Total
6778 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-33031 | 1 Qualcomm | 330 Apq5053-aa, Apq5053-aa Firmware, Apq8009 and 327 more | 2025-08-07 | N/A | 7.8 HIGH |
| Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer. | |||||
| CVE-2023-22385 | 1 Qualcomm | 482 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 479 more | 2025-08-07 | N/A | 8.2 HIGH |
| Memory Corruption in Data Modem while making a MO call or MT VOLTE call. | |||||
| CVE-2023-28545 | 1 Qualcomm | 408 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 405 more | 2025-08-07 | N/A | 8.2 HIGH |
| Memory corruption in TZ Secure OS while loading an app ELF. | |||||
| CVE-2025-21467 | 1 Qualcomm | 212 215 Mobile, 215 Mobile Firmware, Csra6620 and 209 more | 2025-08-07 | N/A | 7.8 HIGH |
| Memory corruption while reading the FW response from the shared queue. | |||||
| CVE-2023-33034 | 1 Qualcomm | 128 Apq5053-aa, Apq5053-aa Firmware, Csra6620 and 125 more | 2025-08-07 | N/A | 7.8 HIGH |
| Memory corruption while parsing the ADSP response command. | |||||
| CVE-2024-33038 | 1 Qualcomm | 90 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 87 more | 2025-08-07 | N/A | 7.8 HIGH |
| Memory corruption while passing untrusted/corrupted pointers from DSP to EVA. | |||||
| CVE-2023-43548 | 1 Qualcomm | 284 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 281 more | 2025-08-07 | N/A | 7.3 HIGH |
| Memory corruption while parsing qcp clip with invalid chunk data size. | |||||
| CVE-2023-43518 | 1 Qualcomm | 306 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 303 more | 2025-08-07 | N/A | 7.3 HIGH |
| Memory corruption in video while parsing invalid mp2 clip. | |||||
| CVE-2023-28587 | 1 Qualcomm | 380 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 377 more | 2025-08-07 | N/A | 7.8 HIGH |
| Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level. | |||||
| CVE-2025-21470 | 1 Qualcomm | 66 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 63 more | 2025-08-07 | N/A | 7.8 HIGH |
| Memory corruption while processing image encoding, when configuration is NULL in IOCTL parameter. | |||||
| CVE-2025-54627 | 2025-08-06 | N/A | 8.8 HIGH | ||
| Out-of-bounds write vulnerability in the skia module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2025-21461 | 2025-08-06 | N/A | 7.8 HIGH | ||
| Memory corruption when programming registers through virtual CDM. | |||||
| CVE-2024-5301 | 1 Tungstenautomation | 1 Power Pdf | 2025-08-06 | N/A | 7.8 HIGH |
| Kofax Power PDF PSD File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22917. | |||||
| CVE-2024-5302 | 1 Tungstenautomation | 1 Power Pdf | 2025-08-06 | N/A | 7.8 HIGH |
| Kofax Power PDF PDF File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22918. | |||||
| CVE-2024-5303 | 1 Tungstenautomation | 1 Power Pdf | 2025-08-06 | N/A | 7.8 HIGH |
| Kofax Power PDF PSD File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22919. | |||||
| CVE-2024-5304 | 1 Tungstenautomation | 1 Power Pdf | 2025-08-06 | N/A | 7.8 HIGH |
| Kofax Power PDF TGA File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of TGA files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22920. | |||||
| CVE-2025-41431 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more | 2025-08-06 | N/A | 7.5 HIGH |
| When connection mirroring is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate in the standby BIG-IP systems in a traffic group. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2024-10397 | 1 Openafs | 1 Openafs | 2025-08-05 | N/A | 7.8 HIGH |
| A malicious server can crash the OpenAFS cache manager and other client utilities, and possibly execute arbitrary code. | |||||
| CVE-2024-0229 | 3 Fedoraproject, Redhat, X.org | 8 Fedora, Enterprise Linux, Enterprise Linux Aus and 5 more | 2025-08-04 | N/A | 7.8 HIGH |
| An out-of-bounds memory access flaw was found in the X.Org server. This issue can be triggered when a device frozen by a sync grab is reattached to a different master device. This issue may lead to an application crash, local privilege escalation (if the server runs with extended privileges), or remote code execution in SSH X11 forwarding environments. | |||||
| CVE-2023-5367 | 4 Debian, Fedoraproject, Redhat and 1 more | 12 Debian Linux, Fedora, Enterprise Linux and 9 more | 2025-08-04 | N/A | 7.8 HIGH |
| A out-of-bounds write flaw was found in the xorg-x11-server. This issue occurs due to an incorrect calculation of a buffer offset when copying data stored in the heap in the XIChangeDeviceProperty function in Xi/xiproperty.c and in RRChangeOutputProperty function in randr/rrproperty.c, allowing for possible escalation of privileges or denial of service. | |||||