Total
85 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-23764 | 2026-01-26 | N/A | N/A | ||
| VB-Audio Voicemeeter, Voicemeeter Banana, and Voicemeeter Potato (versions ending in 1.1.1.9, 2.1.1.9, and 3.1.1.9 and earlier, respectively), as well as VB-Audio Matrix and Matrix Coconut (versions ending in 1.0.2.2 and 2.0.2.2 and earlier, respectively), contain a vulnerability in their virtual audio drivers (vbvoicemeetervaio64*.sys, vbmatrixvaio64*.sys, vbaudio_vmauxvaio*.sys, vbaudio_vmvaio*.sys, and vbaudio_vmvaio3*.sys). The drivers allocate non-paged pool and map it into user space, where a length value associated with the allocation is exposed and can be modified by an unprivileged local attacker. On subsequent IOCTL handling, the corrupted length is used directly as the IoAllocateMdl length argument without adequate integrity checks before building and mapping the MDL, which can cause a kernel crash (BSoD), typically PAGE_FAULT_IN_NONPAGED_AREA. This flaw allows a local user to trigger a denial-of-service on affected Windows systems. | |||||
| CVE-2026-21487 | 1 Color | 1 Iccdev | 2026-01-12 | N/A | 6.1 MEDIUM |
| iccDEV provides a set of libraries and tools for working with ICC color management profiles. Versions 2.3.1.1 and below have an Out-of-bounds Read, Use of Out-of-range Pointer Offset and have Improper Input Validation in its CIccProfile::LoadTag function. This issue is fixed in version 2.3.1.2. | |||||
| CVE-2017-20211 | 2025-11-14 | N/A | N/A | ||
| UCanCode E-XD++ Visualization Enterprise Suite contains an untrusted pointer dereference vulnerability via the TKDRAWCAD.TKDrawCADCtrl.1 ActiveX control. This is because it exposes a RotateShape method that dereferences a user-supplied pointer without sufficient validation. A crafted input may cause the control to dereference an attacker-controlled pointer, enabling remote code execution in the context of the hosting process. The vulnerability requires user interaction (instantiation of the ActiveX control via a web page or a file). | |||||
| CVE-2025-47349 | 1 Qualcomm | 36 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 33 more | 2025-11-05 | N/A | 7.8 HIGH |
| Memory corruption while processing an escape call. | |||||
| CVE-2025-11232 | 2025-11-04 | N/A | 7.5 HIGH | ||
| To trigger the issue, three configuration parameters must have specific settings: "hostname-char-set" must be left at the default setting, which is "[^A-Za-z0-9.-]"; "hostname-char-replacement" must be empty (the default); and "ddns-qualifying-suffix" must *NOT* be empty (the default is empty). DDNS updates do not need to be enabled for this issue to manifest. A client that sends certain option content would then cause kea-dhcp4 to exit unexpectedly. This issue affects Kea versions 3.0.1 through 3.0.1 and 3.1.1 through 3.1.2. | |||||
| CVE-2022-46378 | 1 Weston-embedded | 1 Uc-ftps | 2025-11-04 | N/A | 6.5 MEDIUM |
| An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of Weston Embedded uC-FTPs v 1.98.00. A specially-crafted set of network packets can lead to denial of service. An attacker can send packets to trigger this vulnerability.This vulnerability occurs when no port argument is provided to the `PORT` command. | |||||
| CVE-2022-46377 | 1 Weston-embedded | 1 Uc-ftps | 2025-11-04 | N/A | 6.5 MEDIUM |
| An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of Weston Embedded uC-FTPs v 1.98.00. A specially-crafted set of network packets can lead to denial of service. An attacker can send packets to trigger this vulnerability.This vulnerability occurs when no IP address argument is provided to the `PORT` command. | |||||
| CVE-2024-42416 | 1 Freebsd | 1 Freebsd | 2025-11-04 | N/A | 8.8 HIGH |
| The ctl_report_supported_opcodes function did not sufficiently validate a field provided by userspace, allowing an arbitrary write to a limited amount of kernel help memory. Malicious software running in a guest VM that exposes virtio_scsi can exploit the vulnerabilities to achieve code execution on the host in the bhyve userspace process, which typically runs as root. Note that bhyve runs in a Capsicum sandbox, so malicious code is constrained by the capabilities available to the bhyve process. A malicious iSCSI initiator could achieve remote code execution on the iSCSI target host. | |||||
| CVE-2023-33106 | 1 Qualcomm | 306 Ar8035, Ar8035 Firmware, Csra6620 and 303 more | 2025-10-28 | N/A | 8.4 HIGH |
| Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. | |||||
| CVE-2025-27059 | 1 Qualcomm | 50 Immersive Home 214 Platform, Immersive Home 214 Platform Firmware, Immersive Home 216 Platform and 47 more | 2025-10-21 | N/A | 8.8 HIGH |
| Memory corruption while performing SCM call. | |||||
| CVE-2024-53017 | 1 Qualcomm | 8 Sdm429w, Sdm429w Firmware, Snapdragon 429 Mobile Platform and 5 more | 2025-08-20 | N/A | 6.6 MEDIUM |
| Memory corruption while handling test pattern generator IOCTL command. | |||||
| CVE-2024-45557 | 1 Qualcomm | 122 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 119 more | 2025-08-19 | N/A | 7.8 HIGH |
| Memory corruption can occur when TME processes addresses from TZ and MPSS requests without proper validation. | |||||
| CVE-2021-34595 | 2 Codesys, Wago | 57 Codesys, Plcwinnt, Runtime Toolkit and 54 more | 2025-08-15 | 5.5 MEDIUM | 8.1 HIGH |
| A crafted request with invalid offsets may cause an out-of-bounds read or write access in CODESYS V2 Runtime Toolkit 32 Bit full and PLCWinNT prior to versions V2.4.7.56, resulting in a denial-of-service condition or local memory overwrite. | |||||
| CVE-2023-24855 | 1 Qualcomm | 126 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 123 more | 2025-08-11 | N/A | 9.8 CRITICAL |
| Memory corruption in Modem while processing security related configuration before AS Security Exchange. | |||||
| CVE-2023-22388 | 1 Qualcomm | 458 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 455 more | 2025-08-11 | N/A | 9.8 CRITICAL |
| Memory Corruption in Multi-mode Call Processor while processing bit mask API. | |||||
| CVE-2023-33067 | 1 Qualcomm | 226 9206 Lte Modem, 9206 Lte Modem Firmware, Aqt1000 and 223 more | 2025-08-11 | N/A | 6.7 MEDIUM |
| Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. | |||||
| CVE-2024-33041 | 1 Qualcomm | 70 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 67 more | 2025-08-11 | N/A | 6.7 MEDIUM |
| Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls, | |||||
| CVE-2023-43513 | 1 Qualcomm | 534 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 531 more | 2025-08-11 | N/A | 7.8 HIGH |
| Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. | |||||
| CVE-2023-22387 | 1 Qualcomm | 542 205, 205 Firmware, 215 and 539 more | 2025-08-11 | N/A | 7.8 HIGH |
| Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. | |||||
| CVE-2023-43534 | 1 Qualcomm | 132 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 129 more | 2025-08-11 | N/A | 8.6 HIGH |
| Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point. | |||||