Total
12427 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-27194 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2025-05-05 | 7.8 High |
| Media Encoder versions 25.1, 24.6.4 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-27195 | 3 Adobe, Apple, Microsoft | 3 Media Encoder, Macos, Windows | 2025-05-05 | 7.8 High |
| Media Encoder versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-27196 | 3 Adobe, Apple, Microsoft | 3 Premiere Pro, Macos, Windows | 2025-05-05 | 7.8 High |
| Premiere Pro versions 25.1, 24.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2025-27198 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2025-05-05 | 7.8 High |
| Photoshop Desktop versions 25.12.1, 26.4.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-3409 | 1 Openbmc-project | 1 Openbmc | 2025-05-05 | 8.2 High |
| A vulnerability in bmcweb of OpenBMC Project allows user to cause denial of service. This vulnerability was identified during mitigation for CVE-2022-2809. When fuzzing the multipart_parser code using AFL++ with address sanitizer enabled to find smallest memory corruptions possible. It detected problem in how multipart_parser handles unclosed http headers. If long enough http header is passed in the multipart form without colon there is one byte overwrite on heap. It can be conducted multiple times in a loop to cause DoS. | ||||
| CVE-2024-20017 | 2 Mediatek, Openwrt | 8 Mt6890, Mt7622, Mt7915 and 5 more | 2025-05-05 | 9.8 Critical |
| In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation Patch ID: WCNCR00350938; Issue ID: MSV-1132. | ||||
| CVE-2022-35895 | 1 Insyde | 1 Insydeh2o | 2025-05-05 | 8.2 High |
| An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The FwBlockSericceSmm driver does not properly validate input parameters for a software SMI routine, leading to memory corruption of arbitrary addresses including SMRAM, and possible arbitrary code execution. | ||||
| CVE-2022-32208 | 7 Apple, Debian, Fedoraproject and 4 more | 21 Macos, Debian Linux, Fedora and 18 more | 2025-05-05 | 5.9 Medium |
| When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client. | ||||
| CVE-2022-25315 | 6 Debian, Fedoraproject, Libexpat Project and 3 more | 12 Debian Linux, Fedora, Libexpat and 9 more | 2025-05-05 | 9.8 Critical |
| In Expat (aka libexpat) before 2.4.5, there is an integer overflow in storeRawNames. | ||||
| CVE-2022-23095 | 1 Opendesign | 1 Drawings Software Development Kit | 2025-05-05 | 7.8 High |
| Open Design Alliance Drawings SDK before 2022.12.1 mishandles the loading of JPG files. Unchecked input data from a crafted JPG file leads to memory corruption. An attacker can leverage this vulnerability to execute code in the context of the current process. | ||||
| CVE-2022-21740 | 1 Google | 1 Tensorflow | 2025-05-05 | 7.6 High |
| Tensorflow is an Open Source Machine Learning Framework. The implementation of `SparseCountSparseOutput` is vulnerable to a heap overflow. The fix will be included in TensorFlow 2.8.0. We will also cherrypick this commit on TensorFlow 2.7.1, TensorFlow 2.6.3, and TensorFlow 2.5.3, as these are also affected and still in supported range. | ||||
| CVE-2022-21172 | 1 Intel | 6 Proset Wi-fi 6e Ax210, Proset Wi-fi 6e Ax210 Firmware, Wi-fi 6e Ax211 and 3 more | 2025-05-05 | 6.7 Medium |
| Out of bounds write for some Intel(R) PROSet/Wireless WiFi products may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2021-33137 | 1 Intel | 1 Kernelflinger | 2025-05-05 | 7.8 High |
| Out-of-bounds write in the Intel(R) Kernelflinger project may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2021-33124 | 1 Intel | 1346 Core I3-1000g1, Core I3-1000g1 Firmware, Core I3-1000g4 and 1343 more | 2025-05-05 | 6.7 Medium |
| Out-of-bounds write in the BIOS authenticated code module for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. | ||||
| CVE-2021-33060 | 2 Intel, Netapp | 144 Xeon Gold 5315y, Xeon Gold 5315y Firmware, Xeon Gold 5317 and 141 more | 2025-05-05 | 7.8 High |
| Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2021-0153 | 1 Intel | 106 Core I9-10900x, Core I9-10900x Firmware, Core I9-10920x and 103 more | 2025-05-05 | 7.8 High |
| Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access. | ||||
| CVE-2021-0116 | 2 Intel, Netapp | 1360 Atom C3308, Atom C3308 Firmware, Atom C3336 and 1357 more | 2025-05-05 | 7.8 High |
| Out-of-bounds write in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable an escalation of privilege via local access. | ||||
| CVE-2020-9676 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2025-05-05 | 7.8 High |
| Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2020-9674 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2025-05-05 | 7.8 High |
| Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | ||||
| CVE-2020-9569 | 2 Adobe, Microsoft | 2 Bridge, Windows | 2025-05-05 | 7.8 High |
| Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | ||||