Total
7908 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-48622 | 1 Google | 1 Android | 2025-12-08 | N/A | 5.5 MEDIUM |
| In ProcessArea of dng_misc_opcodes.cpp, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2025-66624 | 2025-12-08 | N/A | 7.5 HIGH | ||
| BACnet Protocol Stack library provides a BACnet application layer, network layer and media access (MAC) layer communications services. Prior to 1.5.0.rc2, The npdu_is_expected_reply function in src/bacnet/npdu.c indexes request_pdu[offset+2/3/5] and reply_pdu[offset+1/2/4] without verifying that those APDU bytes exist. bacnet_npdu_decode() can return offset == 2 for a 2-byte NPDU, so tiny PDUs pass the version check and then get read out of bounds. On ASan/MPU/strict builds this is an immediate crash (DoS). On unprotected builds it is undefined behavior and can mis-route replies; RCE is unlikely because only reads occur, but DoS is reliable. | |||||
| CVE-2025-14104 | 2025-12-08 | N/A | 6.1 MEDIUM | ||
| A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the `setpwnam()` function, affecting SUID (Set User ID) login-utils utilities writing to the password database. | |||||
| CVE-2025-64656 | 1 Microsoft | 1 Azure Application Gateway | 2025-12-08 | N/A | 9.4 CRITICAL |
| Out-of-bounds read in Application Gateway allows an unauthorized attacker to elevate privileges over a network. | |||||
| CVE-2025-57697 | 1 Astrbot | 1 Astrbot | 2025-12-05 | N/A | 6.5 MEDIUM |
| AstrBot Project v3.5.22 has an arbitrary file read vulnerability in function _encode_image_bs64. Since the _encode_image_bs64 function defined in entities.py opens the image specified by the user in the request body and returns the image content as a base64-encoded string without checking the legitimacy of the image path, attackers can construct a series of malicious URLs to read any specified file, resulting in sensitive data leakage. | |||||
| CVE-2025-58476 | 1 Samsung | 1 Android | 2025-12-05 | N/A | 4.2 MEDIUM |
| Out-of-bounds read vulnerability in bootloader prior to SMR Dec-2025 Release 1 allows physical attackers to access out-of-bounds memory. | |||||
| CVE-2025-58479 | 1 Samsung | 1 Android | 2025-12-05 | N/A | 4.3 MEDIUM |
| Out-of-bounds read in libimagecodec.quram.so prior to SMR Dec-2025 Release 1 allows remote attackers to access out-of-bounds memory. | |||||
| CVE-2017-13037 | 1 Tcpdump | 1 Tcpdump | 2025-12-05 | 7.5 HIGH | 9.8 CRITICAL |
| The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printts(). | |||||
| CVE-2017-13027 | 1 Tcpdump | 1 Tcpdump | 2025-12-05 | 7.5 HIGH | 9.8 CRITICAL |
| The LLDP parser in tcpdump before 4.9.2 has a buffer over-read in print-lldp.c:lldp_mgmt_addr_tlv_print(). | |||||
| CVE-2012-1571 | 2 Christos Zoulas, Tim Robbins | 2 File, Libmagic | 2025-12-04 | 4.3 MEDIUM | 6.5 MEDIUM |
| file before 5.11 and libmagic allow remote attackers to cause a denial of service (crash) via a crafted Composite Document File (CDF) file that triggers (1) an out-of-bounds read or (2) an invalid pointer dereference. | |||||
| CVE-2025-66409 | 2025-12-04 | N/A | N/A | ||
| ESF-IDF is the Espressif Internet of Things (IOT) Development Framework. In 5.5.1, 5.4.3, 5.3.4, 5.2.6, 5.1.6, and earlier, when AVRCP is enabled on ESP32, receiving a malformed VENDOR DEPENDENT command from a peer device can cause the Bluetooth stack to access memory before validating the command buffer length. This may lead to an out-of-bounds read, potentially exposing unintended memory content or causing unexpected behavior. | |||||
| CVE-2017-13035 | 1 Tcpdump | 1 Tcpdump | 2025-12-04 | 7.5 HIGH | 9.8 CRITICAL |
| The ISO IS-IS parser in tcpdump before 4.9.2 has a buffer over-read in print-isoclns.c:isis_print_id(). | |||||
| CVE-2017-13034 | 1 Tcpdump | 1 Tcpdump | 2025-12-04 | 7.5 HIGH | 9.8 CRITICAL |
| The PGM parser in tcpdump before 4.9.2 has a buffer over-read in print-pgm.c:pgm_print(). | |||||
| CVE-2017-13031 | 1 Tcpdump | 1 Tcpdump | 2025-12-04 | 7.5 HIGH | 9.8 CRITICAL |
| The IPv6 fragmentation header parser in tcpdump before 4.9.2 has a buffer over-read in print-frag6.c:frag6_print(). | |||||
| CVE-2017-13028 | 2 Debian, Tcpdump | 2 Debian Linux, Tcpdump | 2025-12-04 | 7.5 HIGH | 9.8 CRITICAL |
| The BOOTP parser in tcpdump before 4.9.2 has a buffer over-read in print-bootp.c:bootp_print(). | |||||
| CVE-2017-13025 | 1 Tcpdump | 1 Tcpdump | 2025-12-04 | 7.5 HIGH | 9.8 CRITICAL |
| The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print(). | |||||
| CVE-2017-13024 | 2 Debian, Tcpdump | 2 Debian Linux, Tcpdump | 2025-12-04 | 7.5 HIGH | 9.8 CRITICAL |
| The IPv6 mobility parser in tcpdump before 4.9.2 has a buffer over-read in print-mobility.c:mobility_opt_print(). | |||||
| CVE-2017-13022 | 1 Tcpdump | 1 Tcpdump | 2025-12-04 | 7.5 HIGH | 9.8 CRITICAL |
| The IP parser in tcpdump before 4.9.2 has a buffer over-read in print-ip.c:ip_printroute(). | |||||
| CVE-2017-13021 | 1 Tcpdump | 1 Tcpdump | 2025-12-04 | 7.5 HIGH | 9.8 CRITICAL |
| The ICMPv6 parser in tcpdump before 4.9.2 has a buffer over-read in print-icmp6.c:icmp6_print(). | |||||
| CVE-2017-13020 | 2 Debian, Tcpdump | 2 Debian Linux, Tcpdump | 2025-12-04 | 7.5 HIGH | 9.8 CRITICAL |
| The VTP parser in tcpdump before 4.9.2 has a buffer over-read in print-vtp.c:vtp_print(). | |||||