Export limit exceeded: 363161 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (363161 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-14028 1 Softing 2 Smartlink Hw-dp, Smartlink Hw-pn 2026-03-30 6.5 Medium
Use after free vulnerability in Softing smartLink HW-DP or smartLink HW-PN webserver allows HTTP DoS. This issue affects: smartLink HW-DP: through 1.31 smartLink HW-PN: before 1.02.
CVE-2025-13478 1 Opentext 1 Identity Manager 2026-03-30 N/A
Cache misconfiguration vulnerability in OpenText Identity Manager on Windows, Linux allows remote authenticated users to obtain another user's session data via insecure application cache handling. This issue affects Identity Manager: 25.2(v4.10.1).
CVE-2025-69986 1 Lsc 1 Indoor Camera 2026-03-30 7.2 High
A buffer overflow vulnerability exists in the ONVIF GetStreamUri function of LSC Indoor Camera V7.6.32. The application fails to validate the length of the Protocol parameter inside the Transport element. By sending a specially crafted SOAP request containing an oversized protocol string, an attacker can overflow the stack buffer, overwriting the return instruction pointer (RIP). This vulnerability allows for Denial of Service (DoS) via device crash or Remote Code Execution (RCE) in the context of the ONVIF service.
CVE-2025-69988 1 Bs Producten 1 Petcam 2026-03-30 6.5 Medium
BS Producten Petcam 33.1.0.0818 is vulnerable to Incorrect Access Control. An unauthenticated attacker in physical proximity can associate with this open network. Once connected, the attacker gains access to the camera's private network interface and can retrieve sensitive information, including the live video and audio stream, without providing credentials.
CVE-2026-1496 1 Black Duck 1 Coverity 2026-03-30 N/A
Vulnerable versions of Coverity Connect lack an error handler in the authentication logic for command line tooling that makes it vulnerable to an authentication bypass. A malicious actor with access to the /token API endpoint that either knows or guesses a valid username, can use this in a specially crafted HTTP request to bypass authentication. Successful exploitation allows the malicious actor to assume all roles and privileges granted to the valid user’s Coverity Connect account.
CVE-2025-68158 1 Authlib 1 Authlib 2026-03-30 5.7 Medium
Authlib is a Python library which builds OAuth and OpenID Connect servers. In versions 1.0.0 through 1.6.5, cache-backed state/request-token storage is not tied to the initiating user session, so CSRF is possible for any attacker that has a valid state (easily obtainable via an attacker-initiated authentication flow). When a cache is supplied to the OAuth client registry, FrameworkIntegration.set_state_data writes the entire state blob under _state_{app}_{state}, and get_state_data ignores the caller’s session altogether. This issue has been patched in version 1.6.6.
CVE-2025-20807 2 Google, Mediatek 4 Android, Mt6899, Mt6991 and 1 more 2026-03-30 6.7 Medium
In dpe, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10114841; Issue ID: MSV-4451.
CVE-2025-20806 2 Google, Mediatek 4 Android, Mt6899, Mt6991 and 1 more 2026-03-30 6.7 Medium
In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10114835; Issue ID: MSV-4479.
CVE-2025-20805 2 Google, Mediatek 4 Android, Mt6899, Mt6991 and 1 more 2026-03-30 6.7 Medium
In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10114696; Issue ID: MSV-4480.
CVE-2025-20804 2 Google, Mediatek 3 Android, Mt6899, Mt6991 2026-03-30 6.7 Medium
In dpe, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is needed for exploitation. Patch ID: ALPS10198951; Issue ID: MSV-4503.
CVE-2025-20803 2 Google, Mediatek 4 Android, Mt6899, Mt6991 and 1 more 2026-03-30 6.7 Medium
In dpe, there is a possible memory corruption due to an integer overflow. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is needed for exploitation. Patch ID: ALPS10199779; Issue ID: MSV-4504.
CVE-2025-20787 2 Google, Mediatek 31 Android, Mt2718, Mt6739 and 28 more 2026-03-30 6.7 Medium
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149879; Issue ID: MSV-4658.
CVE-2025-20786 2 Google, Mediatek 46 Android, Mt6739, Mt6761 and 43 more 2026-03-30 6.7 Medium
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4673.
CVE-2025-20785 2 Google, Mediatek 46 Android, Mt6739, Mt6761 and 43 more 2026-03-30 6.7 Medium
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10149882; Issue ID: MSV-4677.
CVE-2025-20784 3 Google, Mediatek, Mediatk 73 Android, Mt6739, Mt6761 and 70 more 2026-03-30 6.7 Medium
In display, there is a possible memory corruption due to uninitialized data. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4683.
CVE-2025-20783 2 Google, Mediatek 46 Android, Mt6739, Mt6761 and 43 more 2026-03-30 6.7 Medium
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4684.
CVE-2025-20782 2 Google, Mediatek 46 Android, Mt6739, Mt6761 and 43 more 2026-03-30 6.7 Medium
In display, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182882; Issue ID: MSV-4685.
CVE-2025-20781 2 Google, Mediatek 46 Android, Mt6739, Mt6761 and 43 more 2026-03-30 7.8 High
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10182914; Issue ID: MSV-4699.
CVE-2025-20780 2 Google, Mediatek 46 Android, Mt6739, Mt6761 and 43 more 2026-03-30 7.8 High
In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184061; Issue ID: MSV-4712.
CVE-2025-20779 2 Google, Mediatek 46 Android, Mt6739, Mt6761 and 43 more 2026-03-30 7.0 High
In display, there is a possible use after free due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: ALPS10184084; Issue ID: MSV-4720.