Total
461 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-21447 | 1 Qualcomm | 16 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 13 more | 2025-08-20 | N/A | 7.8 HIGH |
| Memory corruption may occur while processing device IO control call for session control. | |||||
| CVE-2025-21423 | 1 Qualcomm | 90 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 87 more | 2025-08-19 | N/A | 7.8 HIGH |
| Memory corruption occurs when handling client calls to EnableTestMode through an Escape call. | |||||
| CVE-2025-27067 | 1 Qualcomm | 16 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 13 more | 2025-08-18 | N/A | 7.8 HIGH |
| Memory corruption while processing DDI call with invalid buffer. | |||||
| CVE-2025-27075 | 1 Qualcomm | 72 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 69 more | 2025-08-18 | N/A | 7.8 HIGH |
| Memory corruption while processing IOCTL command with larger buffer in Bluetooth Host. | |||||
| CVE-2025-54645 | 1 Huawei | 1 Harmonyos | 2025-08-13 | N/A | 5.0 MEDIUM |
| Out-of-bounds array access issue due to insufficient data verification in the location service module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2025-54610 | 1 Huawei | 1 Harmonyos | 2025-08-12 | N/A | 5.4 MEDIUM |
| Out-of-bounds access vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2023-33053 | 1 Qualcomm | 234 Csr8811, Csr8811 Firmware, Immersive Home 214 Platform and 231 more | 2025-08-11 | N/A | 8.4 HIGH |
| Memory corruption in Kernel while parsing metadata. | |||||
| CVE-2023-24850 | 1 Qualcomm | 412 Apq5053-aa, Apq5053-aa Firmware, Apq8017 and 409 more | 2025-08-11 | N/A | 7.8 HIGH |
| Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application. | |||||
| CVE-2024-53009 | 1 Qualcomm | 378 Aqt1000, Aqt1000 Firmware, Ar8035 and 375 more | 2025-08-11 | N/A | 5.3 MEDIUM |
| Memory corruption while operating the mailbox in Automotive. | |||||
| CVE-2024-53014 | 1 Qualcomm | 502 215, 215 Firmware, 315 5g Iot Modem and 499 more | 2025-08-11 | N/A | 7.8 HIGH |
| Memory corruption may occur while validating ports and channels in Audio driver. | |||||
| CVE-2023-33111 | 1 Qualcomm | 172 Ar8035, Ar8035 Firmware, C-v2x 9150 and 169 more | 2025-08-11 | N/A | 5.5 MEDIUM |
| Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command. | |||||
| CVE-2025-54650 | 2025-08-06 | N/A | 4.2 MEDIUM | ||
| Improper array index verification vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect the audio decoding function. | |||||
| CVE-2024-29231 | 1 Synology | 2 Diskstation Manager, Surveillance Station | 2025-08-04 | N/A | 5.4 MEDIUM |
| Improper validation of array index vulnerability in UserPrivilege.Enum webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain non-sensitive information and conduct limited denial-of-service attacks via unspecified vectors. | |||||
| CVE-2025-23278 | 2025-08-04 | N/A | 7.1 HIGH | ||
| NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker might cause an improper index validation by issuing a call with crafted parameters. A successful exploit of this vulnerability might lead to data tampering or denial of service. | |||||
| CVE-2023-52728 | 1 Linuxfoundation | 1 Onos-lib-go | 2025-07-14 | N/A | 5.5 MEDIUM |
| Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index out-of-range condition in putBitString. | |||||
| CVE-2025-5866 | 1 Rt-thread | 1 Rt-thread | 2025-07-11 | 7.4 HIGH | 8.0 HIGH |
| A vulnerability classified as critical has been found in RT-Thread 5.1.0. This affects the function sys_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validation of array index. | |||||
| CVE-2025-5868 | 1 Rt-thread | 1 Rt-thread | 2025-07-11 | 7.4 HIGH | 8.0 HIGH |
| A vulnerability, which was classified as critical, has been found in RT-Thread 5.1.0. This issue affects the function sys_thread_sigprocmask of the file rt-thread/components/lwp/lwp_syscall.c. The manipulation of the argument how leads to improper validation of array index. | |||||
| CVE-2024-35164 | 1 Apache | 1 Guacamole | 2025-07-09 | N/A | 6.8 MEDIUM |
| The terminal emulator of Apache Guacamole 1.5.5 and older does not properly validate console codes received from servers via text-based protocols like SSH. If a malicious user has access to a text-based connection, a specially-crafted sequence of console codes could allow arbitrary code to be executed with the privileges of the running guacd process. Users are recommended to upgrade to version 1.6.0, which fixes this issue. | |||||
| CVE-2023-27349 | 1 Bluez | 1 Bluez | 2025-07-08 | N/A | 8.0 HIGH |
| BlueZ Audio Profile AVRCP Improper Validation of Array Index Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code via Bluetooth on affected installations of BlueZ. User interaction is required to exploit this vulnerability in that the target must connect to a malicious device. The specific flaw exists within the handling of the AVRCP protocol. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19908. | |||||
| CVE-2024-47249 | 1 Apache | 1 Nimble | 2025-07-08 | N/A | 5.0 MEDIUM |
| Improper Validation of Array Index vulnerability in Apache NimBLE. Lack of input validation for HCI events from controller could result in out-of-bound memory corruption and crash. This issue requires broken or bogus Bluetooth controller and thus severity is considered low. This issue affects Apache NimBLE: through 1.7.0. Users are recommended to upgrade to version 1.8.0, which fixes the issue. | |||||