Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2008-6995 Integer underflow in net/base/escape.cc in chrome.dll in Google Chrome 0.2.149.27 allows remote attackers to cause a denial of service (browser crash) via a URI with an invalid handler followed by a "... | N/A | NONE | — | 0 |
| CVE-2008-6996 Google Chrome BETA (0.2.149.27) does not prompt the user before saving an executable file, which makes it easier for remote attackers or malware to cause a denial of service (disk consumption) or expl... | N/A | NONE | — | 0 |
| CVE-2008-6997 Google Chrome 0.2.149.27 allows user-assisted remote attackers to cause a denial of service (browser crash) via an IMG tag with a long src attribute, which triggers the crash when the victim performs ... | N/A | NONE | — | 0 |
| CVE-2025-20941 Improper access control in InputManager to SMR Apr-2025 Release 1 allows local attackers to access the scancode of specific input device. | 6.2 | MEDIUM | — | 0 |
| CVE-2025-20942 Improper Verification of Intent by Broadcast Receiver in DeviceIdService prior to SMR Apr-2025 Release 1 allows local attackers to reset OAID. | 4.4 | MEDIUM | — | 0 |
| CVE-2025-21950 In the Linux kernel, the following vulnerability has been resolved: drivers: virt: acrn: hsm: Use kzalloc to avoid info leak in pmcmd_ioctl In the "pmcmd_ioctl" function, three memory objects alloca... | 7.1 | HIGH | — | 0 |
| CVE-2025-21973 In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx} When qstats-get operation is executed, callbacks of netdev_stats_... | 7.1 | HIGH | — | 0 |
| CVE-2008-6998 Stack-based buffer overflow in chrome/common/gfx/url_elider.cc in Google Chrome 0.2.149.27 and other versions before 0.2.149.29 might allow user-assisted remote attackers to execute arbitrary code via... | N/A | NONE | — | 0 |
| CVE-2025-31135 Go-Guerrilla SMTP Daemon is a lightweight SMTP server written in Go. Prior to 1.6.7, when ProxyOn is enabled, the PROXY command will be accepted multiple times, with later invocations overriding earli... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-29987 Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) versions prior to 8.3.0.15 contain an Insufficient Granularity of Access Control vulnerability. An authenticated user from a tru... | 8.8 | HIGH | — | 0 |
| CVE-2025-31130 gitoxide is an implementation of git written in Rust. Before 0.42.0, gitoxide uses SHA-1 hash implementations without any collision detection, leaving it vulnerable to hash collision attacks. gitoxide... | 6.8 | MEDIUM | — | 0 |
| CVE-2025-8986 A vulnerability was determined in SourceCodester COVID 19 Testing Management System 1.0. Affected by this issue is some unknown functionality of the file /search-report-result.php. The manipulation of... | 7.3 | HIGH | — | 0 |
| CVE-2025-20659 In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-21429 Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. | 7.5 | HIGH | — | 0 |
| CVE-2025-21439 Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer. | 7.8 | HIGH | — | 0 |
| CVE-2025-20936 Improper access control in HDCP trustlet prior to SMR Apr-2025 Release 1 allows local attackers with shell privilege to escalate their privileges to root. | 8.8 | HIGH | — | 0 |
| CVE-2025-20938 Improper access control in SamsungContacts prior to SMR Apr-2025 Release 1 allows local attackers to access protected data in SamsungContacts. | 5.5 | MEDIUM | — | 0 |
| CVE-2025-20939 Improper authorization in wireless download protocol in Galaxy Watch prior to SMR Apr-2025 Release 1 allows physical attackers to update device unique identifier of Watch devices. | 5.4 | MEDIUM | — | 0 |
| CVE-2025-20945 Improper access control in Galaxy Watch prior to SMR Apr-2025 Release 1 allows local attackers to access sensitive information of Galaxy watch. | 4.0 | MEDIUM | — | 0 |
| CVE-2025-20946 Improper handling of exceptional conditions in pairing specific bluetooth devices in Galaxy Watch Bluetooth pairing prior to SMR Apr-2025 Release 1 allows local attackers to pair with specific bluetoo... | 8.8 | HIGH | — | 0 |
| CVE-2025-20947 Improper handling of insufficient permission or privileges in ClipboardService prior to SMR Apr-2025 Release 1 allows local attackers to access image files across multiple users. User interaction is r... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-20948 Out-of-bounds read in enrollment with cdsp frame secfr trustlet prior to SMR Apr-2025 Release 1 allows local privileged attackers to read out-of-bounds memory. | 5.5 | MEDIUM | — | 0 |
| CVE-2025-26637 Protection mechanism failure in Windows BitLocker allows an unauthorized attacker to bypass a security feature with a physical attack. | 6.8 | MEDIUM | — | 0 |
| CVE-2025-26647 Improper input validation in Windows Kerberos allows an authorized attacker to elevate privileges over a network. | 8.8 | HIGH | — | 0 |
| CVE-2025-32460 GraphicsMagick before 8e56520 has a heap-based buffer over-read in ReadJXLImage in coders/jxl.c, related to an ImportViewPixelArea call. | 4.0 | MEDIUM | — | 0 |
| CVE-2025-20952 Improper access control in Mdecservice prior to SMR Apr-2025 Release 1 allows local attackers to access arbitrary files with system privilege. | 5.5 | MEDIUM | — | 0 |
| CVE-2025-21591 A Buffer Access with Incorrect Length Value vulnerability in the jdhcpd daemon of Juniper Networks Junos OS, when DHCP snooping is enabled, allows an unauthenticated, adjacent, attacker to send a DHCP... | 7.4 | HIGH | — | 0 |
| CVE-2025-21594 An Improper Check for Unusual or Exceptional Conditions vulnerability in the pfe (packet forwarding engine) of Juniper Networks Junos OS on MX Series causes a port within a pool to be blocked leading ... | 7.5 | HIGH | — | 0 |
| CVE-2025-30646 A Signed to Unsigned Conversion Error vulnerability in the Layer 2 Control Protocol daemon (l2cpd) of Juniper Networks Junos OS and Juniper Networks Junos OS Evolved allows an unauthenticated adjacent... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-21595 A Missing Release of Memory after Effective Lifetime vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker ... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-21597 An Improper Check for Unusual or Exceptional Conditions vulnerability in routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, logically adjacent B... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-30644 A Heap-based Buffer Overflow vulnerability in the flexible PIC concentrator (FPC) of Juniper Networks Junos OS on EX2300, EX3400, EX4100, EX4300, EX4300MP, EX4400, EX4600, EX4650-48Y, and QFX5k Series... | 7.5 | HIGH | — | 0 |
| CVE-2025-30645 A NULL Pointer Dereference vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an attacker causing specific, valid control traffic to be sent out of a Dual-Stack... | 7.5 | HIGH | — | 0 |
| CVE-2025-30647 A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding engine (PFE) of Juniper Networks Junos OS on MX Series allows an unauthenticated adjacent attacker to cause ... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-30648 An Improper Input Validation vulnerability in the Juniper DHCP Daemon (jdhcpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause the jdhcpd proces... | 7.4 | HIGH | — | 0 |
| CVE-2025-30649 An Improper Input Validation vulnerability in the syslog stream TCP transport of Juniper Networks Junos OS on MX240, MX480 and MX960 devices with MX-SPC3 Security Services Card allows an unauthenticat... | 7.5 | HIGH | — | 0 |
| CVE-2025-30651 A Buffer Access with Incorrect Length Value vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to ca... | 7.5 | HIGH | — | 0 |
| CVE-2025-30652 An Improper Handling of Exceptional Conditions vulnerability in routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker executing a CLI ... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-30653 An Expired Pointer Dereference vulnerability in Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker to cause Denial of Service ... | 6.5 | MEDIUM | — | 0 |
| CVE-2025-30654 An Exposure of Sensitive Information to an Unauthorized Actor vulnerability in the User Interface (UI) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged, authenticated a... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-30655 An Improper Check for Unusual or Exceptional Conditions vulnerability in the Routing Protocol Daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to ... | 5.5 | MEDIUM | — | 0 |
| CVE-2025-30656 An Improper Handling of Additional Special Element vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on MX Series with MS-MPC, MS-MIC and SPC3, and SRX Series, allows an... | 7.5 | HIGH | — | 0 |
| CVE-2025-30657 An Improper Encoding or Escaping of Output vulnerability in the Sampling Route Record Daemon (SRRD) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause a Denial-of-... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-8987 A vulnerability was identified in SourceCodester COVID 19 Testing Management System 1.0. This affects an unknown part of the file /test-details.php. The manipulation of the argument remark leads to sq... | 7.3 | HIGH | — | 0 |
| CVE-2025-30658 A Missing Release of Memory after Effective Lifetime vulnerability in the Anti-Virus processing of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause ... | 7.5 | HIGH | — | 0 |
| CVE-2025-30659 An Improper Handling of Length Parameter Inconsistency vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker ... | 7.5 | HIGH | — | 0 |
| CVE-2025-30660 An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on MX Series allows an unauthenticated, network-based attacker ... | 7.5 | HIGH | — | 0 |
| CVE-2025-3546 A vulnerability was found in H3C Magic NX15, Magic NX30 Pro, Magic NX400, Magic R3010 and Magic BE18000 up to V100R014. It has been declared as critical. Affected by this vulnerability is the function... | 8.0 | HIGH | — | 0 |
| CVE-2025-47737 lib.rs in the trailer crate through 0.1.2 for Rust mishandles allocating with a size of zero. | 2.9 | LOW | — | 0 |
| CVE-2025-3569 A vulnerability was found in JamesZBL/code-projects db-hospital-drug 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file ShiroConfig.java. The manipulation... | 6.3 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.