Total
8559 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-24059 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2025-12-17 | 7.8 High |
| Incorrect conversion between numeric types in Windows Common Log File System Driver allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24055 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2025-12-17 | 4.3 Medium |
| Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to disclose information with a physical attack. | ||||
| CVE-2025-24050 | 1 Microsoft | 18 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 15 more | 2025-12-17 | 7.8 High |
| Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24048 | 1 Microsoft | 17 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 14 more | 2025-12-17 | 7.8 High |
| Heap-based buffer overflow in Role: Windows Hyper-V allows an authorized attacker to elevate privileges locally. | ||||
| CVE-2025-24988 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2025-12-17 | 6.6 Medium |
| Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack. | ||||
| CVE-2025-24987 | 1 Microsoft | 24 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 21 more | 2025-12-17 | 6.6 Medium |
| Out-of-bounds read in Windows USB Video Driver allows an authorized attacker to elevate privileges with a physical attack. | ||||
| CVE-2025-43474 | 1 Apple | 3 Macos, Macos Sequoia, Macos Sonoma | 2025-12-17 | 7.8 High |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Sequoia 15.7.2, macOS Tahoe 26.1, macOS Sonoma 14.8.2. An app may be able to cause unexpected system termination or read kernel memory. | ||||
| CVE-2025-43445 | 1 Apple | 9 Ios, Ipados, Iphone Os and 6 more | 2025-12-17 | 4.3 Medium |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 26.1, watchOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, visionOS 26.1. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory. | ||||
| CVE-2025-43421 | 1 Apple | 5 Ios, Ipados, Iphone Os and 2 more | 2025-12-17 | 4.3 Medium |
| Multiple issues were addressed by disabling array allocation sinking. This issue is fixed in iOS 26.1 and iPadOS 26.1, macOS Tahoe 26.1, visionOS 26.1, Safari 26.1. Processing maliciously crafted web content may lead to an unexpected process crash. | ||||
| CVE-2025-43386 | 1 Apple | 6 Ios, Ipad Os, Ipados and 3 more | 2025-12-17 | 7.1 High |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, visionOS 26.1. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory. | ||||
| CVE-2025-43385 | 1 Apple | 7 Ios, Ipados, Iphone Os and 4 more | 2025-12-17 | 4.3 Medium |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Sequoia 15.7.2, visionOS 26.1. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory. | ||||
| CVE-2025-43384 | 1 Apple | 6 Ios, Ipados, Iphone Os and 3 more | 2025-12-17 | 4.3 Medium |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Sequoia 15.7.2, visionOS 26.1. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory. | ||||
| CVE-2025-43383 | 1 Apple | 8 Ios, Ipad Os, Ipados and 5 more | 2025-12-17 | 4.3 Medium |
| An out-of-bounds access issue was addressed with improved bounds checking. This issue is fixed in tvOS 26.1, macOS Tahoe 26.1, iOS 26.1 and iPadOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Sequoia 15.7.2, visionOS 26.1. Processing a maliciously crafted media file may lead to unexpected app termination or corrupt process memory. | ||||
| CVE-2025-43377 | 1 Apple | 2 Macos, Macos Sequoia | 2025-12-17 | 5.5 Medium |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 18.7.2 and iPadOS 18.7.2, macOS Sequoia 15.7.2, macOS Tahoe 26.1. An app may be able to cause a denial-of-service. | ||||
| CVE-2025-38004 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-12-17 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: can: bcm: add locking for bcm_op runtime updates The CAN broadcast manager (CAN BCM) can send a sequence of CAN frames via hrtimer. The content and also the length of the sequence can be changed resp reduced at runtime where the 'currframe' counter is then set to zero. Although this appeared to be a safe operation the updates of 'currframe' can be triggered from user space and hrtimer context in bcm_can_tx(). Anderson Nascimento created a proof of concept that triggered a KASAN slab-out-of-bounds read access which can be prevented with a spin_lock_bh. At the rework of bcm_can_tx() the 'count' variable has been moved into the protected section as this variable can be modified from both contexts too. | ||||
| CVE-2025-38088 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2025-12-17 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the allocated region size. | ||||
| CVE-2025-48622 | 1 Google | 1 Android | 2025-12-17 | 5.5 Medium |
| In ProcessArea of dng_misc_opcodes.cpp, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48596 | 1 Google | 1 Android | 2025-12-17 | 7.8 High |
| In appendFrom of Parcel.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2025-48592 | 1 Google | 1 Android | 2025-12-17 | 6.5 Medium |
| In initDecoder of C2SoftDav1dDec.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-36017 | 3 Debian, Linux, Redhat | 7 Debian Linux, Linux Kernel, Enterprise Linux and 4 more | 2025-12-17 | 5.5 Medium |
| In the Linux kernel, the following vulnerability has been resolved: rtnetlink: Correct nested IFLA_VF_VLAN_LIST attribute validation Each attribute inside a nested IFLA_VF_VLAN_LIST is assumed to be a struct ifla_vf_vlan_info so the size of such attribute needs to be at least of sizeof(struct ifla_vf_vlan_info) which is 14 bytes. The current size validation in do_setvfinfo is against NLA_HDRLEN (4 bytes) which is less than sizeof(struct ifla_vf_vlan_info) so this validation is not enough and a too small attribute might be cast to a struct ifla_vf_vlan_info, this might result in an out of bands read access when accessing the saved (casted) entry in ivvl. | ||||