CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2469 matches found

CVE•added 2025/03/03 2:25 a.m.•61 views

CVE-2025-20649

In Bluetooth Stack SW, a missing permission check enables information disclosure from adjacent/remote sources without requiring user interaction. Exposed component, root cause and impact are described in CVE-2025-20649 with a patch: WCNCR00396437 (Issue MSV-2184). The CVSS data indicates an adjac...

6.5CVSS6.7AI score0.00234EPSS

Exploits0References1Affected Software2

Vulnrichment•added 2025/03/03 2:25 a.m.•11 views

CVE-2025-20648

In apu, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09456673; Issue ID: MSV-2584...

5.8AI score0.00077EPSS

Exploits0References1

Vulnrichment•added 2025/03/03 2:25 a.m.•8 views

CVE-2025-20647

In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch I...

7.5AI score0.00339EPSS

Exploits0References1

CVE•added 2025/03/03 2:25 a.m.•57 views

CVE-2025-20647

The CVE-2025-20647 entry concerns MediaTek Modem. The documented vulnerability is a missing bounds check that can trigger a system crash, enabling remote denial of service for a UE connected to a rogue base station, with no user interaction required. Affected component is the Modem (MediaTek) and...

6.5CVSS7.3AI score0.00339EPSS

Exploits0References1Affected Software4

Vulnrichment•added 2025/03/03 2:25 a.m.•8 views

CVE-2025-20644

In Modem, there is a possible memory corruption due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation...

6.9AI score0.00383EPSS

Exploits0References1

Cvelist•added 2025/03/03 2:25 a.m.•14 views

CVE-2025-20644

0.00383EPSS

Exploits0References1

CVE•added 2025/03/03 2:25 a.m.•118 views

CVE-2025-20644

CVE-2025-20644 affects MediaTek Modem; memory corruption due to improper error handling could enable remote denial of service when a UE connects to a rogue base station. No user interaction required; exploitation vector is remote over the air with adjacent access. A patch is available: MOLY015256...

6.5CVSS6.9AI score0.00383EPSS

Exploits0References1Affected Software2

OSV•added 2025/02/21 1:37 p.m.•2 views

OESA-2025-1180 elfutils security update

Elfutils is a collection of utilities, including stack to show backtraces, nm for listing symbols from object files, size for listing the section sizes of an object or archive file, strip for discarding symbols, readelf to see the raw ELF file structures, elflint to check for well-formed ELF file...

7.8CVSS6.3AI score0.00614EPSS

Exploits4References5

OSV•added 2025/02/17 6:15 a.m.•0 views

UBUNTU-CVE-2025-1378

A vulnerability, which was classified as problematic, was found in radare2 5.9.9 33286. Affected is an unknown function in the library /libr/main/rasm2.c of the component rasm2. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to...

4.8CVSS4.7AI score0.00292EPSS

Exploits1References2

OSV•added 2025/02/17 5:15 a.m.•4 views

AZL-56980 CVE-2025-1377 affecting package elfutils for versions less than 0.189-4

A vulnerability, which was classified as problematic, has been found in GNU elfutils 0.192. This issue affects the function gelfgetsymshndx of the file strip.c of the component eu-strip. The manipulation leads to denial of service. The attack needs to be approached locally. The exploit has been...

3.3CVSS5.2AI score0.00305EPSS

Exploits1References1

OSV•added 2025/02/17 3:15 a.m.•6 views

AZL-56977 CVE-2025-1372 affecting package elfutils for versions less than 0.189-4

A vulnerability was found in GNU elfutils 0.192. It has been declared as critical. Affected by this vulnerability is the function dumpdatasection/printstringsection of the file readelf.c of the component eu-readelf. The manipulation of the argument z/x leads to buffer overflow. An attack has to b...

5.3CVSS5.5AI score0.00327EPSS

Exploits1References1

OSV•added 2025/02/12 7:15 p.m.•4 views

AZL-56708 CVE-2025-1215 affecting package vim for versions less than 9.1.0791-4

A vulnerability classified as problematic was found in vim up to 9.1.1096. This vulnerability affects unknown code of the file src/main.c. The manipulation of the argument --log leads to memory corruption. It is possible to launch the attack on the local host. Upgrading to version 9.1.1097 is abl...

7.8CVSS5.4AI score0.00496EPSS

Exploits1References1

OSV•added 2025/02/11 8:15 a.m.•1 views

DEBIAN-CVE-2025-1181

A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function bfdelfgcmarkrsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather...

2.3CVSS4.4AI score0.00657EPSS

Exploits1References1

RedhatCVE•added 2025/02/08 4:41 a.m.•15 views

CVE-2025-20633

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote proximal/adjacent code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00400889; Issue ID: MSV-2491...

8.8CVSS7.5AI score0.00333EPSS

Exploits0References1

RedhatCVE•added 2025/02/08 4:40 a.m.•13 views

CVE-2025-20640

In DA, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291146; Issu...

6.2CVSS6.1AI score0.00099EPSS

Exploits0References1

RedhatCVE•added 2025/02/08 4:40 a.m.•6 views

CVE-2025-20639

In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291146;...

6.6CVSS6.8AI score0.00102EPSS

Exploits0References1

RedhatCVE•added 2025/02/08 4:40 a.m.•13 views

CVE-2025-20631

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00397141; Issue ID: MSV-2187...

7.8CVSS7.1AI score0.00181EPSS

Exploits0References1

RedhatCVE•added 2025/02/08 4:40 a.m.•16 views

CVE-2025-20635

In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09403752;...

6.6CVSS6.8AI score0.00102EPSS

Exploits0References1

RedhatCVE•added 2025/02/08 4:40 a.m.•9 views

CVE-2025-20632

7.8CVSS7.1AI score0.0018EPSS

Exploits0References1

RedhatCVE•added 2025/02/08 4:40 a.m.•12 views

CVE-2025-20638

In DA, there is a possible read of uninitialized heap data due to uninitialized data. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID:...

4.6CVSS6.1AI score0.00099EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by