Total
3309 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-20602 | 2 Google, Mediatek | 25 Android, Mt6735, Mt6737 and 22 more | 2025-03-26 | 6.7 Medium |
| In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494107; Issue ID: ALPS07494107. | ||||
| CVE-2022-47322 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-26 | 5.5 Medium |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | ||||
| CVE-2022-38680 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-26 | 5.5 Medium |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | ||||
| CVE-2022-38674 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-26 | 5.5 Medium |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | ||||
| CVE-2022-47451 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-25 | 6.3 Medium |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | ||||
| CVE-2023-0615 | 1 Linux | 1 Linux Kernel | 2025-03-25 | 5.5 Medium |
| A memory leak flaw and potential divide by zero and Integer overflow was found in the Linux kernel V4L2 and vivid test code functionality. This issue occurs when a user triggers ioctls, such as VIDIOC_S_DV_TIMINGS ioctl. This could allow a local user to crash the system if vivid test code enabled. | ||||
| CVE-2024-57492 | 1 Redox-os | 1 Redox | 2025-03-24 | 6 Medium |
| An issue in redoxOS relibc before commit 98aa4ea5 allows a local attacker to cause a denial of service via the round_up_to_page funciton. | ||||
| CVE-2023-4295 | 1 Arm | 2 Mali Gpu Kernel Driver, Valhall Gpu Kernel Driver | 2025-03-24 | 7.8 High |
| A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. | ||||
| CVE-2021-4206 | 3 Debian, Qemu, Redhat | 4 Debian Linux, Qemu, Advanced Virtualization and 1 more | 2025-03-21 | 8.2 High |
| A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process. | ||||
| CVE-2023-51714 | 3 Debian, Qt, Redhat | 3 Debian Linux, Qt, Enterprise Linux | 2025-03-20 | 9.8 Critical |
| An issue was discovered in the HTTP2 implementation in Qt before 5.15.17, 6.x before 6.2.11, 6.3.x through 6.5.x before 6.5.4, and 6.6.x before 6.6.2. network/access/http2/hpacktable.cpp has an incorrect HPack integer overflow check. | ||||
| CVE-2023-23462 | 1 Libpeconv Project | 1 Libpeconv | 2025-03-19 | 9.8 Critical |
| Libpeconv – integer overflow, before commit 75b1565 (30/11/2022). | ||||
| CVE-2023-20662 | 4 Google, Linux, Mediatek and 1 more | 29 Android, Linux Kernel, Mt5221 and 26 more | 2025-03-17 | 6.7 Medium |
| In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560765; Issue ID: ALPS07560765. | ||||
| CVE-2023-20661 | 4 Google, Linux, Mediatek and 1 more | 29 Android, Linux Kernel, Mt5221 and 26 more | 2025-03-17 | 6.7 Medium |
| In wlan, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560782; Issue ID: ALPS07560782. | ||||
| CVE-2023-20660 | 4 Google, Linux, Mediatek and 1 more | 29 Android, Linux Kernel, Mt5221 and 26 more | 2025-03-17 | 4.4 Medium |
| In wlan, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588383; Issue ID: ALPS07588383. | ||||
| CVE-2023-49441 | 1 Thekelleys | 1 Dnsmasq | 2025-03-14 | 7.5 High |
| dnsmasq 2.9 is vulnerable to Integer Overflow via forward_query. | ||||
| CVE-2022-47454 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-12 | 5.5 Medium |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. | ||||
| CVE-2025-21369 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-03-12 | 8.8 High |
| Microsoft Digest Authentication Remote Code Execution Vulnerability | ||||
| CVE-2025-0587 | 1 Openatom | 1 Openharmony | 2025-03-11 | 3.8 Low |
| in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through integer overflow. This vulnerability can be exploited only in restricted scenarios. | ||||
| CVE-2022-41903 | 2 Git-scm, Redhat | 8 Git, Enterprise Linux, Rhel Aus and 5 more | 2025-03-10 | 9.8 Critical |
| Git is distributed revision control system. `git log` can display commits in an arbitrary format using its `--format` specifiers. This functionality is also exposed to `git archive` via the `export-subst` gitattribute. When processing the padding operators, there is a integer overflow in `pretty.c::format_and_pad_commit()` where a `size_t` is stored improperly as an `int`, and then added as an offset to a `memcpy()`. This overflow can be triggered directly by a user running a command which invokes the commit formatting machinery (e.g., `git log --format=...`). It may also be triggered indirectly through git archive via the export-subst mechanism, which expands format specifiers inside of files within the repository during a git archive. This integer overflow can result in arbitrary heap writes, which may result in arbitrary code execution. The problem has been patched in the versions published on 2023-01-17, going back to v2.30.7. Users are advised to upgrade. Users who are unable to upgrade should disable `git archive` in untrusted repositories. If you expose git archive via `git daemon`, disable it by running `git config --global daemon.uploadArch false`. | ||||
| CVE-2023-22458 | 2 Redhat, Redis | 2 Enterprise Linux, Redis | 2025-03-10 | 5.5 Medium |
| Redis is an in-memory database that persists on disk. Authenticated users can issue a `HRANDFIELD` or `ZRANDMEMBER` command with specially crafted arguments to trigger a denial-of-service by crashing Redis with an assertion failure. This problem affects Redis versions 6.2 or newer up to but not including 6.2.9 as well as versions 7.0 up to but not including 7.0.8. Users are advised to upgrade. There are no known workarounds for this vulnerability. | ||||