CVE-2025-60729
PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the validThemeFilePath function
CVE-2025-55093
In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receive() when handling unicast DHCP messages that could cause corruption of 4 bytes of…
CVE-2025-55084
In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check in_nx_secure_tls_proc_clienthello_supported_versions_extension() in the extension version field.
CVE-2025-55083
In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check resulting it out by two out of bound read.
CVE-2025-55081
In Eclipse Foundation NextX Duo before 6.4.4, a module of ThreadX, the _nx_secure_tls_process_clienthello() function was missing length verification of
certain SSL/TLS client hello message: the ciphersuite length and
compression method le…
CVE-2025-59192
Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally.
CVE-2025-55325
Buffer over-read in Windows Storage Management Provider allows an authorized attacker to disclose information locally.
CVE-2025-11617
A missing validation check in FreeRTOS-Plus-TCP's IPv6 packet processing code can lead to an out-of-bounds read when receiving a IPv6 packet with incorrect payload lengths in the packet header. This issue only affects applications using IPv…
CVE-2025-11616
A missing validation check in FreeRTOS-Plus-TCP's ICMPv6 packet processing code can lead to an out-of-bounds read when receiving ICMPv6 packets of certain message types which are smaller than the expected size. These issues only affect appl…
CVE-2025-27049
Transient DOS while processing IOCTL call for image encoding.
CVE-2025-27045
Information disclosure while processing batch command execution in Video driver.
CVE-2025-27041
Transient DOS while processing video packets received from video firmware.
CVE-2025-59933
libvips is a demand-driven, horizontally threaded image processing library. For versions 8.17.1 and below, when libvips is compiled with support for PDF input via poppler, the pdfload operation is affected by a buffer read overflow when par…
CVE-2025-47328
Transient DOS while processing power control requests with invalid antenna or stream values.
CVE-2025-47326
Transient DOS while handling command data during power control processing.
CVE-2025-47318
Transient DOS while parsing the EPTM test control message to get the test pattern.
CVE-2025-47317
Memory corruption due to global buffer overflow when a test command uses an invalid payload type.
CVE-2025-27036
Information disclosure when Video engine escape input data is less than expected minimum size.
CVE-2025-27033
Information disclosure while running video usecase having rogue firmware.
CVE-2025-27030
information disclosure while invoking calibration data from user space to update firmware size.