Search

Search Results (363504 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-21072 1 Samsung 2 Android, Mobile Devices 2026-02-26 5.7 Medium
Out-of-bounds write in decoding metadata in fingerprint trustlet prior to SMR Dec-2025 Release 1 allows local privileged attackers to write out-of-bounds memory.
CVE-2025-59478 1 F5 2 Big-ip, Big-ip Advanced Firewall Manager 2026-02-26 7.5 High
When a BIG-IP AFM denial-of-service (DoS) protection profile is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) process to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2025-58481 1 Samsung 2 Mobile, Motionphoto 2026-02-26 7.3 High
Improper access control in MPRemoteService of MotionPhoto prior to version 4.1.51 allows local attackers to start privileged service.
CVE-2025-60016 1 F5 3 Big-ip, Big-ip Next Cloud-native Network Functions, Big-ip Next Service Proxy For Kubernetes 2026-02-26 7.5 High
When Diffie-Hellman (DH) group Elliptic Curve Cryptography (ECC) Brainpool curves are configured in an SSL profile's Cipher Rule or Cipher Group, and that profile is applied to a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2025-58482 1 Samsung 2 Mobile, Motionphoto 2026-02-26 7.3 High
Improper access control in MPLocalService of MotionPhoto prior to version 4.1.51 allows local attackers to start privileged service.
CVE-2025-58153 1 F5 22 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 19 more 2026-02-26 5.9 Medium
Under undisclosed traffic conditions along with conditions beyond the attacker's control, hardware systems with a High-Speed Bridge (HSB) may experience a lockup of the HSB.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2024-45675 1 Ibm 1 Informix Dynamic Server 2026-02-26 8.4 High
IBM Informix Dynamic Server 14.10 could allow a local user on the system to log into the Informix server as administrator without a password.
CVE-2025-48008 1 F5 24 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 21 more 2026-02-26 7.5 High
When a TCP profile with Multipath TCP (MPTCP) enabled is configured on a virtual server, undisclosed traffic along with conditions beyond the attacker's control can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2025-20763 2 Google, Mediatek 28 Android, Mt6833, Mt6835 and 25 more 2026-02-26 7.8 High
In mmdvfs, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10267218; Issue ID: MSV-5032.
CVE-2025-55669 1 F5 2 Big-ip, Big-ip Application Security Manager 2026-02-26 7.5 High
When the BIG-IP Advanced WAF and ASM security policy and a server-side HTTP/2 profile are configured on a virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2025-20764 2 Google, Mediatek 34 Android, Mt6739, Mt6761 and 31 more 2026-02-26 7.8 High
In smi, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10259774; Issue ID: MSV-5029.
CVE-2025-61832 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2026-02-26 7.8 High
InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-46706 1 F5 24 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 21 more 2026-02-26 7.5 High
When an iRule containing the HTTP::respond command is configured on a virtual server, undisclosed requests can cause an increase in memory resource utilization. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2025-20766 2 Google, Mediatek 32 Android, Mt2718, Mt6739 and 29 more 2026-02-26 7.8 High
In display, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4820.
CVE-2025-61824 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2026-02-26 7.8 High
InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-47150 1 F5 3 F5os, F5os-a, F5os-c 2026-02-26 6.5 Medium
When SNMP is configured on F5OS Appliance and Chassis systems, undisclosed requests can cause an increase in SNMP memory resource utilization.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2025-20767 2 Google, Mediatek 32 Android, Mt2718, Mt6739 and 29 more 2026-02-26 7.8 High
In display, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4807.
CVE-2025-61814 3 Adobe, Apple, Microsoft 3 Indesign, Macos, Windows 2026-02-26 7.8 High
InDesign Desktop versions 20.5, 19.5.5 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
CVE-2025-59781 1 F5 24 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 21 more 2026-02-26 7.5 High
When DNS cache is configured on a BIG-IP or BIG-IP Next CNF virtual server, undisclosed DNS queries can cause an increase in memory resource utilization.   Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
CVE-2025-20768 2 Google, Mediatek 26 Android, Mt6739, Mt6761 and 23 more 2026-02-26 7.8 High
In display, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10196993; Issue ID: MSV-4805.