Total
4228 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-27229 | 1 Google | 1 Android | 2025-03-27 | 7.5 High |
| In ss_SendCallBarringPwdRequiredIndMsg of ss_CallBarring.c, there is a possible null pointer deref due to a missing null check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-11499 | 2025-03-27 | 4.9 Medium | ||
| A vulnerability exists in RTU500 IEC 60870-4-104 controlled station functionality, that allows an authenticated and authorized attacker to perform a CMU restart. The vulnerability can be triggered if certificates are updated while in use on active connections. The affected CMU will automatically recover itself if an attacker successfully exploits this vulnerability. | ||||
| CVE-2025-21755 | 2025-03-27 | 5.5 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2025-21740 | 2025-03-27 | 5.5 Medium | ||
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | ||||
| CVE-2023-23087 | 1 Mojojson Project | 1 Mojojson | 2025-03-26 | 9.8 Critical |
| An issue was found in MojoJson v1.2.3 allows attackers to execute arbitary code via the destroy function. | ||||
| CVE-2023-22340 | 1 F5 | 12 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 9 more | 2025-03-26 | 7.5 High |
| On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8, 14.1.x before 14.1.5.3, and all versions of 13.1.x, when a SIP profile is configured on a Message Routing type virtual server, undisclosed traffic can cause TMM to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2023-22341 | 1 F5 | 1 Big-ip Access Policy Manager | 2025-03-26 | 7.5 High |
| On version 14.1.x before 14.1.5.3, and all versions of 13.1.x, when the BIG-IP APM system is configured with all the following elements, undisclosed requests may cause the Traffic Management Microkernel (TMM) to terminate: * An OAuth Server that references an OAuth Provider * An OAuth profile with the Authorization Endpoint set to '/' * An access profile that references the above OAuth profile and is associated with an HTTPS virtual server Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2023-22839 | 1 F5 | 66 Big-ip 10000s, Big-ip 10000s Firmware, Big-ip 10200v and 63 more | 2025-03-26 | 7.5 High |
| On BIG-IP versions 17.0.x before 17.0.0.2, 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, and all version of 13.1.x, when a DNS profile with the Rapid Response Mode setting enabled is configured on a virtual server with hardware SYN cookies enabled, undisclosed requests cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2022-32663 | 1 Mediatek | 44 Mt5221, Mt5221 Firmware, Mt7603 and 41 more | 2025-03-26 | 7.5 High |
| In Wi-Fi driver, there is a possible system crash due to null pointer dereference. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: GN20220720014; Issue ID: GN20220720014. | ||||
| CVE-2022-47360 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-26 | 5.5 Medium |
| In log service, there is a missing permission check. This could lead to local denial of service in log service. | ||||
| CVE-2022-47359 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-26 | 5.5 Medium |
| In log service, there is a missing permission check. This could lead to local denial of service in log service. | ||||
| CVE-2022-44447 | 2 Google, Unisoc | 14 Android, S8000, Sc7731e and 11 more | 2025-03-26 | 5.5 Medium |
| In wlan driver, there is a possible null pointer dereference issue due to a missing bounds check. This could lead to local denial of service in wlan services. | ||||
| CVE-2025-1632 | 1 Libarchive | 1 Libarchive | 2025-03-25 | 3.3 Low |
| A vulnerability was found in libarchive up to 3.7.7. It has been classified as problematic. This affects the function list of the file bsdunzip.c. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-37030 | 1 Linuxfoundation | 1 Magma | 2025-03-25 | 6.5 Medium |
| A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `Initial UE Message` packet missing an expected `eNB_UE_S1AP_ID` field. | ||||
| CVE-2023-37034 | 1 Linuxfoundation | 1 Magma | 2025-03-24 | 6.5 Medium |
| A Null pointer dereference vulnerability in the Mobile Management Entity (MME) in Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows network-adjacent attackers to crash the MME via an S1AP `Initial UE Message` packet missing an expected `TAI` field. | ||||
| CVE-2023-23001 | 1 Linux | 1 Linux Kernel | 2025-03-20 | 5.5 Medium |
| In the Linux kernel before 5.16.3, drivers/scsi/ufs/ufs-mediatek.c misinterprets the regulator_get return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | ||||
| CVE-2023-23000 | 1 Linux | 1 Linux Kernel | 2025-03-20 | 5.5 Medium |
| In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error case, but an error pointer is used. | ||||
| CVE-2023-22999 | 1 Linux | 1 Linux Kernel | 2025-03-20 | 5.5 Medium |
| In the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3_qcom_create_urs_usb_platdev return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | ||||
| CVE-2023-22997 | 1 Linux | 1 Linux Kernel | 2025-03-20 | 5.5 Medium |
| In the Linux kernel before 6.1.2, kernel/module/decompress.c misinterprets the module_get_next_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | ||||
| CVE-2023-23002 | 1 Linux | 1 Linux Kernel | 2025-03-20 | 5.5 Medium |
| In the Linux kernel before 5.16.3, drivers/bluetooth/hci_qca.c misinterprets the devm_gpiod_get_index_optional return value (expects it to be NULL in the error case, whereas it is actually an error pointer). | ||||