Export limit exceeded: 328778 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (328778 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-41943 | 1 Logrhythm | 1 Logrhythm | 2025-04-22 | 6.1 Medium |
| Logrhythm Web Console 7.4.9 allows for HTML tag injection through Contextualize Action -> Create a new Contextualize Action -> Inject your HTML tag in the name field. | ||||
| CVE-2025-30306 | 1 Adobe | 1 Xmp Toolkit Software Development Kit | 2025-04-22 | 5.5 Medium |
| XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-46742 | 1 Paddlepaddle | 1 Paddlepaddle | 2025-04-22 | 10 Critical |
| Code injection in paddle.audio.functional.get_window in PaddlePaddle 2.4.0-rc0 allows arbitrary code execution. | ||||
| CVE-2025-30307 | 1 Adobe | 1 Xmp Toolkit Software Development Kit | 2025-04-22 | 5.5 Medium |
| XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-30308 | 1 Adobe | 1 Xmp Toolkit Software Development Kit | 2025-04-22 | 5.5 Medium |
| XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-30309 | 1 Adobe | 1 Xmp Toolkit Software Development Kit | 2025-04-22 | 5.5 Medium |
| XMP Toolkit versions 2023.12 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-46741 | 1 Paddlepaddle | 1 Paddlepaddle | 2025-04-22 | 7.1 High |
| Out-of-bounds read in gather_tree in PaddlePaddle before 2.4. | ||||
| CVE-2024-20031 | 2 Google, Mediatek | 20 Android, Mt6739, Mt6757 and 17 more | 2025-04-22 | 6.7 Medium |
| In da, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541742. | ||||
| CVE-2024-20028 | 2 Google, Mediatek | 20 Android, Mt6739, Mt6757 and 17 more | 2025-04-22 | 6.6 Medium |
| In da, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541687. | ||||
| CVE-2024-20027 | 2 Google, Mediatek | 20 Android, Mt6739, Mt6757 and 17 more | 2025-04-22 | 7.9 High |
| In da, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541633. | ||||
| CVE-2024-20026 | 2 Google, Mediatek | 20 Android, Mt6739, Mt6757 and 17 more | 2025-04-22 | 4.2 Medium |
| In da, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541632; Issue ID: ALPS08541632. | ||||
| CVE-2024-20025 | 2 Google, Mediatek | 42 Android, Mt6739, Mt6757 and 39 more | 2025-04-22 | 6.7 Medium |
| In da, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541686; Issue ID: ALPS08541686. | ||||
| CVE-2024-20024 | 2 Google, Mediatek | 18 Android, Mt6781, Mt6789 and 15 more | 2025-04-22 | 6.0 Medium |
| In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541635; Issue ID: ALPS08541635. | ||||
| CVE-2024-20023 | 5 Google, Linuxfoundation, Mediatek and 2 more | 27 Android, Yocto, Mt2713 and 24 more | 2025-04-22 | 6.7 Medium |
| In flashc, there is a possible out of bounds write due to lack of valudation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08541638; Issue ID: ALPS08541638. | ||||
| CVE-2024-20018 | 1 Mediatek | 2 Mt7615, Software Development Kit | 2025-04-22 | 9.8 Critical |
| In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00348479; Issue ID: MSV-1019. | ||||
| CVE-2024-20005 | 2 Google, Mediatek | 38 Android, Mt6761, Mt6762 and 35 more | 2025-04-22 | 8.2 High |
| In da, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08355599; Issue ID: ALPS08355599. | ||||
| CVE-2022-33187 | 1 Broadcom | 1 Brocade Sannav | 2025-04-22 | 5.5 Medium |
| Brocade SANnav before v2.2.1 logs usernames and encoded passwords in debug-enabled logs. The vulnerability could allow an attacker with admin privilege to read sensitive information. | ||||
| CVE-2024-48356 | 1 Lylme | 1 Lylme Spage | 2025-04-22 | 9.8 Critical |
| LyLme Spage <=1.6.0 is vulnerable to SQL Injection via /admin/group.php. | ||||
| CVE-2024-20038 | 2 Google, Mediatek | 31 Android, Mt6739, Mt6761 and 28 more | 2025-04-22 | 3.4 Low |
| In pq, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08495932; Issue ID: ALPS08495932. | ||||
| CVE-2024-20037 | 2 Google, Mediatek | 31 Android, Mt6739, Mt6761 and 28 more | 2025-04-22 | 6.7 Medium |
| In pq, there is a possible write-what-where condition due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08495937; Issue ID: ALPS08495937. | ||||