Export limit exceeded: 21128 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 364909 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (364909 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-32393 2 Agpt, Significant-gravitas 2 Autogpt Platform, Autogpt 2026-02-17 6.5 Medium
AutoGPT is a platform that allows users to create, deploy, and manage continuous artificial intelligence agents that automate complex workflows. Prior to autogpt-platform-beta-v0.6.32, there is a DoS vulnerability in ReadRSSFeedBlock. In RSSBlock, feedparser.parser is called to obtain the XML file according to the URL input by the user, parse the XML, and finally obtain the parsed result. However, during the parsing process, there is no limit on the parsing time and the resources that can be allocated for parsing. When a malicious user lets RSSBlock parse a carefully constructed, deep XML, it will cause memory resources to be exhausted, eventually causing DoS. This issue has been patched in autogpt-platform-beta-v0.6.32.
CVE-2025-61987 1 Groupsession 3 Groupsession, Groupsession Bycloud, Groupsession Zion 2026-02-17 N/A
GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSession ZION prior to ver5.3.2. do not validate origins in WebSockets. If a user accesses a crafted page, Chat information sent to the user may be exposed.
CVE-2025-62192 1 Groupsession 3 Groupsession, Groupsession Bycloud, Groupsession Zion 2026-02-17 N/A
SQL Injection vulnerability exists in GroupSession Free edition prior to ver5.3.0, GroupSession byCloud prior to ver5.3.3, and GroupSession ZION prior to ver5.3.2. If exploited, information stored in the database may be obtained or altered by an authenticated user.
CVE-2025-20791 1 Mediatek 26 Mt2735, Mt6833, Mt6833p and 23 more 2026-02-17 6.5 Medium
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01661189; Issue ID: MSV-4298.
CVE-2025-20757 1 Mediatek 27 Modem, Mt2735, Mt6833 and 24 more 2026-02-17 6.5 Medium
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673751; Issue ID: MSV-4644.
CVE-2025-20756 1 Mediatek 38 Mt2735, Mt6833, Mt6833p and 35 more 2026-02-17 6.5 Medium
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673749; Issue ID: MSV-4643.
CVE-2025-20752 1 Mediatek 50 Modem, Mt2735, Mt2737 and 47 more 2026-02-17 6.5 Medium
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01270690; Issue ID: MSV-4301.
CVE-2025-20751 1 Mediatek 27 Modem, Mt2735, Mt6833 and 24 more 2026-02-17 6.5 Medium
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01661195; Issue ID: MSV-4297.
CVE-2025-20750 1 Mediatek 26 Mt2735, Mt6833, Mt6833p and 23 more 2026-02-17 6.5 Medium
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01661199; Issue ID: MSV-4296.
CVE-2025-20703 1 Mediatek 63 Modem, Mt2735, Mt2737 and 60 more 2026-02-17 6.5 Medium
In Modem, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01599794; Issue ID: MSV-3708.
CVE-2025-20678 1 Mediatek 94 Lr12a, Lr13, Mt6739 and 91 more 2026-02-17 6.5 Medium
In ims service, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01394606; Issue ID: MSV-2739.
CVE-2025-20670 1 Mediatek 46 Mt2737, Mt6813, Mt6835 and 43 more 2026-02-17 5.7 Medium
In Modem, there is a possible permission bypass due to improper certificate validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with User execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY01334347; Issue ID: MSV-2772.
CVE-2025-20667 1 Mediatek 88 Lr12a, Lr13, Mt2735 and 85 more 2026-02-17 6.5 Medium
In Modem, there is a possible information disclosure due to incorrect error handling. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01513293; Issue ID: MSV-2741.
CVE-2025-20666 1 Mediatek 31 Mt2735, Mt6833, Mt6833p and 28 more 2026-02-17 6.5 Medium
In Modem, there is a possible system crash due to an uncaught exception. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00650610; Issue ID: MSV-2933.
CVE-2025-20659 1 Mediatek 170 Mt2735, Mt2735 Firmware, Mt2737 and 167 more 2026-02-17 6.5 Medium
In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01519028; Issue ID: MSV-2768.
CVE-2025-20647 1 Mediatek 77 Mt2735, Mt2737, Mt6739 and 74 more 2026-02-17 6.5 Medium
In Modem, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00791311 / MOLY01067019; Issue ID: MSV-2721.
CVE-2025-20644 1 Mediatek 41 Mt2735, Mt2737, Mt6833 and 38 more 2026-02-17 6.5 Medium
In Modem, there is a possible memory corruption due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01525673; Issue ID: MSV-2747.
CVE-2025-20634 1 Mediatek 32 Mt2737, Mt6813, Mt6835 and 29 more 2026-02-17 8.8 High
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01289384; Issue ID: MSV-2436.
CVE-2024-20154 1 Mediatek 56 Lr12a, Lr13, Mt2735 and 53 more 2026-02-17 8.8 High
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00720348; Issue ID: MSV-2392.
CVE-2025-64781 1 Groupsession 3 Groupsession, Groupsession Bycloud, Groupsession Zion 2026-02-17 N/A
In GroupSession Free edition prior to ver5.7.1, GroupSession byCloud prior to ver5.7.1, and GroupSession ZION prior to ver5.7.1, "External page display restriction" is set to "Do not limit" in the initial configuration. With this configuration, the user may be redirected to an arbitrary website when accessing a specially crafted URL.