Total
8569 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-4435 | 1 Lenovo | 2 Thinkpad X13s, Thinkpad X13s Firmware | 2025-04-10 | 6.7 Medium |
| A buffer over-read vulnerability was reported in the ThinkPadX13s BIOS LenovoRemoteConfigUpdateDxe driver that could allow a local attacker with elevated privileges to cause information disclosure. | ||||
| CVE-2022-33253 | 1 Qualcomm | 322 Aqt1000, Aqt1000 Firmware, Ar8035 and 319 more | 2025-04-09 | 7.5 High |
| Transient DOS due to buffer over-read in WLAN while parsing corrupted NAN frames. | ||||
| CVE-2022-33252 | 1 Qualcomm | 322 Aqt1000, Aqt1000 Firmware, Ar8035 and 319 more | 2025-04-09 | 8.2 High |
| Information disclosure due to buffer over-read in WLAN while handling IBSS beacons frame. | ||||
| CVE-2022-22079 | 1 Qualcomm | 92 Apq8009, Apq8009 Firmware, Apq8009w and 89 more | 2025-04-09 | 4.6 Medium |
| Denial of service while processing fastboot flash command on mmc due to buffer over read | ||||
| CVE-2024-36612 | 1 Zulip | 2 Zulip, Zulip Server | 2025-04-09 | 7.5 High |
| Zulip from 8.0 to 8.3 contains a memory leak vulnerability in the handling of popovers. | ||||
| CVE-2023-0049 | 2 Fedoraproject, Vim | 2 Fedora, Vim | 2025-04-09 | 7.8 High |
| Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. | ||||
| CVE-2023-0051 | 1 Vim | 1 Vim | 2025-04-09 | 7.8 High |
| Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144. | ||||
| CVE-2025-20655 | 2 Google, Mediatek | 2 Android, Mt9972 | 2025-04-09 | 5.3 Medium |
| In keymaster, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: DTV04427687; Issue ID: MSV-3183. | ||||
| CVE-2022-40519 | 1 Qualcomm | 386 Aqt1000, Aqt1000 Firmware, Ar8031 and 383 more | 2025-04-09 | 6.8 Medium |
| Information disclosure due to buffer overread in Core | ||||
| CVE-2022-40518 | 1 Qualcomm | 320 Aqt1000, Aqt1000 Firmware, Ar8031 and 317 more | 2025-04-09 | 6.8 Medium |
| Information disclosure due to buffer overread in Core | ||||
| CVE-2022-33286 | 1 Qualcomm | 562 Apq8009, Apq8009 Firmware, Apq8017 and 559 more | 2025-04-09 | 7.5 High |
| Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames. | ||||
| CVE-2022-33285 | 1 Qualcomm | 556 Apq8009, Apq8009 Firmware, Apq8017 and 553 more | 2025-04-09 | 7.5 High |
| Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames. | ||||
| CVE-2022-33284 | 1 Qualcomm | 352 Aqt1000, Aqt1000 Firmware, Ar8035 and 349 more | 2025-04-09 | 8.2 High |
| Information disclosure due to buffer over-read in WLAN while parsing BTM action frame. | ||||
| CVE-2022-33283 | 1 Qualcomm | 268 Ar8035, Ar8035 Firmware, Ar9380 and 265 more | 2025-04-09 | 8.2 High |
| Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check. | ||||
| CVE-2022-33255 | 1 Qualcomm | 184 Apq8009, Apq8009 Firmware, Ar8031 and 181 more | 2025-04-09 | 8.2 High |
| Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device. | ||||
| CVE-2021-46768 | 1 Amd | 4 Milanpi, Milanpi Firmware, Romepi and 1 more | 2025-04-09 | 5.5 Medium |
| Insufficient input validation in SEV firmware may allow an attacker to perform out-of-bounds memory reads within the ASP boot loader, potentially leading to a denial of service. | ||||
| CVE-2024-20949 | 1 Oracle | 1 Customer Interaction History | 2025-04-09 | 6.1 Medium |
| Vulnerability in the Oracle Customer Interaction History product of Oracle E-Business Suite (component: Outcome-Result). Supported versions that are affected are 12.2.3-12.2.13. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Customer Interaction History. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Customer Interaction History, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Customer Interaction History accessible data as well as unauthorized read access to a subset of Oracle Customer Interaction History accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). | ||||
| CVE-2006-6016 | 1 Wordpress | 1 Wordpress | 2025-04-09 | 6.5 Medium |
| wp-admin/user-edit.php in WordPress before 2.0.5 allows remote authenticated users to read the metadata of an arbitrary user via a modified user_id parameter. | ||||
| CVE-2006-5393 | 1 Cisco | 1 Secure Desktop | 2025-04-09 | 5.5 Medium |
| Cisco Secure Desktop (CSD) does not require that the ClearPageFileAtShutdown (aka CCE-Winv2.0-407) registry value equals 1, which might allow local users to read certain memory pages that were written during another user's SSL VPN session. | ||||
| CVE-2009-2523 | 1 Microsoft | 1 Windows 2000 | 2025-04-09 | N/A |
| The License Logging Server (llssrv.exe) in Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via an RPC message containing a string without a null terminator, which triggers a heap-based buffer overflow in the LlsrLicenseRequestW method, aka "License Logging Server Heap Overflow Vulnerability." | ||||