Total
12922 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-3161 | 1 Tenda | 2 Ac10, Ac10 Firmware | 2025-04-09 | 8.8 High |
| A vulnerability was found in Tenda AC10 16.03.10.13 and classified as critical. This issue affects the function ShutdownSetAdd of the file /goform/ShutdownSetAdd. The manipulation of the argument list leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2022-46449 | 1 Musicpd | 1 Music Player Daemon | 2025-04-09 | 7.5 High |
| An issue in MPD (Music Player Daemon) v0.23.10 allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||
| CVE-2025-20654 | 2 Mediatek, Openwrt | 8 Mt6890, Mt7622, Mt7915 and 5 more | 2025-04-09 | 9.8 Critical |
| In wlan service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00406897; Issue ID: MSV-2875. | ||||
| CVE-2023-0054 | 1 Vim | 1 Vim | 2025-04-09 | 7.8 High |
| Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145. | ||||
| CVE-2025-20656 | 5 Google, Linuxfoundation, Mediatek and 2 more | 20 Android, Yocto, Mt6781 and 17 more | 2025-04-09 | 6.8 Medium |
| In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09625423; Issue ID: MSV-3033. | ||||
| CVE-2025-20658 | 2 Google, Mediatek | 19 Android, Mt2718, Mt6781 and 16 more | 2025-04-09 | 6 Medium |
| In DA, there is a possible permission bypass due to a logic error. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09474894; Issue ID: MSV-2597. | ||||
| CVE-2022-4873 | 1 Netcommwireless | 6 Nf20, Nf20 Firmware, Nf20mesh and 3 more | 2025-04-09 | 9.8 Critical |
| On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack and crashes the application at a known location. | ||||
| CVE-2022-4498 | 1 Tp-link | 4 Archer C5, Archer C5 Firmware, Tl-wr710n and 1 more | 2025-04-09 | 9.8 Critical |
| In TP-Link routers, Archer C5 and WR710N-V1, running the latest available code, when receiving HTTP Basic Authentication the httpd service can be sent a crafted packet that causes a heap overflow. This can result in either a DoS (by crashing the httpd process) or an arbitrary code execution. | ||||
| CVE-2022-40517 | 1 Qualcomm | 362 Aqt1000, Aqt1000 Firmware, Ar8031 and 359 more | 2025-04-09 | 8.4 High |
| Memory corruption in core due to stack-based buffer overflow | ||||
| CVE-2022-40516 | 1 Qualcomm | 368 Aqt1000, Aqt1000 Firmware, Ar8031 and 365 more | 2025-04-09 | 8.4 High |
| Memory corruption in Core due to stack-based buffer overflow. | ||||
| CVE-2022-33300 | 1 Qualcomm | 102 Qam8295p, Qam8295p Firmware, Qca6174a and 99 more | 2025-04-09 | 8.4 High |
| Memory corruption in Automotive Android OS due to improper input validation. | ||||
| CVE-2022-33286 | 1 Qualcomm | 562 Apq8009, Apq8009 Firmware, Apq8017 and 559 more | 2025-04-09 | 7.5 High |
| Transient DOS due to buffer over-read in WLAN while processing 802.11 management frames. | ||||
| CVE-2022-33285 | 1 Qualcomm | 556 Apq8009, Apq8009 Firmware, Apq8017 and 553 more | 2025-04-09 | 7.5 High |
| Transient DOS due to buffer over-read in WLAN while parsing WLAN CSA action frames. | ||||
| CVE-2022-33284 | 1 Qualcomm | 352 Aqt1000, Aqt1000 Firmware, Ar8035 and 349 more | 2025-04-09 | 8.2 High |
| Information disclosure due to buffer over-read in WLAN while parsing BTM action frame. | ||||
| CVE-2022-33283 | 1 Qualcomm | 268 Ar8035, Ar8035 Firmware, Ar9380 and 265 more | 2025-04-09 | 8.2 High |
| Information disclosure due to buffer over-read in WLAN while WLAN frame parsing due to missing frame length check. | ||||
| CVE-2022-33265 | 1 Qualcomm | 6 Qca7500, Qca7500 Firmware, Qca7520 and 3 more | 2025-04-09 | 7.3 High |
| Memory corruption due to information exposure in Powerline Communication Firmware while sending different MMEs from a single, unassociated device. | ||||
| CVE-2022-33255 | 1 Qualcomm | 184 Apq8009, Apq8009 Firmware, Ar8031 and 181 more | 2025-04-09 | 8.2 High |
| Information disclosure due to buffer over-read in Bluetooth HOST while processing GetFolderItems and GetItemAttribute Cmds from peer device. | ||||
| CVE-2021-46791 | 1 Amd | 2 Milanpi, Milanpi Firmware | 2025-04-09 | 5.5 Medium |
| Insufficient input validation during parsing of the System Management Mode (SMM) binary may allow a maliciously crafted SMM executable binary to corrupt Dynamic Root of Trust for Measurement (DRTM) user application memory that may result in a potential denial of service. | ||||
| CVE-2021-46779 | 1 Amd | 6 Milanpi, Milanpi Firmware, Naplespi and 3 more | 2025-04-09 | 7.1 High |
| Insufficient input validation in SVC_ECC_PRIMITIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AMD Secure Processor) OS memory which may lead to potential loss of integrity and availability. | ||||
| CVE-2021-26398 | 1 Amd | 128 Epyc 7001, Epyc 7001 Firmware, Epyc 7002 and 125 more | 2025-04-09 | 7.8 High |
| Insufficient input validation in SYS_KEY_DERIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AMD Secure Processor) OS memory which may lead to potential arbitrary code execution. | ||||