Total
408 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-15167 | 1 Tcpdump | 1 Tcpdump | 2025-12-03 | 9.1 Critical |
| The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print() for VRRP version 3, a different vulnerability than CVE-2018-14463. | ||||
| CVE-2025-12106 | 1 Openvpn | 1 Openvpn | 2025-12-01 | 9.1 Critical |
| Insufficient argument validation in OpenVPN 2.7_alpha1 through 2.7_rc1 allows an attacker to trigger a heap buffer over-read when parsing IP addresses | ||||
| CVE-2024-53020 | 1 Qualcomm | 468 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 465 more | 2025-11-28 | 8.2 High |
| Information disclosure may occur while decoding the RTP packet with invalid header extension from network. | ||||
| CVE-2025-21463 | 1 Qualcomm | 422 Ar8035, Ar8035 Firmware, Csr8811 and 419 more | 2025-11-28 | 7.5 High |
| Transient DOS while processing the EHT operation IE in the received beacon frame. | ||||
| CVE-2024-53026 | 1 Qualcomm | 468 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 465 more | 2025-11-28 | 8.2 High |
| Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call. | ||||
| CVE-2024-53021 | 1 Qualcomm | 450 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 447 more | 2025-11-28 | 8.2 High |
| Information disclosure may occur while processing goodbye RTCP packet from network. | ||||
| CVE-2025-21487 | 1 Qualcomm | 455 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 452 more | 2025-11-28 | 8.2 High |
| Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the available buffer length. | ||||
| CVE-2025-47318 | 1 Qualcomm | 407 Apq8017, Apq8017 Firmware, Apq8064au and 404 more | 2025-11-28 | 7.5 High |
| Transient DOS while parsing the EPTM test control message to get the test pattern. | ||||
| CVE-2025-21488 | 1 Qualcomm | 217 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 214 more | 2025-11-28 | 8.2 High |
| Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set. | ||||
| CVE-2025-60720 | 1 Microsoft | 27 Windows, Windows 10, Windows 10 1607 and 24 more | 2025-11-25 | 7.8 High |
| Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-21484 | 1 Qualcomm | 347 Apq8064au, Apq8064au Firmware, Aqt1000 and 344 more | 2025-11-25 | 8.2 High |
| Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet. | ||||
| CVE-2025-59192 | 1 Microsoft | 25 Windows, Windows 10, Windows 10 1507 and 22 more | 2025-11-22 | 7.8 High |
| Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-55325 | 1 Microsoft | 21 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 18 more | 2025-11-22 | 5.5 Medium |
| Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally. | ||||
| CVE-2025-54901 | 1 Microsoft | 14 365, 365 Apps, Excel and 11 more | 2025-11-20 | 5.5 Medium |
| Buffer over-read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | ||||
| CVE-2025-53806 | 1 Microsoft | 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more | 2025-11-20 | 6.5 Medium |
| Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-53796 | 1 Microsoft | 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more | 2025-11-20 | 6.5 Medium |
| Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-53798 | 1 Microsoft | 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more | 2025-11-20 | 6.5 Medium |
| Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2025-53797 | 1 Microsoft | 11 Windows Server 2008, Windows Server 2008 R2, Windows Server 2008 Sp2 and 8 more | 2025-11-20 | 6.5 Medium |
| Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | ||||
| CVE-2024-31082 | 1 Redhat | 1 Enterprise Linux | 2025-11-20 | 7.3 High |
| A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads. | ||||
| CVE-2024-31081 | 1 Redhat | 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more | 2025-11-20 | 7.3 High |
| A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads. | ||||