Export limit exceeded: 18570 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 351254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (351254 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-9977 | 1 Mitrastar | 1 Gpt-2541gnac | 2026-04-15 | 4.7 Medium |
| A vulnerability, which was classified as critical, was found in MitraStar GPT-2541GNAC BR_g5.6_1.11(WVK.0)b26. Affected is an unknown function of the file /cgi-bin/settings-firewall.cgi of the component Firewall Settings Page. The manipulation of the argument SrcInterface leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. We tried to contact the vendor early about the disclosure but the official mail address was not working properly. | ||||
| CVE-2024-9979 | 1 Redhat | 2 Ansible Automation Platform, Enterprise Linux | 2026-04-15 | 5.3 Medium |
| A flaw was found in PyO3. This vulnerability causes a use-after-free issue, potentially leading to memory corruption or crashes via unsound borrowing from weak Python references. | ||||
| CVE-2024-9982 | 1 Esi Technology | 1 Aim Line Marketing Platform | 2026-04-15 | 9.8 Critical |
| AIM LINE Marketing Platform from Esi Technology does not properly validate a specific query parameter. When the LINE Campaign Module is enabled, unauthenticated remote attackers can inject arbitrary FetchXml commands to read, modify, and delete database content. | ||||
| CVE-2025-0009 | 1 Amd | 9 Athlon, Radeon Pro V520, Radeon Pro V620 and 6 more | 2026-04-15 | 5.5 Medium |
| A NULL pointer dereference in AMD Crash Defender could allow an attacker to write a NULL output to a log file potentially resulting in a system crash and loss of availability. | ||||
| CVE-2024-9991 | 1 Signify Innovations India | 7 Phillips Smart Bulb 10-watt Firmware, Phillips Smart Bulb 12-watt Firmware, Phillips Smart Bulb 9-watt Firmware and 4 more | 2026-04-15 | N/A |
| This vulnerability exists in Philips lighting devices due to storage of Wi-Fi credentials in plain text within the device firmware. An attacker with physical access could exploit this by extracting the firmware and analyzing the binary data to obtain the plaintext Wi-Fi credentials stored on the vulnerable device. Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to the Wi-Fi network to which vulnerable device is connected. | ||||
| CVE-2025-0010 | 1 Amd | 10 Athlon, Graphics Driver, Instinct Mi200 and 7 more | 2026-04-15 | 6.1 Medium |
| An out of bounds write in the Linux graphics driver could allow an attacker to overflow the buffer potentially resulting in loss of confidentiality, integrity, or availability. | ||||
| CVE-2024-9999 | 1 Progress Software | 1 Ws Ftp Server | 2026-04-15 | 6.5 Medium |
| In WS_FTP Server versions before 8.8.9 (2022.0.9), an Incorrect Implementation of Authentication Algorithm in the Web Transfer Module allows users to skip the second-factor verification and log in with username and password only. | ||||
| CVE-2025-0001 | 2026-04-15 | 6.5 Medium | ||
| Abacus ERP is versions older than 2024.210.16036, 2023.205.15833, 2022.105.15542 are affected by an authenticated arbitrary file read vulnerability. | ||||
| CVE-2025-0003 | 1 Amd | 1 Xilinx Run Time | 2026-04-15 | 7.3 High |
| Inadequate lock protection within Xilinx Run time may allow a local attacker to trigger a Use-After-Free condition potentially resulting in loss of confidentiality or availability | ||||
| CVE-2025-0005 | 1 Amd | 1 Xilinx Run Time | 2026-04-15 | 7.3 High |
| Improper input validation within the XOCL driver may allow a local attacker to generate an integer overflow condition, potentially resulting in crash or denial of service. | ||||
| CVE-2025-0007 | 1 Amd | 1 Xilinx Run Time | 2026-04-15 | 5.7 Medium |
| Insufficient validation within Xilinx Run Time framework could allow a local attacker to escalate privileges from user space to kernel space, potentially compromising confidentiality, integrity, and/or availability. | ||||
| CVE-2025-0011 | 1 Amd | 12 Radeon, Radeon Pro V520, Radeon Pro V620 and 9 more | 2026-04-15 | 3.3 Low |
| Improper removal of sensitive information before storage or transfer in AMD Crash Defender could allow an attacker to obtain kernel address information potentially resulting in loss of confidentiality. | ||||
| CVE-2025-0012 | 1 Amd | 2 Epyc 9005 Series Processors, Epyc Embedded 9005 Series Processors | 2026-04-15 | N/A |
| Improper handling of overlap between the segmented reverse map table (RMP) and system management mode (SMM) memory could allow a privileged attacker corrupt or partially infer SMM memory resulting in loss of integrity or confidentiality. | ||||
| CVE-2025-0014 | 2026-04-15 | 7.3 High | ||
| Incorrect default permissions on the AMD Ryzen(TM) AI installation folder could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution. | ||||
| CVE-2025-0029 | 1 Amd | 2 Epyc 9005 Series Processors, Epyc Embedded 9005 Series Processors | 2026-04-15 | N/A |
| Improper handling of error condition during host-induced faults can allow a local high-privileged attack to selectively drop guest DMA writes, potentially resulting in a loss of SEV-SNP guest memory integrity | ||||
| CVE-2025-0031 | 1 Amd | 9 Epyc 7003 Series Processors, Epyc 8004 Series Processors, Epyc 9004 Series Processors and 6 more | 2026-04-15 | N/A |
| A use after free in the SEV firmware could allow a malicous hypervisor to activate a migrated guest with the SINGLE_SOCKET policy on a different socket than the migration agent potentially resulting in loss of integrity. | ||||
| CVE-2025-0032 | 1 Amd | 8 Epyc, Epyc 9000, Epyc 9005 and 5 more | 2026-04-15 | 7.2 High |
| Improper cleanup in AMD CPU microcode patch loading could allow an attacker with local administrator privilege to load malicious CPU microcode, potentially resulting in loss of integrity of x86 instruction execution. | ||||
| CVE-2025-0033 | 1 Amd | 3 Epyc, Epyc 7003, Epyc 9005 | 2026-04-15 | 6 Medium |
| Improper access control within AMD SEV-SNP could allow an admin privileged attacker to write to the RMP during SNP initialization, potentially resulting in a loss of SEV-SNP guest memory integrity. | ||||
| CVE-2025-0034 | 1 Amd | 2 Instinct Mi300x, Instinct Mi325x | 2026-04-15 | 4.7 Medium |
| Insufficient parameter sanitization in TEE SOC Driver could allow an attacker to issue a malformed DRV_SOC_CMD_ID_SRIOV_SPATIAL_PART and cause read or write past the end of allocated arrays, potentially resulting in a loss of platform integrity or denial of service. | ||||
| CVE-2025-0035 | 2026-04-15 | 7.3 High | ||
| Unquoted search path within AMD Cloud Manageability Service can allow a local attacker to escalate privileges, potentially resulting in arbitrary code execution. | ||||