2469 matches found
CVE-2025-20688
The CVE-2025-20688 issue affects the wlan AP driver and is caused by an incorrect bounds check that enables an out-of-bounds read, leading to local information disclosure with User execution privileges needed (no user interaction required). The CVE records indicate a patch is available: WCNCR0041...
CVE-2025-20687
In Bluetooth driver, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00418045; Issue ID: MSV-3481...
CVE-2025-20687
CVE-2025-20687 affects the Bluetooth driver (MediaTek chipset family in various advisories). The vulnerability is an out-of-bounds read caused by an incorrect bounds check, enabling local denial of service with the attacker gaining user privileges; exploitation does not require user interaction. ...
CVE-2025-20686
CVE-2025-20686 affects the WLAN Access Point driver. The issue is an out-of-bounds write caused by an incorrect bounds check, enabling remote code execution with no privileges and no user interaction. A patch is available: WCNCR00415570 (MSV-3404). This is the key remediation, with CVSSv3.1 metri...
CVE-2025-20686
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00415570; Issue ID: MSV-3404...
CVE-2025-20686
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00415570; Issue ID: MSV-3404...
CVE-2025-20685
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416226; Issue ID: MSV-3409...
CVE-2025-20684
CVE-2025-20684 affects the WLAN Access Point (AP) driver. The root cause is an out-of-bounds write caused by an incorrect bounds check, enabling local escalation of privilege with User execution privileges required and no user interaction needed. The vulnerability has a high impact (confidentiali...
CVE-2025-20684
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416939; Issue ID: MSV-3422...
CVE-2025-20683
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00416938; Issue ID: MSV-3444...
CVE-2025-20681
CVE-2025-20681 affects the WLAN AP driver (MediaTek-anchored) with an out-of-bounds write caused by an incorrect bounds check. This enables local escalation of privilege with no user interaction required; attacker gains User-level execution. The issue is tied to patch WCNCR00416936 (MSV-3446). Mu...
CVE-2025-20680
CVE-2025-20680 affects the Bluetooth driver, with an out-of-bounds write caused by an incorrect bounds check. The vulnerability can lead to local escalation of privilege with User execution privileges required and no user interaction needed. Patch ID: WCNCR00418044; Issue ID: MSV-3482. Vulnerabil...
OESA-2025-1645 nodejs-brace-expansion security update
Brace expansion as known from sh/bash Security Fixes: A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular...
SUSE CVE-2025-5889
A vulnerability was found in juliangruber brace-expansion up to 1.1.11/2.0.1/3.0.0/4.0.0. It has been rated as problematic. Affected by this issue is the function expand of the file index.js. The manipulation leads to inefficient regular expression complexity. The attack may be launched remotely...
CVE-2025-20673
In wlan STA driver, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00413200; Issue ID: MSV-3304...
CVE-2025-20675
In wlan STA driver, there is a possible system crash due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00413201; Issue ID: MSV-3302...
CVE-2025-20678
In ims service, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2025-20674
In wlan AP driver, there is a possible way to inject arbitrary packet due to a missing permission check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00413202; Issue ID: MSV-3303...
CVE-2025-20672
In Bluetooth driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00412257; Issue ID: MSV-3292...
CVE-2025-20674
In wlan AP driver, there is a possible way to inject arbitrary packet due to a missing permission check. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00413202; Issue ID: MSV-3303...