Total
7971 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-43538 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-06-16 | 6.5 Medium |
| Windows Mobile Broadband Driver Denial of Service Vulnerability | ||||
| CVE-2024-43537 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-06-16 | 6.5 Medium |
| Windows Mobile Broadband Driver Denial of Service Vulnerability | ||||
| CVE-2024-43534 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-06-16 | 6.5 Medium |
| Windows Graphics Component Information Disclosure Vulnerability | ||||
| CVE-2024-43508 | 1 Microsoft | 4 Windows 11 22h2, Windows 11 23h2, Windows 11 24h2 and 1 more | 2025-06-16 | 5.5 Medium |
| Windows Graphics Component Information Disclosure Vulnerability | ||||
| CVE-2024-43449 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-06-16 | 6.8 Medium |
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-43644 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-06-16 | 7.8 High |
| Windows Client-Side Caching Elevation of Privilege Vulnerability | ||||
| CVE-2024-43643 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-06-16 | 6.8 Medium |
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-43638 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-06-16 | 6.8 Medium |
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-43637 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-06-16 | 6.8 Medium |
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-43634 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-06-16 | 6.8 Medium |
| Windows USB Video Class System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2023-4280 | 1 Silabs | 1 Gecko Software Development Kit | 2025-06-13 | 9.3 Critical |
| An unvalidated input in Silicon Labs TrustZone implementation in v4.3.x and earlier of the Gecko SDK allows an attacker to access the trusted region of memory from the untrusted region. | ||||
| CVE-2025-2884 | 2025-06-13 | 6.6 Medium | ||
| TCG TPM2.0 Reference implementation's CryptHmacSign helper function is vulnerable to Out-of-Bounds read due to the lack of validation the signature scheme with the signature key's algorithm. See Errata Revision 1.83 and advisory TCGVRT0009 for TCG standard TPM2.0 | ||||
| CVE-2024-34251 | 1 Bytecodealliance | 1 Webassembly Micro Runtime | 2025-06-13 | 7.5 High |
| An out-of-bound memory read vulnerability was discovered in Bytecode Alliance wasm-micro-runtime v2.0.0 which allows a remote attacker to cause a denial of service via the "block_type_get_arity" function in core/iwasm/interpreter/wasm.h. | ||||
| CVE-2025-5918 | 1 Redhat | 2 Enterprise Linux, Openshift | 2025-06-12 | 3.9 Low |
| A vulnerability has been identified in the libarchive library. This flaw can be triggered when file streams are piped into bsdtar, potentially allowing for reading past the end of the file. This out-of-bounds read can lead to unintended consequences, including unpredictable program behavior, memory corruption, or a denial-of-service condition. | ||||
| CVE-2025-47112 | 2025-06-12 | 5.5 Medium | ||
| Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-49133 | 2025-06-12 | 5.9 Medium | ||
| Libtpms is a library that targets the integration of TPM functionality into hypervisors, primarily into Qemu. Libtpms, which is derived from the TPM 2.0 reference implementation code published by the Trusted Computing Group, is prone to a potential out of bounds (OOB) read vulnerability. The vulnerability occurs in the ‘CryptHmacSign’ function with an inconsistent pairing of the signKey and signScheme parameters, where the signKey is ALG_KEYEDHASH key and inScheme is an ECC or RSA scheme. The reported vulnerability is in the ‘CryptHmacSign’ function, which is defined in the "Part 4: Supporting Routines – Code" document, section "7.151 - /tpm/src/crypt/CryptUtil.c ". This vulnerability can be triggered from user-mode applications by sending malicious commands to a TPM 2.0/vTPM (swtpm) whose firmware is based on an affected TCG reference implementation. The effect on libtpms is that it will cause an abort due to the detection of the out-of-bounds access, thus for example making a vTPM (swtpm) unavailable to a VM. This vulnerability is fixed in 0.7.12, 0.8.10, 0.9.7, and 0.10.1. | ||||
| CVE-2025-43578 | 2025-06-12 | 5.5 Medium | ||
| Acrobat Reader versions 24.001.30235, 20.005.30763, 25.001.20521 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2023-22113 | 3 Netapp, Oracle, Redhat | 4 Oncommand Insight, Mysql, Enterprise Linux and 1 more | 2025-06-12 | 2.7 Low |
| Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 8.0.33 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.1 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N). | ||||
| CVE-2023-42536 | 1 Samsung | 1 Android | 2025-06-11 | 8.4 High |
| An improper input validation in saped_dec in libsaped prior to SMR Nov-2023 Release 1 allows local attackers to cause out-of-bounds read and write. | ||||
| CVE-2023-6174 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-06-11 | 6.3 Medium |
| SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file | ||||