Total
8825 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-38048 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2026-02-10 | 6.5 Medium |
| Windows Network Driver Interface Specification (NDIS) Denial of Service Vulnerability | ||||
| CVE-2024-38028 | 1 Microsoft | 23 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 20 more | 2026-02-10 | 7.2 High |
| Microsoft Windows Performance Data Helper Library Remote Code Execution Vulnerability | ||||
| CVE-2024-38102 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2026-02-10 | 6.5 Medium |
| Windows Layer-2 Bridge Network Driver Denial of Service Vulnerability | ||||
| CVE-2024-38062 | 1 Microsoft | 17 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 14 more | 2026-02-10 | 7.8 High |
| Windows Kernel-Mode Driver Elevation of Privilege Vulnerability | ||||
| CVE-2024-38056 | 1 Microsoft | 20 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 17 more | 2026-02-10 | 5.5 Medium |
| Microsoft Windows Codecs Library Information Disclosure Vulnerability | ||||
| CVE-2025-20992 | 1 Samsung | 1 Android | 2026-02-10 | 4 Medium |
| Out-of-bound read in libsecimaging.camera.samsung.so prior to SMR Feb-2025 Release 1 allows local attackers to read out-of-bounds memory. | ||||
| CVE-2025-20988 | 1 Samsung | 1 Android | 2026-02-10 | 5.5 Medium |
| Out-of-bounds read in fingerprint trustlet prior to SMR May-2025 Release 1 allows local privileged attackers to read out-of-bounds memory. | ||||
| CVE-2025-27940 | 1 Intel | 1 Tdx Module | 2026-02-10 | 4.1 Medium |
| Out-of-bounds read for some TDX Module before version tdx1.5 within Ring 0: Hypervisor may allow an information disclosure. Software side channel adversary with a privileged user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access when attack requirements are present without special internal knowledge and requires no user interaction. The potential vulnerability may impact the confidentiality (high), integrity (none) and availability (none) of the vulnerable system, resulting in subsequent system confidentiality (none), integrity (none) and availability (none) impacts. | ||||
| CVE-2025-67810 | 1 Area9lyceum | 1 Rhapsode | 2026-02-10 | 6.5 Medium |
| In Area9 Rhapsode 1.47.3, an authenticated attacker can exploit the operation, url, and filename parameters via POST request to read arbitrary files from the server filesystem. Fixed in 1.47.4 (#7254) and further versions. | ||||
| CVE-2025-21449 | 1 Qualcomm | 371 315 5g Iot, 315 5g Iot Firmware, Apq8017 and 368 more | 2026-02-10 | 7.5 High |
| Transient DOS may occur while processing malformed length field in SSID IEs. | ||||
| CVE-2026-24921 | 1 Huawei | 1 Harmonyos | 2026-02-10 | 4.8 Medium |
| Address read vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. | ||||
| CVE-2026-24915 | 1 Huawei | 1 Harmonyos | 2026-02-10 | 6.2 Medium |
| Out-of-bounds read issue in the media subsystem. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. | ||||
| CVE-2025-40936 | 1 Siemens | 1 Ps Iges Parasolid Translator Component | 2026-02-10 | 7.8 High |
| A vulnerability has been identified in PS/IGES Parasolid Translator Component (All versions < V29.0.258), Solid Edge (All versions < V226.00 Update 03). The affected applications contains an out of bounds read vulnerability while parsing specially crafted IGS files. This could allow an attacker to crash the application or execute code in the context of the current process. (ZDI-CAN-26755) | ||||
| CVE-2026-24929 | 1 Huawei | 1 Harmonyos | 2026-02-09 | 5.9 Medium |
| Out-of-bounds read vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-68132 | 2 Everest, Linuxfoundation | 2 Everest-core, Everest | 2026-02-06 | 4.6 Medium |
| EVerest is an EV charging software stack. Prior to version 2025.12.0, `is_message_crc_correct` in the DZG_GSH01 powermeter SLIP parser reads `vec[vec.size()-1]` and `vec[vec.size()-2]` without checking that at least two bytes are present. Malformed SLIP frames on the serial link can reach `is_message_crc_correct` with `vec.size() < 2` (only via the multi-message path), causing an out-of-bounds read before CRC verification and `pop_back` underflow. Therefore, an attacker controlling the serial input can reliably crash the process. Version 2025.12.0 fixes the issue. | ||||
| CVE-2025-13502 | 1 Redhat | 7 Enterprise Linux, Rhel Aus, Rhel E4s and 4 more | 2026-02-06 | 7.5 High |
| A flaw was found in WebKitGTK and WPE WebKit. This vulnerability allows an out-of-bounds read and integer underflow, leading to a UIProcess crash (DoS) via a crafted payload to the GLib remote inspector server. | ||||
| CVE-2023-53575 | 1 Linux | 1 Linux Kernel | 2026-02-06 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix potential array out of bounds access Account for IWL_SEC_WEP_KEY_OFFSET when needed while verifying key_len size in iwl_mvm_sec_key_add(). | ||||
| CVE-2023-53600 | 1 Linux | 1 Linux Kernel | 2026-02-06 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: tunnels: fix kasan splat when generating ipv4 pmtu error If we try to emit an icmp error in response to a nonliner skb, we get BUG: KASAN: slab-out-of-bounds in ip_compute_csum+0x134/0x220 Read of size 4 at addr ffff88811c50db00 by task iperf3/1691 CPU: 2 PID: 1691 Comm: iperf3 Not tainted 6.5.0-rc3+ #309 [..] kasan_report+0x105/0x140 ip_compute_csum+0x134/0x220 iptunnel_pmtud_build_icmp+0x554/0x1020 skb_tunnel_check_pmtu+0x513/0xb80 vxlan_xmit_one+0x139e/0x2ef0 vxlan_xmit+0x1867/0x2760 dev_hard_start_xmit+0x1ee/0x4f0 br_dev_queue_push_xmit+0x4d1/0x660 [..] ip_compute_csum() cannot deal with nonlinear skbs, so avoid it. After this change, splat is gone and iperf3 is no longer stuck. | ||||
| CVE-2022-50508 | 1 Linux | 1 Linux Kernel | 2026-02-05 | 7.1 High |
| In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt76x0: fix oob access in mt76x0_phy_get_target_power After 'commit ba45841ca5eb ("wifi: mt76: mt76x02: simplify struct mt76x02_rate_power")', mt76x02 relies on ht[0-7] rate_power data for vht mcs{0,7}, while it uses vth[0-1] rate_power for vht mcs {8,9}. Fix a possible out-of-bound access in mt76x0_phy_get_target_power routine. | ||||
| CVE-2025-20944 | 1 Samsung | 1 Android | 2026-02-05 | 6.2 Medium |
| Out-of-bounds read in parsing audio data in libsavsac.so prior to SMR Apr-2025 Release 1 allows local attackers to read out-of-bounds memory. | ||||