Total
2809 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-23283 | 2026-06-17 | N/A | 7.8 HIGH | ||
| NVIDIA vGPU software for Linux-style hypervisors contains a vulnerability in the Virtual GPU Manager, where a malicious guest could cause stack buffer overflow. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering. | |||||
| CVE-2025-22911 | 1 Edimax | 2 Re11s, Re11s Firmware | 2026-06-17 | N/A | 5.6 MEDIUM |
| RE11S v1.11 was discovered to contain a stack overflow via the rootAPmac parameter in the formiNICbasicREP function. | |||||
| CVE-2025-22903 | 1 Totolink | 2 N600r, N600r Firmware | 2026-06-17 | N/A | 4.6 MEDIUM |
| TOTOLINK N600R V4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the pin parameter in the function setWiFiWpsConfig. | |||||
| CVE-2025-22900 | 1 Totolink | 2 N600r, N600r Firmware | 2026-06-17 | N/A | 9.8 CRITICAL |
| Totolink N600R v4.3.0cu.7647_B20210106 was discovered to contain a stack overflow via the macCloneMac parameter in the setWanConfig function. | |||||
| CVE-2025-22467 | 1 Ivanti | 1 Connect Secure | 2026-06-17 | N/A | 9.9 CRITICAL |
| A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6 allows a remote authenticated attacker to achieve remote code execution. | |||||
| CVE-2025-22457 | 1 Ivanti | 3 Connect Secure, Policy Secure, Zero Trust Access Gateway | 2026-06-17 | N/A | 9.0 CRITICAL |
| A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6, Ivanti Policy Secure before version 22.7R1.4, and Ivanti ZTA Gateways before version 22.8R2.2 allows a remote unauthenticated attacker to achieve remote code execution. | |||||
| CVE-2025-21163 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Illustrator versions 29.1, 28.7.3 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-21128 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2026-06-17 | N/A | 7.8 HIGH |
| Substance3D - Stager versions 3.0.4 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-20797 | 2 Google, Mediatek | 35 Android, Mt2718, Mt6765 and 32 more | 2026-06-17 | N/A | 7.8 HIGH |
| In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10315812; Issue ID: MSV-5534. | |||||
| CVE-2025-20794 | 1 Mediatek | 54 Mt2735, Mt2737, Mt6813 and 51 more | 2026-06-17 | N/A | 6.5 MEDIUM |
| In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01689259 / MOLY01586470; Issue ID: MSV-4847. | |||||
| CVE-2025-20769 | 2 Google, Mediatek | 32 Android, Mt2718, Mt6739 and 29 more | 2026-06-17 | N/A | 6.7 MEDIUM |
| In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4804. | |||||
| CVE-2025-20749 | 2 Google, Mediatek | 19 Android, Mt6789, Mt6835 and 16 more | 2026-06-17 | N/A | 6.7 MEDIUM |
| In charger, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09915493; Issue ID: MSV-3800. | |||||
| CVE-2025-20747 | 6 Google, Linuxfoundation, Mediatek and 3 more | 23 Android, Yocto, Mt2718 and 20 more | 2026-06-17 | N/A | 6.7 MEDIUM |
| In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10010443; Issue ID: MSV-3966. | |||||
| CVE-2025-20746 | 6 Google, Linuxfoundation, Mediatek and 3 more | 23 Android, Yocto, Mt2718 and 20 more | 2026-06-17 | N/A | 6.7 MEDIUM |
| In gnss service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10010441; Issue ID: MSV-3967. | |||||
| CVE-2025-20739 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2026-06-17 | N/A | 6.7 MEDIUM |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00435340; Issue ID: MSV-4038. | |||||
| CVE-2025-20738 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2026-06-17 | N/A | 6.7 MEDIUM |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00435342; Issue ID: MSV-4039. | |||||
| CVE-2025-20737 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2026-06-17 | N/A | 7.8 HIGH |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00435343; Issue ID: MSV-4040. | |||||
| CVE-2025-20736 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2026-06-17 | N/A | 6.7 MEDIUM |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00435347; Issue ID: MSV-4049. | |||||
| CVE-2025-20732 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7615, Mt7622 and 7 more | 2026-06-17 | N/A | 5.3 MEDIUM |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege (when OceReducedNeighborReport is disabled). User interaction is not needed for exploitation. Patch ID: WCNCR00441510; Issue ID: MSV-4139. | |||||
| CVE-2025-20719 | 2 Mediatek, Openwrt | 10 Mt6890, Mt7603, Mt7615 and 7 more | 2026-06-17 | N/A | 8.8 HIGH |
| In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418955; Issue ID: MSV-3570. | |||||
