Total
12402 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-26479 | 1 Dell | 1 Powerscale Onefs | 2025-07-15 | N/A | 3.1 LOW |
| Dell PowerScale OneFS, versions 9.4.0.0 through 9.10.0.0, contains an out-of-bounds write vulnerability. An attacker could potentially exploit this vulnerability in NFS workflows, leading to data integrity issues. | |||||
| CVE-2025-48805 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-07-15 | N/A | 7.8 HIGH |
| Heap-based buffer overflow in Microsoft MPEG-2 Video Extension allows an authorized attacker to execute code locally. | |||||
| CVE-2025-21006 | 1 Samsung | 1 Android | 2025-07-15 | N/A | 7.0 HIGH |
| Out-of-bounds write in handling of macro blocks for MPEG4 codec in libsavsvc.so prior to Android 15 allows local attackers to write out-of-bounds memory. | |||||
| CVE-2025-21007 | 1 Samsung | 1 Android | 2025-07-15 | N/A | 5.5 MEDIUM |
| Out-of-bounds write in accessing uninitialized memory in libsavsvc.so prior to Android 15 allows local attackers to cause memory corruption. | |||||
| CVE-2025-47998 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-07-15 | N/A | 8.8 HIGH |
| Heap-based buffer overflow in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to execute code over a network. | |||||
| CVE-2025-52952 | 2025-07-15 | N/A | 6.5 MEDIUM | ||
| An Out-of-bounds Write vulnerability in the connectivity fault management (CFM) daemon of Juniper Networks Junos OS on MX Series with MPC-BUILTIN, MPC1 through MPC9 line cards allows an unauthenticated adjacent attacker to send a malformed packet to the device, leading to an FPC crash and restart, resulting in a Denial of Service (DoS). Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects Juniper Networks: Junos OS: * All versions before 22.2R3-S1, * from 22.4 before 22.4R2. This feature is not enabled by default. | |||||
| CVE-2025-5451 | 1 Ivanti | 2 Connect Secure, Policy Secure | 2025-07-15 | N/A | 4.9 MEDIUM |
| A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.8 and Ivanti Policy Secure before version 22.7R1.5 allows a remote authenticated attacker with admin rights to trigger a denial of service. | |||||
| CVE-2023-50805 | 1 Samsung | 32 Exynos 1080, Exynos 1080 Firmware, Exynos 1280 and 29 more | 2025-07-14 | N/A | 8.1 HIGH |
| A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos W930, Exynos Modem 5123, Exynos Modem 5300 that allows an out-of-bounds write in the heap in 2G (no auth). | |||||
| CVE-2025-2288 | 1 Rockwellautomation | 1 Arena | 2025-07-14 | N/A | 7.8 HIGH |
| A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file. | |||||
| CVE-2025-2293 | 1 Rockwellautomation | 1 Arena | 2025-07-14 | N/A | 7.8 HIGH |
| A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file. | |||||
| CVE-2025-2829 | 1 Rockwellautomation | 1 Arena | 2025-07-14 | N/A | 7.8 HIGH |
| A local code execution vulnerability exists in the Rockwell Automation Arena® due to a threat actor being able to write outside of the allocated memory buffer. The flaw is a result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file. | |||||
| CVE-2025-3289 | 1 Rockwellautomation | 1 Arena | 2025-07-14 | N/A | 7.8 HIGH |
| A local code execution vulnerability exists in the Rockwell Automation Arena® due to a stack-based memory buffer overflow. The flaw is result of improper validation of user-supplied data. If exploited a threat actor can disclose information and execute arbitrary code on the system. To exploit the vulnerability a legitimate user must open a malicious DOE file. | |||||
| CVE-2025-20983 | 1 Samsung | 1 Android | 2025-07-14 | N/A | 6.4 MEDIUM |
| Out-of-bounds write in checking auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. | |||||
| CVE-2025-20982 | 1 Samsung | 1 Android | 2025-07-14 | N/A | 6.4 MEDIUM |
| Out-of-bounds write in setting auth secret in KnoxVault trustlet prior to SMR Jul-2025 Release 1 allows local privileged attackers to write out-of-bounds memory. | |||||
| CVE-2025-47108 | 1 Adobe | 1 Substance 3d Painter | 2025-07-14 | N/A | 7.8 HIGH |
| Substance3D - Painter versions 11.0.1 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-43581 | 1 Adobe | 1 Substance 3d Sampler | 2025-07-14 | N/A | 7.8 HIGH |
| Substance3D - Sampler versions 5.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-43588 | 1 Adobe | 1 Substance 3d Sampler | 2025-07-14 | N/A | 7.8 HIGH |
| Substance3D - Sampler versions 5.0 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2025-20695 | 3 Google, Mediatek, Openwrt | 14 Android, Mt6639, Mt6653 and 11 more | 2025-07-14 | N/A | 6.5 MEDIUM |
| In Bluetooth FW, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09741871; Issue ID: MSV-3317. | |||||
| CVE-2023-52725 | 1 Linuxfoundation | 1 Onos-kpimon | 2025-07-14 | N/A | 6.5 MEDIUM |
| Open Networking Foundation SD-RAN ONOS onos-kpimon 0.4.7 allows blocking of the errCh channel within the Start function of the monitoring package. | |||||
| CVE-2023-52727 | 1 Linuxfoundation | 1 Onos-lib-go | 2025-07-14 | N/A | 8.1 HIGH |
| Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index out-of-range condition in parseAlignBits. | |||||