Total
8346 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-45070 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2025-10-16 | 5.5 Medium |
| in OpenHarmony v4.1.2 and prior versions allow a local attacker cause information leak through out-of-bounds Read. | ||||
| CVE-2025-3407 | 1 Nothings | 2 Stb, Stb Image.h | 2025-10-16 | 6.3 Medium |
| A vulnerability was found in Nothings stb up to f056911. It has been declared as critical. Affected by this vulnerability is the function stbhw_build_tileset_from_image. The manipulation of the argument h_count/v_count leads to out-of-bounds read. The attack can be launched remotely. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-3406 | 1 Nothings | 2 Stb, Stb Image.h | 2025-10-16 | 4.3 Medium |
| A vulnerability was found in Nothings stb up to f056911. It has been classified as problematic. Affected is the function stbhw_build_tileset_from_image of the component Header Array Handler. The manipulation of the argument w leads to out-of-bounds read. It is possible to launch the attack remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2025-27534 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2025-10-16 | 3.3 Low |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker case DOS through missing release of memory. | ||||
| CVE-2025-22842 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2025-10-16 | 3.3 Low |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | ||||
| CVE-2025-20102 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2025-10-16 | 3.3 Low |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | ||||
| CVE-2025-22452 | 2 Openatom, Openharmony | 2 Openharmony, Openharmony | 2025-10-16 | 3.3 Low |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker cause DOS through out-of-bounds read. | ||||
| CVE-2025-11021 | 1 Redhat | 1 Enterprise Linux | 2025-10-15 | 7.5 High |
| A flaw was found in the cookie date handling logic of the libsoup HTTP library, widely used by GNOME and other applications for web communication. When processing cookies with specially crafted expiration dates, the library may perform an out-of-bounds memory read. This flaw could result in unintended disclosure of memory contents, potentially exposing sensitive information from the process using libsoup. | ||||
| CVE-2025-5307 | 1 Santesoft | 1 Dicom Viewer Pro | 2025-10-15 | 7.8 High |
| Santesoft Sante DICOM Viewer Pro contains a memory corruption vulnerability. A local attacker could exploit this issue to potentially disclose information and to execute arbitrary code on affected installations of Sante DICOM Viewer Pro. | ||||
| CVE-2024-24911 | 1 Checkpoint | 4 Gaia Os, Management Server, Multi-domain Management and 1 more | 2025-10-15 | 5.3 Medium |
| In rare scenarios, the cpca process on the Security Management Server / Domain Management Server may exit unexpectedly, creating a core dump file. When the cpca process is down, VPN and SIC connectivity issues may occur if the CRL is not present in the Security Gateway's CRL cache. | ||||
| CVE-2024-38101 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-10-14 | 6.5 Medium |
| Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | ||||
| CVE-2024-38073 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2025-10-14 | 7.5 High |
| Windows Remote Desktop Licensing Service Denial of Service Vulnerability | ||||
| CVE-2024-38057 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-10-14 | 7.8 High |
| Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-38048 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-10-14 | 6.5 Medium |
| Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability | ||||
| CVE-2024-38028 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-10-14 | 7.2 High |
| Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability | ||||
| CVE-2024-38102 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-10-14 | 6.5 Medium |
| Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | ||||
| CVE-2024-38062 | 1 Microsoft | 11 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 8 more | 2025-10-14 | 7.8 High |
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-38056 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-10-14 | 5.5 Medium |
| Microsoft Windows Codecs Library Information Disclosure Vulnerability | ||||
| CVE-2025-11494 | 1 Gnu | 1 Binutils | 2025-10-14 | 3.3 Low |
| A vulnerability was found in GNU Binutils 2.45. Impacted is the function _bfd_x86_elf_late_size_sections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is identified as b6ac5a8a5b82f0ae6a4642c8d7149b325f4cc60a. A patch should be applied to remediate this issue. | ||||
| CVE-2025-11414 | 1 Gnu | 1 Binutils | 2025-10-14 | 3.3 Low |
| A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function get_link_hash_entry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.46 addresses this issue. Patch name: aeaaa9af6359c8e394ce9cf24911fec4f4d23703. It is advisable to upgrade the affected component. | ||||