Search Results (547 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-36855 1 Microsoft 1 .net 2026-04-15 8.8 High
A vulnerability ( CVE-2025-21176 https://www.cve.org/CVERecord ) exists in DiaSymReader.dll due to buffer over-read. Per CWE-126: Buffer Over-read https://cwe.mitre.org/data/definitions/126.html , Buffer Over-read is when a product reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer. This issue affects EOL ASP.NET 6.0.0 <= 6.0.36 as represented in this CVE, as well as 8.0.0 <= 8.0.11 & <= 9.0.0 as represented in CVE-2025-21176. Additionally, if you've deployed self-contained applications https://docs.microsoft.com/dotnet/core/deploying/#self-contained-deployments-scd  targeting any of the impacted versions, these applications are also vulnerable and must be recompiled and redeployed. NOTE: This CVE affects only End Of Life (EOL) software components. The vendor, Microsoft, has indicated there will be no future updates nor support provided upon inquiry.
CVE-2023-38290 2 Bluview, Sharp 2 Bluview, Rouvo V 2026-04-15 7.8 High
Certain software builds for the BLU View 2 and Sharp Rouvo V Android devices contain a vulnerable pre-installed app with a package name of com.evenwell.fqc (versionCode='9020801', versionName='9.0208.01' ; versionCode='9020913', versionName='9.0209.13' ; versionCode='9021203', versionName='9.0212.03') that allows local third-party apps to execute arbitrary shell commands in its context (system user) due to inadequate access control. No permissions or special privileges are necessary to exploit the vulnerability in the com.evenwell.fqc app. No user interaction is required beyond installing and running a third-party app. The vulnerability allows local apps to access sensitive functionality that is generally restricted to pre-installed apps, such as programmatically performing the following actions: granting arbitrary permissions (which can be used to obtain sensitive user data), installing arbitrary apps, video recording the screen, wiping the device (removing the user's apps and data), injecting arbitrary input events, calling emergency phone numbers, disabling apps, accessing notifications, and much more. The software build fingerprints for each confirmed vulnerable device are as follows: BLU View 2 (BLU/B131DL/B130DL:11/RP1A.200720.011/1672046950:user/release-keys, BLU/B131DL/B130DL:11/RP1A.200720.011/1663816427:user/release-keys, BLU/B131DL/B130DL:11/RP1A.200720.011/1656476696:user/release-keys, BLU/B131DL/B130DL:11/RP1A.200720.011/1647856638:user/release-keys) and Sharp Rouvo V (SHARP/VZW_STTM21VAPP/STTM21VAPP:12/SP1A.210812.016/1KN0_0_460:user/release-keys and SHARP/VZW_STTM21VAPP/STTM21VAPP:12/SP1A.210812.016/1KN0_0_530:user/release-keys). This malicious app starts an exported activity named com.evenwell.fqc/.activity.ClickTest, crashes the com.evenwell.fqc app by sending an empty Intent (i.e., having not extras) to the com.evenwell.fqc/.FQCBroadcastReceiver receiver component, and then it sends command arbitrary shell commands to the com.evenwell.fqc/.FQCService service component which executes them with "system" privileges.
CVE-2025-6785 1 Tesla 1 Model 3 2026-04-15 N/A
Securing externally available CAN wires can easily allow physical access to the CAN bus, allowing possible injection of specially formed CAN messages to control remote start functions of the vehicle.  Testing completed on Tesla Model 3 vehicles with software version v11.1 (2023.20.9 ee6de92ddac5). This issue affects Model 3: With software versions from 2023.Xx before 2023.44.
CVE-2022-32506 1 Nuki 4 Bridge, Bridge Firmware, Smart Lock and 1 more 2026-04-15 6.4 Medium
An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access to the circuit board could use the SWD debug features to control the execution of code on the processor and debug the firmware, as well as read or alter the content of the internal and external flash memory. This affects Nuki Smart Lock 3.0 before 3.3.5, Nuki Smart Lock 2.0 before 2.12.4, as well as Nuki Bridge v1 before 1.22.0 and v2 before 2.13.2.
CVE-2024-28326 1 Asus 1 Rt-n12\+ B1 Firmware 2026-04-15 6.8 Medium
Incorrect Access Control in ASUS RT-N12+ B1 and RT-N12 D1 routers allows local attackers to obtain root terminal access via the the UART interface.
CVE-2024-12011 2026-04-15 7.6 High
A CWE-126 “Buffer Over-read” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The information disclosure can be triggered by leveraging a memory leak affecting the web server. A remote unauthenticated attacker can exploit this vulnerability in order to leak valid authentication tokens from the process memory associated to users currently logged to the system and bypass the authentication mechanism.
CVE-2025-8762 2026-04-15 6.8 Medium
A vulnerability was found in INSTAR 2K+ and 4K 3.11.1 Build 1124. This issue affects some unknown processing of the component UART Interface. The manipulation leads to improper physical access control. It is possible to launch the attack on the physical device. The exploit has been disclosed to the public and may be used.
CVE-2024-57970 1 Redhat 1 Enterprise Linux 2026-04-15 4 Medium
libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname.
CVE-2026-4371 1 Mozilla 1 Thunderbird 2026-04-14 7.4 High
A malicious mail server could send malformed strings with negative lengths, causing the parser to read memory outside the buffer. If a mail server or connection to a mail server were compromised, an attacker could cause the parser to malfunction, potentially crashing Thunderbird or leaking sensitive data. This vulnerability was fixed in Thunderbird 149 and Thunderbird 140.9.
CVE-2026-21381 1 Qualcomm 207 Ar8035, Ar8035 Firmware, Cologne and 204 more 2026-04-13 7.6 High
Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection.
CVE-2025-47390 1 Qualcomm 59 Cologne, Cologne Firmware, Fastconnect 6700 and 56 more 2026-04-09 7.8 High
Memory corruption while preprocessing IOCTL request in JPEG driver.
CVE-2025-47400 1 Qualcomm 23 Pandeiro, Pandeiro Firmware, Snapdragon and 20 more 2026-04-09 7.1 High
Cryptographic issue while copying data to a destination buffer without validating its size.
CVE-2026-21367 1 Qualcomm 301 Ar8035, Ar8035 Firmware, Cologne and 298 more 2026-04-09 7.6 High
Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans.
CVE-2026-21371 1 Qualcomm 105 Aqt1000, Aqt1000 Firmware, Cologne and 102 more 2026-04-09 7.8 High
Memory Corruption when retrieving output buffer with insufficient size validation.
CVE-2026-21373 1 Qualcomm 109 Aqt1000, Aqt1000 Firmware, Cologne and 106 more 2026-04-09 7.8 High
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
CVE-2026-21374 1 Qualcomm 109 Aqt1000, Aqt1000 Firmware, Cologne and 106 more 2026-04-09 7.8 High
Memory Corruption when processing auxiliary sensor input/output control commands with insufficient buffer size validation.
CVE-2026-21375 1 Qualcomm 71 Cologne, Cologne Firmware, Fastconnect 6700 and 68 more 2026-04-09 7.8 High
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing.
CVE-2026-21376 1 Qualcomm 109 Aqt1000, Aqt1000 Firmware, Cologne and 106 more 2026-04-09 7.8 High
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
CVE-2026-21378 1 Qualcomm 103 Aqt1000, Aqt1000 Firmware, Cologne and 100 more 2026-04-09 7.8 High
Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver.
CVE-2025-66038 2 Opensc, Opensc Project 2 Opensc, Opensc 2026-04-03 3.9 Low
OpenSC is an open source smart card tools and middleware. Prior to version 0.27.0, sc_compacttlv_find_tag searches a compact-TLV buffer for a given tag. In compact-TLV, a single byte encodes the tag (high nibble) and value length (low nibble). With a 1-byte buffer {0x0A}, the encoded element claims tag=0 and length=10 but no value bytes follow. Calling sc_compacttlv_find_tag with search tag 0x00 returns a pointer equal to buf+1 and outlen=10 without verifying that the claimed value length fits within the remaining buffer. In cases where the sc_compacttlv_find_tag is provided untrusted data (such as being read from cards/files), attackers may be able to influence it to return out-of-bounds pointers leading to downstream memory corruption when subsequent code tries to dereference the pointer. This issue has been patched in version 0.27.0.