Latest CVE Feed
-
7.8
HIGHCVE-2024-49829
Memory corruption can occur during context user dumps due to inadequate checks on buffer length.... Read more
Affected Products : wcd9380_firmware wsa8830_firmware wsa8835_firmware wcn3660b_firmware fastconnect_6900_firmware fastconnect_7800_firmware sdm429w_firmware wcn3620_firmware sdm429w wcd9380 +10 more products- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-45583
Memory corruption while handling multiple IOCTL calls from userspace to operate DMA operations.... Read more
Affected Products : fastconnect_7800_firmware wcd9390_firmware wcd9395_firmware wsa8840_firmware wsa8845_firmware wsa8845h_firmware fastconnect_7800 wcd9390 wcd9395 wsa8840 +4 more products- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-45581
Memory corruption while sound model registration for voice activation with audio kernel driver.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +50 more products- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-45579
Memory corruption may occur when invoking IOCTL calls from userspace to the camera kernel driver to dump request information, due to a missing memory requirement check.... Read more
Affected Products : wcd9380_firmware wsa8830_firmware wsa8835_firmware wcn3660b_firmware fastconnect_6900_firmware fastconnect_7800_firmware sdm429w_firmware wcn3620_firmware sdm429w wcd9380 +10 more products- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-45578
Memory corruption while acquire and update IOCTLs during IFE output resource ID validation.... Read more
Affected Products : wcd9380_firmware wcd9385_firmware wsa8830_firmware wsa8835_firmware sxr2230p_firmware wsa8832_firmware wcn3660b_firmware fastconnect_6900_firmware fastconnect_7800_firmware sdm429w_firmware +18 more products- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-49835
Memory corruption while reading secure file.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +414 more products- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2024-49845
Memory corruption during the FRS UDS generation process.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware +282 more products- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Memory Corruption
-
9.1
CRITICALCVE-2024-49846
Memory corruption while decoding of OTA messages from T3448 IE.... Read more
Affected Products : qca6574au_firmware qca6595au_firmware sw5100_firmware sw5100p_firmware wsa8830_firmware wsa8835_firmware ar8035_firmware qca6678aq_firmware qca6698aq_firmware qca8081_firmware +52 more products- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Memory Corruption
-
7.5
HIGHCVE-2024-49847
Transient DOS while processing of a registration acceptance OTA due to incorrect ciphering key data IE.... Read more
Affected Products : qca6574au_firmware qca6595au_firmware wcn3980_firmware wsa8830_firmware wsa8835_firmware ar8035_firmware qca6584au_firmware qca6678aq_firmware qca6698aq_firmware qca8081_firmware +84 more products- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Denial of Service
-
7.8
HIGHCVE-2025-21460
Memory corruption while processing a message, when the buffer is controlled by a Guest VM, the value can be changed continuously.... Read more
Affected Products : qam8295p_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware sa8150p_firmware sa8155p_firmware +62 more products- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Memory Corruption
-
7.8
HIGHCVE-2025-21462
Memory corruption while processing an IOCTL request, when buffer significantly exceeds the command argument limit.... Read more
Affected Products : sa6155p_firmware sa8155p_firmware sa8195p_firmware wcd9380_firmware wcd9385_firmware sa4150p_firmware sa4155p_firmware fastconnect_6900_firmware fastconnect_7800_firmware wsa8840_firmware +16 more products- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Memory Corruption
-
5.5
MEDIUMCVE-2025-22886
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through missing release of memory.... Read more
Affected Products : openharmony- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2025-25052
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause DOS through buffer overflow.... Read more
Affected Products : openharmony- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Denial of Service
-
5.5
MEDIUMCVE-2025-25218
in OpenHarmony v5.0.3 and prior versions allow a local attacker case DOS through NULL pointer dereference.... Read more
Affected Products : openharmony- Published: May. 06, 2025
- Modified: May. 09, 2025
- Vuln Type: Denial of Service
-
7.5
HIGHCVE-2024-25062
An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expansion enabled, processing crafted XML documents can lead to an xmlValidatePopElement use-after-free.... Read more
Affected Products : libxml2- EPSS Score: %0.15
- Published: Feb. 04, 2024
- Modified: May. 09, 2025
-
7.5
HIGHCVE-2024-24265
gpac v2.2.1 was discovered to contain a memory leak via the dst_props variable in the gf_filter_pid_merge_properties_internal function.... Read more
Affected Products : gpac- EPSS Score: %0.17
- Published: Feb. 05, 2024
- Modified: May. 09, 2025
-
6.1
MEDIUMCVE-2024-24160
MRCMS 3.0 contains a Cross-Site Scripting (XSS) vulnerability via /admin/system/saveinfo.do.... Read more
Affected Products : mrcms- EPSS Score: %0.11
- Published: Feb. 02, 2024
- Modified: May. 09, 2025
-
7.8
HIGHCVE-2024-21111
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where... Read more
- Published: Apr. 16, 2024
- Modified: May. 09, 2025
-
6.4
MEDIUMCVE-2024-13860
The Buddyboss Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘bbp_topic_title’ parameter in all versions up to, and including, 2.8.50 due to insufficient input sanitization and output escaping. This makes it possible fo... Read more
Affected Products : buddyboss_platform- Published: May. 02, 2025
- Modified: May. 09, 2025
- Vuln Type: Cross-Site Scripting
-
6.4
MEDIUMCVE-2024-13859
The Buddyboss Platform plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘bp_nouveau_ajax_media_save’ function in all versions up to, and including, 2.8.50 due to insufficient input sanitization and output escaping. This makes it p... Read more
Affected Products : buddyboss_platform- Published: May. 02, 2025
- Modified: May. 09, 2025
- Vuln Type: Cross-Site Scripting