CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

BDU FSTEC•added 2025/04/14 12:0 a.m.•1 views

Vulnerability of the iwl_mvm_mld_rm_sta() function in the drivers/net/wireless/intel/iwlwifi/mvm/mld-sta.c module – The Linux kernel wireless adapter driver allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the iwlmvmmldrmsta function in the drivers/net/wireless/intel/iwlwifi/mvm/mld-sta.c file is related to unvalidated array indexing. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

7.8CVSS7AI score0.00016EPSS

Exploits0References19Affected Software6

BDU FSTEC•added 2025/04/14 12:0 a.m.•2 views

The vulnerability of the snd_soc_put_volsw_sx() function in the sound/soc/soc-ops.c module of the Linux operating system’s audio support for SoC cores allows a hacker to cause a service failure.

The vulnerability of the sndsocputvolswsx function in the sound/soc/soc-ops.c module, which is part of the Linux operating system’s audio support for SoC cores, involves unvalidated array indexing. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.5AI score0.00012EPSS

Exploits0References22Affected Software3

BDU FSTEC•added 2025/04/14 12:0 a.m.•1 views

Vulnerability in the definition of the structure vba_vars_st{} in the drivers/gpu/drm/amd/display/dc/dml/display_mode_vba.h file – a driver for supporting Direct Rendering Infrastructure (DRI) in AMD graphics cards for Linux operating systems. This vulnerability allows attackers to cause system failures.

The vulnerability in the definition of the structure vbavarsst in the drivers/gpu/drm/amd/display/dc/dml/displaymodevba.h module exists. This vulnerability is related to unvalidated array indexing in the driver that supports Direct Rendering Infrastructure DRI for AMD graphics cards in Linux-base...

5.5CVSS5.5AI score0.00008EPSS

Exploits0References9Affected Software3

Microsoft CVE•added 2025/04/09 7:0 a.m.•4 views

arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array

...

7.8CVSS7.3AI score0.00015EPSS

SUSE CVE•added 2025/04/09 1:37 a.m.•1 views

SUSE CVE-2025-3406

A vulnerability was found in Nothings stb up to f056911. It has been classified as problematic. Affected is the function stbhwbuildtilesetfromimage of the component Header Array Handler. The manipulation of the argument w leads to out-of-bounds read. It is possible to launch the attack remotely...

6.5CVSS4.2AI score0.00247EPSS

NVD•added 2025/04/08 4:15 a.m.•9 views

CVE-2025-3406

6.5CVSS0.00247EPSS

OSV•added 2025/04/08 4:15 a.m.•4 views

DEBIAN-CVE-2025-3406

6.5CVSS4.1AI score0.00247EPSS

OSV•added 2025/04/08 4:15 a.m.•7 views

CVE-2025-3406

6.5CVSS6.7AI score

OSV•added 2025/04/08 4:15 a.m.•1 views

UBUNTU-CVE-2025-3406

6.5CVSS4.9AI score0.00247EPSS

Vulnrichment•added 2025/04/08 3:31 a.m.•9 views

CVE-2025-3406 Nothings stb Header Array stbhw_build_tileset_from_image out-of-bounds

5.3CVSS7.1AI score0.00247EPSS

Debian CVE•added 2025/04/08 3:31 a.m.•6 views

CVE-2025-3406

6.5CVSS4.1AI score0.00247EPSS

CVE•added 2025/04/08 3:31 a.m.•66 views

CVE-2025-3406

CVE-2025-3406 affects the Nothings stb library (up to f056911) with the vulnerable function stbhw_build_tileset_from_image in the Header Array Handler . The issue arises from manipulating the argument w , causing an out-of-bounds read. It is stated that the attack can be launched remotely. The re...

6.5CVSS7.1AI score0.00247EPSS

Exploits0References3Affected Software1

Vulnrichment•added 2025/04/07 10:16 a.m.•9 views

CVE-2025-21447 Improper Validation of Array Index in Computer Vision

Memory corruption may occur while processing device IO control call for session control...

7.8CVSS7.5AI score0.00126EPSS

Cvelist•added 2025/04/07 10:16 a.m.•8 views

CVE-2025-21447 Improper Validation of Array Index in Computer Vision

Memory corruption may occur while processing device IO control call for session control...

7.8CVSS0.00126EPSS

CVE•added 2025/04/07 10:16 a.m.•53 views

CVE-2025-21447

CVE-2025-21447 affects Qualcomm Snapdragon chipsets. The issue is memory corruption occurring when processing a device IOCTL call for session control, caused by an underlying vulnerability in the IOCTL handling path. The provided sources (NVD/Red Hat/CVE record and related feeds) confirm the memo...

7.8CVSS7.3AI score0.00126EPSS

Exploits0References1Affected Software1

CVE•added 2025/04/07 10:15 a.m.•51 views

CVE-2025-21423

CVE-2025-21423 affects Qualcomm chipsets; memory corruption occurs when handling client calls to EnableTestMode through an Escape call. The CVSS-3.1 metrics indicate a LOCAL attack vector, LOW privileges required, no user interaction, with HIGH confidentiality, integrity, and availability impact....

7.8CVSS7.2AI score0.0016EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/04/07 10:15 a.m.•6 views

CVE-2025-21423 Improper Validation of Array Index in Display

Memory corruption occurs when handling client calls to EnableTestMode through an Escape call...

7.8CVSS0.0016EPSS

Positive Technologies•added 2025/04/07 12:0 a.m.•3 views

PT-2025-18433

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.14.0-rc2-syzkaller Description The issue is related to the Linux kernel's net sched module, specifically the sch sfq component. It is not sufficient to directly validate the limit on the data that the user...

7.8CVSS5.4AI score0.00011EPSS

Vulnrichment•added 2025/04/02 10:18 p.m.•5 views

CVE-2025-3154 Out-of-bounds array write due to invalid VerticesPerRow in Xpdf 4.05

Out-of-bounds array write in Xpdf 4.05 and earlier, triggered by an invalid VerticesPerRow value in a PDF shading dictionary...

2.1CVSS7.2AI score0.00092EPSS