Total
12620 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-28586 | 1 Qualcomm | 626 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 623 more | 2025-08-11 | N/A | 6.0 MEDIUM |
| Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in TEE. | |||||
| CVE-2023-33092 | 1 Qualcomm | 190 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 187 more | 2025-08-11 | N/A | 8.4 HIGH |
| Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size. | |||||
| CVE-2023-43554 | 1 Qualcomm | 84 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 81 more | 2025-08-11 | N/A | 8.4 HIGH |
| Memory corruption while processing IOCTL handler in FastRPC. | |||||
| CVE-2023-28585 | 1 Qualcomm | 562 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 559 more | 2025-08-11 | N/A | 8.2 HIGH |
| Memory corruption while loading an ELF segment in TEE Kernel. | |||||
| CVE-2023-28550 | 1 Qualcomm | 670 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 667 more | 2025-08-11 | N/A | 7.8 HIGH |
| Memory corruption in MPP performance while accessing DSM watermark using external memory address. | |||||
| CVE-2024-21475 | 1 Qualcomm | 472 215 Mobile, 215 Mobile Firmware, 315 5g Iot Modem and 469 more | 2025-08-11 | N/A | 7.8 HIGH |
| Memory corruption when the payload received from firmware is not as per the expected protocol size. | |||||
| CVE-2025-8736 | 2025-08-08 | 4.3 MEDIUM | 5.3 MEDIUM | ||
| A vulnerability, which was classified as critical, has been found in GNU cflow up to 1.8. Affected by this issue is the function yylex of the file c.c of the component Lexer. The manipulation leads to buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2024-12752 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2025-08-08 | N/A | 7.8 HIGH |
| Foxit PDF Reader AcroForm Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25345. | |||||
| CVE-2025-7911 | 1 Dlink | 2 Di-8100, Di-8100 Firmware | 2025-08-08 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in D-Link DI-8100 1.0. This vulnerability affects the function sprintf of the file /upnp_ctrl.asp of the component jhttpd. The manipulation of the argument remove_ext_proto/remove_ext_port leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2025-0412 | 1 Luxion | 1 Keyshot | 2025-08-07 | N/A | 7.8 HIGH |
| Luxion KeyShot Viewer KSP File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of KSP files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22139. | |||||
| CVE-2023-38084 | 1 Tungstenautomation | 1 Power Pdf | 2025-08-07 | N/A | 7.8 HIGH |
| Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20490. | |||||
| CVE-2023-38082 | 1 Tungstenautomation | 1 Power Pdf | 2025-08-07 | N/A | 7.8 HIGH |
| Kofax Power PDF GIF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of GIF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20488. | |||||
| CVE-2025-33076 | 1 Ibm | 1 Engineering Systems Design Rhapsody | 2025-08-07 | N/A | 8.8 HIGH |
| IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system. | |||||
| CVE-2025-33077 | 1 Ibm | 1 Engineering Systems Design Rhapsody | 2025-08-07 | N/A | 8.8 HIGH |
| IBM Engineering Systems Design Rhapsody 9.0.2, 10.0, and 10.0.1 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local user could overflow the buffer and execute arbitrary code on the system. | |||||
| CVE-2025-8170 | 1 Totolink | 2 T6, T6 Firmware | 2025-08-07 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748_B20211015. This vulnerability affects the function tcpcheck_net of the file /router/meshSlaveDlfw of the component MQTT Packet Handler. The manipulation of the argument serverIp leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2023-37332 | 1 Tungstenautomation | 1 Power Pdf | 2025-08-07 | N/A | 7.8 HIGH |
| Kofax Power PDF PNG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PNG files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20388. | |||||
| CVE-2023-37333 | 1 Tungstenautomation | 1 Power Pdf | 2025-08-07 | N/A | 7.8 HIGH |
| Kofax Power PDF PCX File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PCX files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-20389. | |||||
| CVE-2023-42036 | 1 Tungstenautomation | 1 Power Pdf | 2025-08-07 | N/A | 7.8 HIGH |
| Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21582. | |||||
| CVE-2023-42037 | 1 Tungstenautomation | 1 Power Pdf | 2025-08-07 | N/A | 7.8 HIGH |
| Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-21583. | |||||
| CVE-2023-4235 | 2 Fedoraproject, Ofono Project | 2 Fedora, Ofono | 2025-08-07 | N/A | 8.1 HIGH |
| A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver_report() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_deliver_report(). | |||||