Search

Search Results (364787 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-24298 2 Openatom, Openharmony 2 Openharmony, Openharmony 2025-08-12 8.4 High
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free.
CVE-2025-24844 2 Openatom, Openharmony 2 Openharmony, Openharmony 2025-08-12 3.3 Low
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.
CVE-2025-24925 2 Openatom, Openharmony 2 Openharmony, Openharmony 2025-08-12 3.3 Low
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.
CVE-2025-25212 2 Openatom, Openharmony 2 Openharmony, Openharmony 2025-08-12 3.3 Low
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through improper input.
CVE-2025-25278 2 Openatom, Openharmony 2 Openharmony, Openharmony 2025-08-12 8.4 High
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition.
CVE-2025-26690 2 Openatom, Openharmony 2 Openharmony, Openharmony 2025-08-12 3.3 Low
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.
CVE-2025-27128 2 Openatom, Openharmony 2 Openharmony, Openharmony 2025-08-12 8.4 High
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through use after free.
CVE-2025-27536 2 Openatom, Openharmony 2 Openharmony, Openharmony 2025-08-12 3.3 Low
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through type confusion.
CVE-2025-27562 2 Openatom, Openharmony 2 Openharmony, Openharmony 2025-08-12 3.3 Low
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.
CVE-2025-27577 2 Openatom, Openharmony 2 Openharmony, Openharmony 2025-08-12 8.4 High
in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in tcb through race condition.
CVE-2023-35720 1 Asus 2 Rt-ax92u, Rt-ax92u Firmware 2025-08-12 N/A
ASUS RT-AX92U lighttpd mod_webdav.so SQL Injection Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected ASUS RT-AX92U routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the mod_webdav.so module. When parsing a request, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to disclose information in the context of root. Was ZDI-CAN-16078.
CVE-2023-35717 1 Tp-link 2 Tapo C210, Tapo C210 Firmware 2025-08-12 N/A
TP-Link Tapo C210 Password Recovery Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of TP-Link Tapo C210 IP cameras. Authentication is not required to exploit this vulnerability. The specific flaw exists within the password recovery mechanism. The issue results from reliance upon the secrecy of the password derivation algorithm when generating a recovery password. An attacker can leverage this vulnerability to bypass authentication on the system. . Was ZDI-CAN-20484.
CVE-2024-49348 1 Ibm 1 Cloud Pak For Business Automation 2025-08-12 4.3 Medium
IBM Cloud Pak for Business Automation 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows restricting access to organizational data to valid contexts. The fact that tasks of type comment can be reassigned via API implicitly grants access to user queries in an unexpected context.
CVE-2025-23331 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Triton Inference Server 2025-08-12 7.5 High
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause a memory allocation with excessive size value, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23327 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Triton Inference Server 2025-08-12 7.5 High
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an integer overflow through specially crafted inputs. A successful exploit of this vulnerability might lead to denial of service and data tampering.
CVE-2025-23326 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Triton Inference Server 2025-08-12 7.5 High
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an integer overflow through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23325 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Triton Inference Server 2025-08-12 7.5 High
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause uncontrolled recursion through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23324 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Triton Inference Server 2025-08-12 7.5 High
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23323 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Triton Inference Server 2025-08-12 7.5 High
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where a user could cause an integer overflow or wraparound, leading to a segmentation fault, by providing an invalid request. A successful exploit of this vulnerability might lead to denial of service.
CVE-2025-23322 3 Linux, Microsoft, Nvidia 3 Linux Kernel, Windows, Triton Inference Server 2025-08-12 7.5 High
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where multiple requests could cause a double free when a stream is cancelled before it is processed. A successful exploit of this vulnerability might lead to denial of service.