Total
13150 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-21633 | 1 Qualcomm | 194 Apq8064au, Apq8064au Firmware, Aqt1000 and 191 more | 2025-08-11 | N/A | 6.7 MEDIUM |
| Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request. | |||||
| CVE-2024-23369 | 1 Qualcomm | 236 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 233 more | 2025-08-11 | N/A | 7.8 HIGH |
| Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers. | |||||
| CVE-2023-43554 | 1 Qualcomm | 84 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 81 more | 2025-08-11 | N/A | 8.4 HIGH |
| Memory corruption while processing IOCTL handler in FastRPC. | |||||
| CVE-2023-28586 | 1 Qualcomm | 626 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 623 more | 2025-08-11 | N/A | 6.0 MEDIUM |
| Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. | |||||
| CVE-2024-21455 | 1 Qualcomm | 40 Qam8295p, Qam8295p Firmware, Qca6584au and 37 more | 2025-08-11 | N/A | 7.8 HIGH |
| Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver. | |||||
| CVE-2024-21481 | 1 Qualcomm | 332 Aqt1000, Aqt1000 Firmware, Ar8035 and 329 more | 2025-08-11 | N/A | 8.4 HIGH |
| Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager. | |||||
| CVE-2023-33092 | 1 Qualcomm | 190 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 187 more | 2025-08-11 | N/A | 8.4 HIGH |
| Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size. | |||||
| CVE-2023-33106 | 1 Qualcomm | 306 Ar8035, Ar8035 Firmware, Csra6620 and 303 more | 2025-08-11 | N/A | 8.4 HIGH |
| Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. | |||||
| CVE-2023-28551 | 1 Qualcomm | 496 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 493 more | 2025-08-11 | N/A | 7.8 HIGH |
| Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments. | |||||
| CVE-2023-43534 | 1 Qualcomm | 132 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 129 more | 2025-08-11 | N/A | 8.6 HIGH |
| Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point. | |||||
| CVE-2023-28545 | 1 Qualcomm | 408 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 405 more | 2025-08-11 | N/A | 8.2 HIGH |
| Memory corruption in TZ Secure OS while loading an app ELF. | |||||
| CVE-2023-28587 | 1 Qualcomm | 380 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 377 more | 2025-08-11 | N/A | 7.8 HIGH |
| Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level. | |||||
| CVE-2025-8736 | 2025-08-08 | 4.3 MEDIUM | 5.3 MEDIUM | ||
| A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-12752 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2025-08-08 | N/A | 7.8 HIGH |
| Foxit PDF Reader AcroForm Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25345. | |||||
| CVE-2025-7911 | 1 Dlink | 2 Di-8100, Di-8100 Firmware | 2025-08-08 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in D-Link DI-8100 1.0. This vulnerability affects the function sprintf of the file /upnp_ctrl.asp of the component jhttpd. The manipulation of the argument remove_ext_proto/remove_ext_port leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-0412 | 1 Luxion | 1 Keyshot | 2025-08-07 | N/A | 7.8 HIGH |
| Luxion KeyShot Viewer KSP File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of KSP files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22139. | |||||
| CVE-2023-38084 | 1 Tungstenautomation | 1 Power Pdf | 2025-08-07 | N/A | 7.8 HIGH |
| Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20490. | |||||
| CVE-2023-38082 | 1 Tungstenautomation | 1 Power Pdf | 2025-08-07 | N/A | 7.8 HIGH |
| Kofax Power PDF GIF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GIF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20488. | |||||
| CVE-2025-33076 | 1 Ibm | 1 Engineering Systems Design Rhapsody | 2025-08-07 | N/A | 8.8 HIGH |
| IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system. | |||||
| CVE-2025-33077 | 1 Ibm | 1 Engineering Systems Design Rhapsody | 2025-08-07 | N/A | 8.8 HIGH |
| IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system. | |||||