Total
7380 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-38105 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2025-08-12 | N/A | 3.3 LOW |
| Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-21017. | |||||
| CVE-2025-54950 | 2025-08-12 | N/A | 9.8 CRITICAL | ||
| An out-of-bounds access vulnerability in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit b6b7a16df5e7852d976d8c34c8a7e9a1b6f7d005. | |||||
| CVE-2022-43656 | 1 Bentley | 1 View | 2025-08-12 | N/A | 5.5 MEDIUM |
| Bentley View FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. Crafted data in an FBX file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-18492. | |||||
| CVE-2025-42976 | 2025-08-12 | N/A | 8.1 HIGH | ||
| SAP NetWeaver Application Server ABAP (BIC Document) allows an authenticated attacker to craft a request that, when submitted to a BIC Document application, could cause a memory corruption error. On successful exploitation, this results in the crash of the target component. Multiple submissions can make the target completely unavailable. A similarly crafted submission can be used to perform an out-of-bounds read operation as well, revealing sensitive information that is loaded in memory at that time. There is no ability to modify any information. | |||||
| CVE-2025-40764 | 2025-08-12 | N/A | 7.8 HIGH | ||
| A vulnerability has been identified in Simcenter Femap V2406 (All versions < V2406.0003), Simcenter Femap V2412 (All versions < V2412.0002). The affected applications contains an out of bounds read vulnerability while parsing specially crafted BMP files. This could allow an attacker to execute code in the context of the current process. | |||||
| CVE-2024-30323 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2025-08-11 | N/A | 7.8 HIGH |
| Foxit PDF Reader template Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of template objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22501. | |||||
| CVE-2025-20234 | 2 Cisco, Clamav | 3 Secure Endpoint, Secure Endpoint Private Cloud, Clamav | 2025-08-11 | N/A | 5.3 MEDIUM |
| A vulnerability in Universal Disk Format (UDF) processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability by submitting a crafted file containing UDF content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software. For a description of this vulnerability, see the . | |||||
| CVE-2025-54637 | 1 Huawei | 2 Emui, Harmonyos | 2025-08-11 | N/A | 4.4 MEDIUM |
| Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2025-54633 | 1 Huawei | 1 Harmonyos | 2025-08-11 | N/A | 6.7 MEDIUM |
| Out-of-bounds read vulnerability in the register configuration of the DMA module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2023-33047 | 1 Qualcomm | 356 Ar8035, Ar8035 Firmware, Ar9380 and 353 more | 2025-08-11 | N/A | 7.5 HIGH |
| Transient DOS in WLAN Firmware while parsing no-inherit IES. | |||||
| CVE-2023-33065 | 1 Qualcomm | 208 Aqt1000, Aqt1000 Firmware, Ar8035 and 205 more | 2025-08-11 | N/A | 6.1 MEDIUM |
| Information disclosure in Audio while accessing AVCS services from ADSP payload. | |||||
| CVE-2025-27057 | 1 Qualcomm | 424 Ar8035, Ar8035 Firmware, Csr8811 and 421 more | 2025-08-11 | N/A | 7.5 HIGH |
| Transient DOS while handling beacon frames with invalid IE header length. | |||||
| CVE-2023-33098 | 1 Qualcomm | 526 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 523 more | 2025-08-11 | N/A | 7.5 HIGH |
| Transient DOS while parsing WPA IES, when it is passed with length more than expected size. | |||||
| CVE-2024-33048 | 1 Qualcomm | 378 Ar8035, Ar8035 Firmware, Csr8811 and 375 more | 2025-08-11 | N/A | 7.5 HIGH |
| Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame. | |||||
| CVE-2023-43533 | 1 Qualcomm | 476 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 473 more | 2025-08-11 | N/A | 7.5 HIGH |
| Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame. | |||||
| CVE-2024-45558 | 1 Qualcomm | 366 Ar8035, Ar8035 Firmware, Csr8811 and 363 more | 2025-08-11 | N/A | 7.5 HIGH |
| Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. | |||||
| CVE-2025-21446 | 1 Qualcomm | 480 Ar8035, Ar8035 Firmware, Ar9380 and 477 more | 2025-08-11 | N/A | 7.5 HIGH |
| Transient DOS may occur when processing vendor-specific information elements while parsing a WLAN frame for BTM requests. | |||||
| CVE-2025-21427 | 1 Qualcomm | 358 205 Mobile, 205 Mobile Firmware, 215 Mobile and 355 more | 2025-08-11 | N/A | 8.2 HIGH |
| Information disclosure while decoding this RTP packet Payload when UE receives the RTP packet from the network. | |||||
| CVE-2024-33057 | 1 Qualcomm | 342 Ar8035, Ar8035 Firmware, Csr8811 and 339 more | 2025-08-11 | N/A | 7.5 HIGH |
| Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location. | |||||
| CVE-2024-33050 | 1 Qualcomm | 514 Ar8035, Ar8035 Firmware, Ar9380 and 511 more | 2025-08-11 | N/A | 7.5 HIGH |
| Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper. | |||||