Export limit exceeded: 23152 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (23152 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-0076 | 1 Google | 1 Android | 2026-06-02 | 7.8 High |
| In validateNode of ResourceTypes.cpp, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-59609 | 1 Qualcomm | 375 5g Fixed Wireless Access Platform, 5g Fixed Wireless Access Platform Firmware, Ar8035 and 372 more | 2026-06-02 | 5.5 Medium |
| Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length. | ||||
| CVE-2026-41213 | 1 Node-oauth | 2 Node-oauth2-server, Node-oauth\/oauth2-server | 2026-06-02 | 5.9 Medium |
| @node-oauth/oauth2-server is a module for implementing an OAuth2 server in Node.js. The token exchange path accepts RFC7636-invalid code_verifier values (including one-character strings) for S256 PKCE flows. Because short/weak verifiers are accepted and failed verifier attempts do not consume the authorization code, an attacker who intercepts an authorization code can brute-force code_verifier guesses online until token issuance succeeds. | ||||
| CVE-2026-29013 | 1 Libcoap | 1 Libcoap | 2026-06-02 | 9.8 Critical |
| libcoap contains out-of-bounds read vulnerabilities in OSCORE Appendix B.2 CBOR unwrap handling where get_byte_inc() in src/oscore/oscore_cbor.c relies solely on assert() for bounds checking, which is removed in release builds compiled with NDEBUG. Attackers can send crafted CoAP requests with malformed OSCORE options or responses during OSCORE negotiation to trigger out-of-bounds reads during CBOR parsing and potentially cause out-of-bounds reads through integer wraparound in allocation size computation. | ||||
| CVE-2026-10292 | 1 Utt | 1 Hiper 1200gw | 2026-06-02 | 8.8 High |
| A vulnerability was detected in UTT HiPER 1200GW up to 2.5.3-170306. This affects the function strcpy of the file /goform/formTaskEdit. The manipulation results in stack-based buffer overflow. The attack may be launched remotely. The exploit is now public and may be used. | ||||
| CVE-2026-7254 | 1 Ibm | 1 Openbmc | 2026-06-02 | 5.3 Medium |
| IBM OPENBMC FW1110.00 through FW1110.11 is vulnerable to denial of service attacks by unauthenticated network users. | ||||
| CVE-2025-59612 | 1 Qualcomm | 63 Cologne, Cologne Firmware, Fastconnect 6700 and 60 more | 2026-06-02 | 6.7 Medium |
| Memory corruption in windows drivers while sending incorrect trusted application request | ||||
| CVE-2025-59613 | 1 Qualcomm | 89 Cologne, Cologne Firmware, Fastconnect 6700 and 86 more | 2026-06-02 | 6.7 Medium |
| Memory Corruption when output buffer size is smaller than input buffer size during data copying operation. | ||||
| CVE-2026-24085 | 1 Qualcomm | 547 5g Fixed Wireless Access Platform, 5g Fixed Wireless Access Platform Firmware, Apq8098 and 544 more | 2026-06-02 | 7.2 High |
| Memory Corruption when processing display command line information due to improper initialization of a variable. | ||||
| CVE-2026-24087 | 1 Qualcomm | 431 Ar8031, Ar8031 Firmware, Ar8035 and 428 more | 2026-06-02 | 7.2 High |
| Memory corruption while processing fastboot OEM commands. | ||||
| CVE-2026-24089 | 1 Qualcomm | 439 Ar8031, Ar8031 Firmware, Ar8035 and 436 more | 2026-06-02 | 7.2 High |
| Memory corruption while processing fastboot commands with invalid input. | ||||
| CVE-2026-24091 | 1 Qualcomm | 547 5g Fixed Wireless Access Platform, 5g Fixed Wireless Access Platform Firmware, Apq8098 and 544 more | 2026-06-02 | 7.2 High |
| Memory corruption while processing fastboot commands with improperly formatted input. | ||||
| CVE-2026-24092 | 1 Qualcomm | 437 Ar8031, Ar8031 Firmware, Ar8035 and 434 more | 2026-06-02 | 7.2 High |
| Memory Corruption when processing fastboot commands to set display mode. | ||||
| CVE-2026-25258 | 1 Qualcomm | 43 Cologne, Cologne Firmware, Fastconnect 6900 and 40 more | 2026-06-02 | 7.8 High |
| Memory corruption while processing IOCTL calls for escape operations. | ||||
| CVE-2026-25276 | 1 Qualcomm | 115 Cq8750m, Cq8750m Firmware, Fastconnect 6700 and 112 more | 2026-06-02 | 8.8 High |
| Memory corruption while using Strongbox due to missing bounds check. | ||||
| CVE-2026-25277 | 1 Qualcomm | 115 Cq8750m, Cq8750m Firmware, Fastconnect 6700 and 112 more | 2026-06-02 | 8.8 High |
| Memory corruption while using Strongbox due to buffer overflow. | ||||
| CVE-2026-10188 | 1 Tenda | 2 W12, W12 Firmware | 2026-06-02 | 8.8 High |
| A flaw has been found in Tenda W12 3.0.0.7(4763). This affects the function cgistaKickOff of the file /bin/httpd. Executing a manipulation of the argument staMac can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used. | ||||
| CVE-2026-10187 | 1 Totolink | 2 N300rh, N300rh Firmware | 2026-06-02 | 9.8 Critical |
| A vulnerability was detected in Totolink N300RH 6.1c.1353_B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used. | ||||
| CVE-2026-10181 | 1 Trendnet | 1 Tew-432brp | 2026-06-02 | 8.8 High |
| A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. The affected element is the function formSysCmd of the file /goform/formSysCmd. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made public and could be used. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities." This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2022-37398 | 1 Asustor | 1 Adm | 2026-06-02 | 7.1 High |
| A stack-based buffer overflow vulnerability was found inside ADM when using WebDAV due to the lack of data size validation. An attacker can exploit this vulnerability to run arbitrary code. Affected ADM versions include: 3.5.9.RUE3 and below, 4.0.5.RVI1 and below as well as 4.1.0.RJD1 and below. | ||||