Search

Search Results (363962 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-1659 1 Autodesk 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more 2026-02-26 7.8 High
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Read vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
CVE-2025-20671 2 Google, Mediatek 11 Android, Mt2718, Mt6878 and 8 more 2026-02-26 6.4 Medium
In thermal, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09698599; Issue ID: MSV-3228.
CVE-2025-20668 2 Google, Mediatek 8 Android, Mt6878, Mt6897 and 5 more 2026-02-26 6.7 Medium
In scp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS09625562; Issue ID: MSV-3027.
CVE-2025-1660 1 Autodesk 4 Navisworks, Navisworks Freedom, Navisworks Manage and 1 more 2026-02-26 7.8 High
A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.
CVE-2025-2509 1 Google 1 Chrome Os 2026-02-26 7.8 High
Out-of-Bounds Read in Virglrenderer in ChromeOS 16093.57.0 allows a malicious guest VM to achieve arbitrary address access within the crosvm sandboxed process, potentially leading to VM escape via crafted vertex elements data triggering an out-of-bounds read in util_format_description.
CVE-2024-45554 1 Qualcomm 42 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 39 more 2026-02-26 7.8 High
Memory corruption during concurrent SSR execution due to race condition on the global maps list.
CVE-2025-3066 1 Google 1 Chrome 2026-02-26 8.8 High
Use after free in Site Isolation in Google Chrome prior to 135.0.7049.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVE-2024-45564 1 Qualcomm 126 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 123 more 2026-02-26 7.8 High
Memory corruption during concurrent access to server info object due to incorrect reference count update.
CVE-2025-3067 1 Google 2 Android, Chrome 2026-02-26 8.8 High
Inappropriate implementation in Custom Tabs in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform privilege escalation via a crafted app. (Chromium security severity: Medium)
CVE-2024-45565 1 Qualcomm 8 Sdm429w, Sdm429w Firmware, Snapdragon 429 Mobile and 5 more 2026-02-26 7.8 High
Memory corruption when blob structure is modified by user-space after kernel verification.
CVE-2025-3068 1 Google 1 Chrome 2026-02-26 8.8 High
Inappropriate implementation in Intents in Google Chrome on Android prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)
CVE-2024-45566 1 Qualcomm 46 Fastconnect 6800, Fastconnect 6800 Firmware, Fastconnect 6900 and 43 more 2026-02-26 7.8 High
Memory corruption during concurrent buffer access due to modification of the reference count.
CVE-2025-3069 1 Google 1 Chrome 2026-02-26 8.8 High
Inappropriate implementation in Extensions in Google Chrome prior to 135.0.7049.52 allowed a remote attacker to perform privilege escalation via a crafted HTML page. (Chromium security severity: Medium)
CVE-2024-45567 1 Qualcomm 28 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 25 more 2026-02-26 7.8 High
Memory corruption while encoding JPEG format.
CVE-2024-25051 3 Ibm, Linux, Microsoft 3 Jazz Reporting Service, Linux Kernel, Windows 2026-02-26 6.6 Medium
IBM Jazz Reporting Service 7.0.2 and 7.0.3 does not invalidate session after logout which could allow an authenticated privileged user to impersonate another user on the system.
CVE-2024-45568 1 Qualcomm 26 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 23 more 2026-02-26 6.7 Medium
Memory corruption due to improper bounds check while command handling in camera-kernel driver.
CVE-2024-45574 1 Qualcomm 8 Sdm429w, Sdm429w Firmware, Snapdragon 429 Mobile and 5 more 2026-02-26 7.8 High
Memory corruption during array access in Camera kernel due to invalid index from invalid command data.
CVE-2025-31722 1 Jenkins 1 Templating Engine 2026-02-26 8.8 High
In Jenkins Templating Engine Plugin 2.5.3 and earlier, libraries defined in folders are not subject to sandbox protection, allowing attackers with Item/Configure permission to execute arbitrary code in the context of the Jenkins controller JVM.
CVE-2024-45575 1 Qualcomm 28 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 25 more 2026-02-26 7.8 High
Memory corruption Camera kernel when large number of devices are attached through userspace.
CVE-2024-45576 1 Qualcomm 38 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 35 more 2026-02-26 7.8 High
Memory corruption while prociesing command buffer buffer in OPE module.