Export limit exceeded: 351254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20396 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-48357 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-06-20 | 4.4 Medium |
| In vsp driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | ||||
| CVE-2023-48356 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-06-20 | 4.4 Medium |
| In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | ||||
| CVE-2023-48355 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-06-20 | 4.4 Medium |
| In jpg driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | ||||
| CVE-2023-52110 | 1 Huawei | 1 Harmonyos | 2025-06-20 | 7.5 High |
| The sensor module has an out-of-bounds access vulnerability.Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2023-48352 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-06-20 | 5.5 Medium |
| In phasecheckserver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed | ||||
| CVE-2023-48351 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-06-20 | 5.5 Medium |
| In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed | ||||
| CVE-2023-48350 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-06-20 | 5.5 Medium |
| In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed | ||||
| CVE-2023-48349 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-06-20 | 5.5 Medium |
| In video decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with no additional execution privileges needed | ||||
| CVE-2023-48348 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-06-20 | 5.5 Medium |
| In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed | ||||
| CVE-2023-48343 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-06-20 | 5.5 Medium |
| In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed | ||||
| CVE-2023-48342 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-06-20 | 4.4 Medium |
| In media service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed | ||||
| CVE-2023-48340 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-06-20 | 5.5 Medium |
| In video decoder, there is a possible out of bounds write due to improper input validation. This could lead to local denial of service with no additional execution privileges needed | ||||
| CVE-2025-5030 | 1 Ackites | 1 Killwxapkg | 2025-06-20 | 5 Medium |
| A vulnerability was found in Ackites KillWxapkg up to 2.4.1. It has been declared as critical. This vulnerability affects the function processFile of the file internal/unpack/unpack.go of the component wxapkg File Parser. The manipulation leads to os command injection. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-23061 | 1 Totolink | 2 A3300r, A3300r Firmware | 2025-06-20 | 9.8 Critical |
| TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the minute parameter in the setScheduleCfg function. | ||||
| CVE-2023-52029 | 1 Totolink | 2 A3700r, A3700r Firmware | 2025-06-20 | 9.8 Critical |
| TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setDiagnosisCfg function. | ||||
| CVE-2023-52028 | 1 Totolink | 2 A3700r, A3700r Firmware | 2025-06-20 | 9.8 Critical |
| TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE) vulnerability via the setTracerouteCfg function. | ||||
| CVE-2023-49254 | 1 Hongdian | 2 H8951-4g-esp, H8951-4g-esp Firmware | 2025-06-20 | 8.8 High |
| Authenticated user can execute arbitrary commands in the context of the root user by providing payload in the "destination" field of the network test tools. This is similar to the vulnerability CVE-2021-28151 mitigated on the user interface level by blacklisting characters with JavaScript, however, it can still be exploited by sending POST requests directly. | ||||
| CVE-2023-51970 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-20 | 9.8 Critical |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.mode parameter in the function formSetIptv. | ||||
| CVE-2023-51969 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-20 | 9.8 Critical |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.city.vlan parameter in the function getIptvInfo. | ||||
| CVE-2023-51967 | 1 Tenda | 2 Ax1803, Ax1803 Firmware | 2025-06-20 | 9.8 Critical |
| Tenda AX1803 v1.0.0.1 contains a stack overflow via the iptv.stb.port parameter in the function getIptvInfo. | ||||