Total
43 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-54623 | 1 Huawei | 1 Harmonyos | 2025-08-20 | N/A | 6.3 MEDIUM |
| Out-of-bounds read vulnerability in the devicemanager module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2025-21442 | 1 Qualcomm | 52 Qam8255p, Qam8255p Firmware, Qam8295p and 49 more | 2025-08-19 | N/A | 7.8 HIGH |
| Memory corruption while transmitting packet mapping information with invalid header payload size. | |||||
| CVE-2025-20263 | 2025-08-15 | N/A | 8.6 HIGH | ||
| A vulnerability in the web services interface of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. This vulnerability is due to insufficient boundary checks for specific data that is provided to the web services interface of an affected system. An attacker could exploit this vulnerability by sending a crafted HTTP request to the affected system. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected system, which could cause the system to reload, resulting in a denial of service (DoS) condition. | |||||
| CVE-2025-23326 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Triton Inference Server | 2025-08-12 | N/A | 7.5 HIGH |
| NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability where an attacker could cause an integer overflow through a specially crafted input. A successful exploit of this vulnerability might lead to denial of service. | |||||
| CVE-2023-33018 | 1 Qualcomm | 526 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 523 more | 2025-08-11 | N/A | 7.8 HIGH |
| Memory corruption while using the UIM diag command to get the operators name. | |||||
| CVE-2023-33022 | 1 Qualcomm | 424 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq5053-aa and 421 more | 2025-08-11 | N/A | 8.4 HIGH |
| Memory corruption in HLOS while invoking IOCTL calls from user-space. | |||||
| CVE-2023-28585 | 1 Qualcomm | 562 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 559 more | 2025-08-11 | N/A | 8.2 HIGH |
| Memory corruption while loading an ELF segment in TEE Kernel. | |||||
| CVE-2025-54952 | 2025-08-08 | N/A | 9.8 CRITICAL | ||
| An integer overflow vulnerability in the loading of ExecuTorch models can cause smaller-than-expected memory regions to be allocated, potentially resulting in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit 8f062d3f661e20bb19b24b767b9a9a46e8359f2b. | |||||
| CVE-2025-53630 | 2025-07-15 | N/A | N/A | ||
| llama.cpp is an inference of several LLM models in C/C++. Integer Overflow in the gguf_init_from_file_impl function in ggml/src/gguf.cpp can lead to Heap Out-of-Bounds Read/Write. This vulnerability is fixed in commit 26a48ad699d50b6268900062661bd22f3e792579. | |||||
| CVE-2025-32023 | 2025-07-08 | N/A | 7.0 HIGH | ||
| Redis is an open source, in-memory database that persists on disk. From 2.8 to before 8.0.3, 7.4.5, 7.2.10, and 6.2.19, an authenticated user may use a specially crafted string to trigger a stack/heap out of bounds write on hyperloglog operations, potentially leading to remote code execution. The bug likely affects all Redis versions with hyperloglog operations implemented. This vulnerability is fixed in 8.0.3, 7.4.5, 7.2.10, and 6.2.19. An additional workaround to mitigate the problem without patching the redis-server executable is to prevent users from executing hyperloglog operations. This can be done using ACL to restrict HLL commands. | |||||
| CVE-2024-48877 | 2025-06-02 | N/A | 8.4 HIGH | ||
| A memory corruption vulnerability exists in the Shared String Table Record Parser implementation in xls2csv utility version 0.95. A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2024-58107 | 1 Huawei | 1 Harmonyos | 2025-05-07 | N/A | 7.5 HIGH |
| Buffer overflow vulnerability in the codec module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-24478 | 1 Wireshark | 1 Wireshark | 2025-04-14 | N/A | 7.5 HIGH |
| An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected. | |||||
| CVE-2024-2608 | 2 Debian, Mozilla | 3 Debian Linux, Firefox, Thunderbird | 2025-04-01 | N/A | 8.4 HIGH |
| `AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. | |||||
| CVE-2024-55626 | 1 Oisf | 1 Suricata | 2025-03-31 | N/A | 3.3 LOW |
| Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large BPF filter file provided to Suricata at startup can lead to a buffer overflow at Suricata startup. The issue has been addressed in Suricata 7.0.8. | |||||
| CVE-2024-57956 | 1 Huawei | 1 Harmonyos | 2025-03-17 | N/A | 2.8 LOW |
| Out-of-bounds read vulnerability in the interpreter string module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2022-36765 | 1 Tianocore | 1 Edk2 | 2025-02-13 | N/A | 7.0 HIGH |
| EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability. | |||||
| CVE-2024-21454 | 1 Qualcomm | 6 Auto 4g Modem, Auto 4g Modem Firmware, Auto 5g Modem-rf and 3 more | 2025-01-13 | N/A | 7.5 HIGH |
| Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics. | |||||
| CVE-2024-21470 | 1 Qualcomm | 66 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 63 more | 2025-01-13 | N/A | 8.4 HIGH |
| Memory corruption while allocating memory for graphics. | |||||
| CVE-2024-56451 | 1 Huawei | 1 Harmonyos | 2025-01-13 | N/A | 7.3 HIGH |
| Integer overflow vulnerability during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | |||||