Total
10281 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-32652 | 2 Google, Mediatek | 6 Android, Mt6833, Mt6853 and 3 more | 2025-04-10 | N/A | 6.7 MEDIUM |
| In mtk-aie, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262617; Issue ID: ALPS07262617. | |||||
| CVE-2024-36047 | 1 Infoblox | 1 Nios | 2025-04-10 | N/A | 9.8 CRITICAL |
| Infoblox NIOS through 8.6.4 and 9.x through 9.0.3 has Improper Input Validation. | |||||
| CVE-2023-40515 | 1 Lg | 1 Simple Editor | 2025-04-10 | N/A | 7.5 HIGH |
| LG Simple Editor joinAddUser Improper Input Validation Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the joinAddUser method. The issue results from improper input validation. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. . Was ZDI-CAN-20048. | |||||
| CVE-2025-27489 | 2025-04-09 | N/A | 7.8 HIGH | ||
| Improper input validation in Azure Local allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-27737 | 2025-04-09 | N/A | 8.6 HIGH | ||
| Improper input validation in Windows Security Zone Mapping allows an unauthorized attacker to bypass a security feature locally. | |||||
| CVE-2025-29821 | 2025-04-09 | N/A | 5.5 MEDIUM | ||
| Improper input validation in Dynamics Business Central allows an authorized attacker to disclose information locally. | |||||
| CVE-2025-24058 | 2025-04-09 | N/A | 7.8 HIGH | ||
| Improper input validation in Windows DWM Core Library allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-27731 | 2025-04-09 | N/A | 7.8 HIGH | ||
| Improper input validation in OpenSSH for Windows allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-29811 | 2025-04-09 | N/A | 7.8 HIGH | ||
| Improper input validation in Windows Mobile Broadband allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-2223 | 2025-04-09 | N/A | 7.8 HIGH | ||
| CWE-20: Improper Input Validation vulnerability exists that could cause a loss of Confidentiality, Integrity and Availability of engineering workstation when a malicious project file is loaded by a user from the local system. | |||||
| CVE-2021-26316 | 1 Amd | 294 Athlon 3050ge, Athlon 3050ge Firmware, Athlon 3150g and 291 more | 2025-04-09 | N/A | 7.8 HIGH |
| Failure to validate the communication buffer and communication service in the BIOS may allow an attacker to tamper with the buffer resulting in potential SMM (System Management Mode) arbitrary code execution. | |||||
| CVE-2022-33300 | 1 Qualcomm | 102 Qam8295p, Qam8295p Firmware, Qca6174a and 99 more | 2025-04-09 | N/A | 8.4 HIGH |
| Memory corruption in Automotive Android OS due to improper input validation. | |||||
| CVE-2022-23814 | 1 Amd | 2 Milanpi-sp3, Milanpi-sp3 Firmware | 2025-04-09 | N/A | 5.3 MEDIUM |
| Failure to validate addresses provided by software to BIOS commands may result in a potential loss of integrity of guest memory in a confidential compute environment. | |||||
| CVE-2021-46767 | 1 Amd | 4 Milanpi, Milanpi Firmware, Romepi and 1 more | 2025-04-09 | N/A | 6.1 MEDIUM |
| Insufficient input validation in the ASP may allow an attacker with physical access, unauthorized write access to memory potentially leading to a loss of integrity or denial of service. | |||||
| CVE-2008-6962 | 1 Avira | 4 Antivir, Antivir Personal, Antivir Professional and 1 more | 2025-04-09 | 7.2 HIGH | N/A |
| Avira AntiVir Premium, Premium Security Suite, AntiVir Professional, and AntiVir Personal - FREE allows local users to execute arbitrary code via a crafted IOCTL request that overwrites a kernel pointer. | |||||
| CVE-2007-5036 | 1 Airdefense | 1 Airsensor | 2025-04-09 | 5.0 MEDIUM | N/A |
| Multiple buffer overflows in the AirDefense Airsensor M520 with firmware 4.3.1.1 and 4.4.1.4 allow remote authenticated users to cause a denial of service (HTTPS service outage) via a crafted query string in an HTTPS request to (1) adLog.cgi, (2) post.cgi, or (3) ad.cgi, related to the "files filter." | |||||
| CVE-2009-0681 | 1 Pgp | 1 Desktop | 2025-04-09 | 7.2 HIGH | N/A |
| PGP Desktop before 9.10 allows local users to (1) cause a denial of service (crash) via a crafted IOCTL request to pgpdisk.sys, and (2) cause a denial of service (crash) and execute arbitrary code via a crafted IRP in an IOCTL request to pgpwded.sys. | |||||
| CVE-2008-5521 | 2 Free-av, Microsoft | 2 Antivir, Internet Explorer | 2025-04-09 | 9.3 HIGH | N/A |
| Avira AntiVir 7.9.0.36 and possibly 7.8.1.28, when Internet Explorer 6 or 7 is used, allows remote attackers to bypass detection of malware in an HTML document by placing an MZ header (aka "EXE info") at the beginning, and modifying the filename to have (1) no extension, (2) a .txt extension, or (3) a .jpg extension, as demonstrated by a document containing a CVE-2006-5745 exploit. | |||||
| CVE-2008-6538 | 1 Holger Schurig | 1 Destar | 2025-04-09 | 5.0 MEDIUM | N/A |
| DeStar 0.2.2-5 allows remote attackers to add arbitrary users via a direct request to config/add/CfgOptUser. | |||||
| CVE-2009-0059 | 1 Cisco | 5 4400 Wireless Lan Controller, Catalyst 3750 Series Integrated Wireless Lan Controller, Catalyst 6500 Series Integrated Wireless Lan Controller and 2 more | 2025-04-09 | 7.8 HIGH | N/A |
| The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a denial of service (device reload) via a web authentication (aka WebAuth) session that includes a malformed POST request to login.html. | |||||