Total
157 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-43965 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2025-12-31 | N/A | 2.9 LOW |
| In MIFF image processing in ImageMagick before 7.1.1-44, image depth is mishandled after SetQuantumFormat is used. | |||||
| CVE-2025-46393 | 1 Imagemagick | 1 Imagemagick | 2025-12-31 | N/A | 2.9 LOW |
| In multispectral MIFF image processing in ImageMagick before 7.1.1-44, packet_size is mishandled (related to the rendering of all channels in an arbitrary order). | |||||
| CVE-2025-66216 | 1 Aiscatcher | 1 Ais-catcher | 2025-12-23 | N/A | 9.8 CRITICAL |
| AIS-catcher is a multi-platform AIS receiver. Prior to version 0.64, a heap buffer overflow vulnerability has been identified in the AIS::Message class of AIS-catcher. This vulnerability allows an attacker to write approximately 1KB of arbitrary data into a 128-byte buffer. This issue has been patched in version 0.64. | |||||
| CVE-2025-62550 | 1 Microsoft | 1 Azure Monitor Agent | 2025-12-10 | N/A | 8.8 HIGH |
| Out-of-bounds write in Azure Monitor Agent allows an authorized attacker to execute code over a network. | |||||
| CVE-2025-33126 | 3 Ibm, Linux, Microsoft | 5 Aix, Db2 High Performance Unload Load, Linux On Ibm Z and 2 more | 2025-11-05 | N/A | 6.5 MEDIUM |
| IBM DB2 High Performance Unload 6.1.0.3, 5.1.0.1, 6.1.0.2, 6.5, 6.5.0.0 IF1, 6.1.0.1, 6.1, 5.1, 6.1.0.3, 5.1.0.1, 6.1.0.2, 6.5, 6.5.0.0 IF1, 6.1.0.1, 6.1, 5.1, 6.1.0.3, 5.1.0.1, 6.1.0.2, 6.5, 6.5.0.0 IF1, 6.1.0.1, 6.1, 5.1, 6.1.0.3, 5.1.0.1, 6.1.0.2, 6.5, 6.5.0.0 IF1, 6.1.0.1, 6.1, and 5.1 could allow an authenticated user to cause the program to crash due to the incorrect calculation of a buffer size. | |||||
| CVE-2025-27053 | 1 Qualcomm | 638 215 Mobile Platform, 215 Mobile Platform Firmware, 315 5g Iot Modem and 635 more | 2025-11-05 | N/A | 7.8 HIGH |
| Memory corruption during PlayReady APP usecase while processing TA commands. | |||||
| CVE-2025-27074 | 1 Qualcomm | 190 Apq8064au, Apq8064au Firmware, Csr8811 and 187 more | 2025-11-05 | N/A | 8.8 HIGH |
| Memory corruption while processing a GP command response. | |||||
| CVE-2024-23606 | 2 Fedoraproject, Libbiosig Project | 2 Fedora, Libbiosig | 2025-11-04 | N/A | 9.8 CRITICAL |
| An out-of-bounds write vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2025-1861 | 2 Netapp, Php | 2 Ontap, Php | 2025-11-03 | N/A | 9.8 CRITICAL |
| In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the response to an HTTP request, there is currently limit on the location value size caused by limited size of the location buffer to 1024. However as per RFC9110, the limit is recommended to be 8000. This may lead to incorrect URL truncation and redirecting to a wrong location. | |||||
| CVE-2023-1175 | 1 Vim | 1 Vim | 2025-11-03 | N/A | 6.6 MEDIUM |
| Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378. | |||||
| CVE-2025-57807 | 1 Imagemagick | 1 Imagemagick | 2025-11-03 | N/A | 3.8 LOW |
| ImageMagick is free and open-source software used for editing and manipulating digital images. ImageMagick versions lower than 14.8.2 include insecure functions: SeekBlob(), which permits advancing the stream offset beyond the current end without increasing capacity, and WriteBlob(), which then expands by quantum + length (amortized) instead of offset + length, and copies to data + offset. When offset ≫ extent, the copy targets memory beyond the allocation, producing a deterministic heap write on 64-bit builds. No 2⁶⁴ arithmetic wrap, external delegates, or policy settings are required. This is fixed in version 14.8.2. | |||||
| CVE-2022-39377 | 3 Debian, Fedoraproject, Sysstat Project | 3 Debian Linux, Fedora, Sysstat | 2025-11-03 | N/A | 7.0 HIGH |
| sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representing system activities. This issue may lead to Remote Code Execution (RCE). This issue has been patched in version 12.7.1. | |||||
| CVE-2020-17087 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1803 and 12 more | 2025-10-29 | 7.2 HIGH | 7.8 HIGH |
| Windows Kernel Local Elevation of Privilege Vulnerability | |||||
| CVE-2023-52557 | 1 Openbsd | 1 Openbsd | 2025-10-10 | N/A | 7.5 HIGH |
| In OpenBSD 7.3 before errata 016, npppd(8) could crash by a l2tp message which has an AVP (Attribute-Value Pair) with wrong length. | |||||
| CVE-2024-46729 | 1 Linux | 1 Linux Kernel | 2025-09-26 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix incorrect size calculation for loop [WHY] fe_clk_en has size of 5 but sizeof(fe_clk_en) has byte size 20 which is lager than the array size. [HOW] Divide byte size 20 by its element size. This fixes 2 OVERRUN issues reported by Coverity. | |||||
| CVE-2025-27042 | 1 Qualcomm | 688 215 Mobile, 215 Mobile Firmware, 315 5g Iot Modem and 685 more | 2025-09-25 | N/A | 7.8 HIGH |
| Memory corruption while processing video packets received from video firmware. | |||||
| CVE-2025-30334 | 1 Openbsd | 1 Openbsd | 2025-09-05 | N/A | 6.5 MEDIUM |
| In OpenBSD 7.6 before errata 006 and OpenBSD 7.5 before errata 015, traffic sent over wg(4) could result in kernel crash. | |||||
| CVE-2024-49776 | 1 Justdan96 | 1 Tsmuxer | 2025-09-05 | N/A | 6.5 MEDIUM |
| A negative-size-param in tsMuxer version nightly-2024-04-05-01-53-02 allows attackers to cause Denial of Service (DoS) via a crafted TS video file. | |||||
| CVE-2025-46688 | 2 Quickjs-ng, Quickjs Project | 2 Quickjs, Quickjs | 2025-05-30 | N/A | 5.6 MEDIUM |
| quickjs-ng through 0.9.0 has an incorrect size calculation in JS_ReadBigInt for a BigInt, leading to a heap-based buffer overflow. QuickJS before 2025-04-26 is also affected. | |||||
| CVE-2023-45871 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-05-05 | N/A | 7.5 HIGH |
| An issue was discovered in drivers/net/ethernet/intel/igb/igb_main.c in the IGB driver in the Linux kernel before 6.5.3. A buffer size may not be adequate for frames larger than the MTU. | |||||