classified as critical. Affected by this vulnerability is an unknown functionality of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-1898 1 Tenda 2 Tx3, Tx3 Firmware 2026-06-17 6.8 MEDIUM 6.5 MEDIUM
A vulnerability, which was classified as critical, was found in Tenda TX3 16.03.13.11_multi. Affected is an unknown function of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime/schedEndTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-1897 1 Tenda 2 Tx3, Tx3 Firmware 2026-06-17 6.8 MEDIUM 6.5 MEDIUM
A vulnerability, which was classified as critical, has been found in Tenda TX3 16.03.13.11_multi. This issue affects some unknown processing of the file /goform/SetNetControlList. The manipulation of the argument list leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.