Total
7384 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-13169 | 1 Ivanti | 1 Endpoint Manager | 2025-07-11 | N/A | 7.8 HIGH |
| An out-of-bounds read in Ivanti EPM before the 2024 January-2025 Security Update and 2022 SU6 January-2025 Security Update allows a local authenticated attacker to escalate their privileges. | |||||
| CVE-2025-20152 | 1 Cisco | 1 Identity Services Engine | 2025-07-11 | N/A | 8.6 HIGH |
| A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain RADIUS requests. An attacker could exploit this vulnerability by sending a specific authentication request to a network access device (NAD) that uses Cisco ISE for authentication, authorization, and accounting (AAA). A successful exploit could allow the attacker to cause Cisco ISE to reload. | |||||
| CVE-2025-2073 | 2 Google, Linux | 2 Chrome Os, Linux Kernel | 2025-07-11 | N/A | 8.8 HIGH |
| Out-of-Bounds Read in netfilter/ipset in Linux Kernel ChromeOS [6.1, 5.15, 5.10, 5.4, 4.19] allows a local attacker with low privileges to trigger an out-of-bounds read, potentially leading to information disclosure | |||||
| CVE-2024-53450 | 1 Infiniflow | 1 Ragflow | 2025-07-10 | N/A | 7.5 HIGH |
| RAGFlow 0.13.0 suffers from improper access control in document-hooks.ts, allowing unauthorized access to user documents. | |||||
| CVE-2018-9383 | 1 Google | 1 Android | 2025-07-10 | N/A | 4.4 MEDIUM |
| In asn1_ber_decoder of asn1_decoder.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2018-9464 | 1 Google | 1 Android | 2025-07-10 | N/A | 7.8 HIGH |
| In multiple locations, there is a possible way to read protected files due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2017-13317 | 1 Google | 1 Android | 2025-07-10 | N/A | 5.7 MEDIUM |
| In HeifDecoderImpl::getScanline of HeifDecoderImpl.cpp, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2017-13318 | 1 Google | 1 Android | 2025-07-10 | N/A | 5.7 MEDIUM |
| In HeifDataSource::readAt of HeifDecoderImpl.cpp, there is a possible out of bounds read due to an integer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. | |||||
| CVE-2025-49525 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2025-07-10 | N/A | 5.5 MEDIUM |
| Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-30313 | 3 Adobe, Apple, Microsoft | 3 Illustrator, Macos, Windows | 2025-07-10 | N/A | 5.5 MEDIUM |
| Illustrator versions 28.7.6, 29.5.1 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2017-5978 | 1 Gdraheim | 1 Zziplib | 2025-07-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| The zzip_mem_entry_new function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (out-of-bounds read and crash) via a crafted ZIP file. | |||||
| CVE-2017-5977 | 1 Gdraheim | 1 Zziplib | 2025-07-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| The zzip_mem_entry_extra_block function in memdisk.c in zziplib 0.13.62 allows remote attackers to cause a denial of service (invalid memory read and crash) via a crafted ZIP file. | |||||
| CVE-2025-27733 | 1 Microsoft | 7 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 4 more | 2025-07-10 | N/A | 7.8 HIGH |
| Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. | |||||
| CVE-2025-27742 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-10 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in Windows NTFS allows an unauthorized attacker to disclose information locally. | |||||
| CVE-2025-27741 | 1 Microsoft | 7 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 4 more | 2025-07-10 | N/A | 7.8 HIGH |
| Out-of-bounds read in Windows NTFS allows an unauthorized attacker to elevate privileges locally. | |||||
| CVE-2025-24069 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-07-10 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | |||||
| CVE-2025-29811 | 1 Microsoft | 5 Windows 11 22h2, Windows 11 23h2, Windows 11 24h2 and 2 more | 2025-07-10 | N/A | 7.8 HIGH |
| Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-32716 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-07-10 | N/A | 7.8 HIGH |
| Out-of-bounds read in Windows Media allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-21008 | 1 Samsung | 1 Android | 2025-07-10 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in decoding frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption. | |||||
| CVE-2025-21009 | 1 Samsung | 1 Android | 2025-07-10 | N/A | 5.5 MEDIUM |
| Out-of-bounds read in decoding malformed frame header in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption. | |||||