Total
414 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-11616 | 1 Amazon | 1 Freertos-plus-tcp | 2025-10-31 | 5.4 Medium |
| A missing validation check in FreeRTOS-Plus-TCP's ICMPv6 packet processing code can lead to an out-of-bounds read when receiving ICMPv6 packets of certain message types which are smaller than the expected size. These issues only affect applications using IPv6. Users should upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes. | ||||
| CVE-2025-11617 | 1 Amazon | 1 Freertos-plus-tcp | 2025-10-31 | 5.4 Medium |
| A missing validation check in FreeRTOS-Plus-TCP's IPv6 packet processing code can lead to an out-of-bounds read when receiving a IPv6 packet with incorrect payload lengths in the packet header. This issue only affects applications using IPv6. We recommend users upgrade to the latest version and ensure any forked or derivative code is patched to incorporate the new fixes. | ||||
| CVE-2023-36773 | 1 Microsoft | 1 3d Builder | 2025-10-30 | 7.8 High |
| 3D Builder Remote Code Execution Vulnerability | ||||
| CVE-2023-36801 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-10-30 | 5.3 Medium |
| DHCP Server Service Information Disclosure Vulnerability | ||||
| CVE-2023-36803 | 1 Microsoft | 9 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 6 more | 2025-10-30 | 5.5 Medium |
| Windows Kernel Information Disclosure Vulnerability | ||||
| CVE-2023-38144 | 1 Microsoft | 12 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 9 more | 2025-10-30 | 7.8 High |
| Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||||
| CVE-2023-38152 | 1 Microsoft | 5 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 2 more | 2025-10-30 | 5.3 Medium |
| DHCP Server Service Information Disclosure Vulnerability | ||||
| CVE-2025-60729 | 1 Perfree | 1 Perfreeblog | 2025-10-27 | 5.3 Medium |
| PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the validThemeFilePath function | ||||
| CVE-2025-55081 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-27 | 9.1 Critical |
| In Eclipse Foundation NextX Duo before 6.4.4, a module of ThreadX, the _nx_secure_tls_process_clienthello() function was missing length verification of certain SSL/TLS client hello message: the ciphersuite length and compression method length. In case of an attacker-crafted message with values outside of the expected range, it could cause an out-of-bound read. | ||||
| CVE-2025-55083 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-27 | 5.3 Medium |
| In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check resulting it out by two out of bound read. | ||||
| CVE-2025-55093 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-24 | 5.3 Medium |
| In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receive() when handling unicast DHCP messages that could cause corruption of 4 bytes of memory. | ||||
| CVE-2025-55092 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-24 | 5.3 Medium |
| In Eclipse Foundation NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_option_process() when processing an IPv4 packet with the timestamp option. | ||||
| CVE-2025-55091 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-21 | 6.5 Medium |
| In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ip_packet_receive() function when received an Ethernet with type set as IP but no IP data. | ||||
| CVE-2025-55090 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-21 | 6.5 Medium |
| In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receive() function when received an Ethernet frame with less than 4 bytes of IP packet. | ||||
| CVE-2025-55084 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-21 | 5.3 Medium |
| In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check in_nx_secure_tls_proc_clienthello_supported_versions_extension() in the extension version field. | ||||
| CVE-2023-36392 | 1 Microsoft | 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more | 2025-10-08 | 7.5 High |
| DHCP Server Service Denial of Service Vulnerability | ||||
| CVE-2023-36397 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-10-08 | 9.8 Critical |
| Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability | ||||
| CVE-2024-45552 | 1 Qualcomm | 292 Apq8064au, Apq8064au Firmware, Fastconnect 6200 and 289 more | 2025-10-06 | 8.2 High |
| Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards. | ||||
| CVE-2025-21448 | 1 Qualcomm | 538 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 535 more | 2025-10-06 | 7.5 High |
| Transient DOS may occur while parsing SSID in action frames. | ||||
| CVE-2025-21435 | 1 Qualcomm | 298 Ar8035, Ar8035 Firmware, Csr8811 and 295 more | 2025-10-06 | 7.5 High |
| Transient DOS may occur while parsing extended IE in beacon. | ||||