1924 items
Unread (2164) All Dismissed
MEDIUM
CVE-2025-3408 (CVSS 6.3) — A vulnerability was found in Nothings stb up to f056911. It has been rated as critical. Affected by ...
NVD CVE-2025-3408 425d ago
MEDIUM
CVE-2025-3407 (CVSS 6.3) — A vulnerability was found in Nothings stb up to f056911. It has been declared as critical. Affected ...
NVD CVE-2025-3407 425d ago
MEDIUM
CVE-2024-12136 (CVSS 6.9) — Missing Critical Step in Authentication vulnerability in Elfatek Elektronics ANKA JPD-00028 allows A...
NVD CVE-2024-12136 445d ago
HIGH
CVE-2025-21863 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: io_uring: prevent opcode specul...
NVD CVE-2025-21863 452d ago
HIGH
CVE-2025-26597 (CVSS 7.8) — A buffer overflow flaw was found in X.Org and Xwayland. If XkbChangeTypesOfKey() is called with a 0 ...
NVD CVE-2025-26597 466d ago
MEDIUM
CVE-2025-1352 (CVSS 5) — A vulnerability has been found in GNU elfutils 0.192 and classified as critical. This vulnerability ...
NVD CVE-2025-1352 475d ago
HIGH
CVE-2024-12251 (CVSS 7.8) — In Progress Telerik UI for WinUI versions prior to 2025 Q1 (3.0.0), a command injection attack is po...
NVD CVE-2024-12251 479d ago
HIGH
CVE-2024-57945 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: riscv: mm: Fix the out of bound...
NVD CVE-2024-57945 502d ago
HIGH
CVE-2024-53213 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Fix double f...
NVD CVE-2024-53213 527d ago
HIGH
CVE-2024-54508 (CVSS 7.5) — The issue was addressed with improved memory handling. This issue is fixed in Safari 18.2, iOS 18.2 ...
NVD CVE-2024-54508 542d ago
CRITICAL
CVE-2024-10534 (CVSS 9.8) — Origin Validation Error vulnerability in Dataprom Informatics Personnel Attendance Control Systems (...
NVD CVE-2024-10534 569d ago
CRITICAL
CVE-2024-10035 (CVSS 9.8) — Improper Control of Generation of Code ('Code Injection'), Improper Neutralization of Special Elemen...
NVD CVE-2024-10035 580d ago
HIGH
CVE-2024-49924 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: fbdev: pxafb: Fix possible use ...
NVD CVE-2024-49924 593d ago
HIGH
CVE-2024-49894 (CVSS 7.8) — In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix index out ...
NVD CVE-2024-49894 593d ago
HIGH
CVE-2024-6400 (CVSS 7.5) — Cleartext Storage of Sensitive Information, Exposure of Sensitive Information Through Data Queries v...
NVD CVE-2024-6400 611d ago
HIGH
CVE-2024-8644 (CVSS 7.5) — Cleartext Storage of Sensitive Information in a Cookie vulnerability in Oceanic Software ValeApp all...
NVD CVE-2024-8644 618d ago
CRITICAL
CVE-2024-8643 (CVSS 9.8) — Session Fixation vulnerability in Oceanic Software ValeApp allows Brute Force, Session Hijacking. T...
NVD CVE-2024-8643 618d ago
HIGH
CVE-2024-8609 (CVSS 7.5) — Insertion of Sensitive Information into Log File vulnerability in Oceanic Software ValeApp allows Qu...
NVD CVE-2024-8609 618d ago
CRITICAL
CVE-2024-8607 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2024-8607 618d ago
CRITICAL
CVE-2024-7108 (CVSS 9.8) — Incorrect Authorization vulnerability in National Keep Cyber Security Services CyberMath allows Acce...
NVD CVE-2024-7108 619d ago
HIGH
CVE-2024-7107 (CVSS 7.5) — Files or Directories Accessible to External Parties vulnerability in National Keep Cyber Security Se...
NVD CVE-2024-7107 619d ago
HIGH
CVE-2024-5958 (CVSS 8.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2024-5958 626d ago
CRITICAL
CVE-2024-7104 (CVSS 9.8) — Improper Control of Generation of Code ('Code Injection') vulnerability in SFS Consulting ww.Winsure...
NVD CVE-2024-7104 628d ago
CRITICAL
CVE-2024-7098 (CVSS 9.8) — Improper Restriction of XML External Entity Reference vulnerability in SFS Consulting ww.Winsure all...
NVD CVE-2024-7098 628d ago
CRITICAL
CVE-2024-6401 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2024-6401 628d ago
CRITICAL
CVE-2024-6656 (CVSS 9.8) — Use of Hard-coded Credentials vulnerability in TNB Mobile Solutions Cockpit Software allows Read Sen...
NVD CVE-2024-6656 632d ago
HIGH
CVE-2024-3306 (CVSS 7.5) — Authorization Bypass Through User-Controlled Key vulnerability in Utarit Information SoliClub allows...
NVD CVE-2024-3306 633d ago
HIGH
CVE-2024-3305 (CVSS 7.5) — Authorization Bypass Through User-Controlled Key, Missing Authorization vulnerability in Utarit Info...
NVD CVE-2024-3305 633d ago
HIGH
CVE-2024-7609 (CVSS 7.5) — Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Vidc...
NVD CVE-2024-7609 634d ago
CRITICAL
CVE-2024-7015 (CVSS 9.8) — Missing Authentication for Critical Function vulnerability in Profelis Informatics and Consulting Pa...
NVD CVE-2024-7015 636d ago
HIGH
CVE-2024-6445 (CVSS 7.5) — Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Data...
NVD CVE-2024-6445 639d ago
HIGH
CVE-2024-1744 (CVSS 7.5) — Authorization Bypass Through User-Controlled Key, Missing Authorization vulnerability in Ariva Compu...
NVD CVE-2024-1744 639d ago
CRITICAL
CVE-2024-45159 (CVSS 9.8) — An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional a...
NVD CVE-2024-45159 639d ago
CRITICAL
CVE-2024-7078 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2024-7078 640d ago
CRITICAL
CVE-2024-7076 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2024-7076 640d ago
CRITICAL
CVE-2024-4259 (CVSS 9.8) — Missing Authorization vulnerability in SAMPAŞ Holding AKOS (AkosCepVatandasService), SAMPAŞ Holding ...
NVD CVE-2024-4259 642d ago
HIGH
CVE-2024-6921 (CVSS 7.5) — Cleartext Storage of Sensitive Information vulnerability in NAC Telecommunication Systems Inc. NACPr...
NVD CVE-2024-6921 642d ago
CRITICAL
CVE-2024-6919 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2024-6919 642d ago
CRITICAL
CVE-2024-4428 (CVSS 9.8) — Missing Authentication for Critical Function, Missing Authorization vulnerability in Menulux Informa...
NVD CVE-2024-4428 647d ago
CRITICAL
CVE-2024-7071 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection'), CWE - 564 - SQ...
NVD CVE-2024-7071 649d ago
CRITICAL
CVE-2024-7593 (CVSS 9.8) — Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or ...
NVD CVE-2024-7593 662d ago
CRITICAL
CVE-2024-6917 (CVSS 9.8) — Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerabi...
NVD CVE-2024-6917 663d ago
CRITICAL
CVE-2024-6699 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2024-6699 677d ago
HIGH
CVE-2023-52682 (CVSS 7.1) — In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait on block writ...
NVD CVE-2023-52682 750d ago
CRITICAL
CVE-2023-6191 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2023-6191 800d ago
HIGH
CVE-2024-23775 (CVSS 7.5) — Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows attackers ...
NVD CVE-2024-23775 858d ago
HIGH
CVE-2024-23744 (CVSS 7.5) — An issue was discovered in Mbed TLS 3.5.1. There is persistent handshake denial if a client sends a ...
NVD CVE-2024-23744 867d ago
CRITICAL
CVE-2023-6436 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2023-6436 887d ago
HIGH
CVE-2023-51767 (CVSS 7) — OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks (for authen...
NVD CVE-2023-51767 896d ago
CRITICAL
CVE-2023-2889 (CVSS 9.8) — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i...
NVD CVE-2023-2889 928d ago
MEDIUM NVD Tue, 08 Apr 2025 04:15:32 UTC
CVE-2025-3408 (CVSS 6.3) — A vulnerability was found in Nothings stb up to f056911. It has been rated as critical. Affected by ...
https://nvd.nist.gov/vuln/detail/CVE-2025-3408
TL;DR
A vulnerability was found in Nothings stb up to f056911. It has been rated as critical. Affected by this issue is the function stb_dupreplace. The manipulation leads to integer overflow. The attack may be launched remotely. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The vendor was contacted early …
CVE-2025-3408
Read full story ↗