Search Results (22052 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-33064 1 Qualcomm 178 Aqt1000, Aqt1000 Firmware, Ar8035 and 175 more 2025-08-11 5.5 Medium
Transient DOS in Audio when invoking callback function of ASM driver.
CVE-2023-28547 1 Qualcomm 667 215 Mobile, 215 Mobile Firmware, 315 5g Iot and 664 more 2025-08-11 8.4 High
Memory corruption in SPS Application while requesting for public key in sorter TA.
CVE-2023-33035 1 Qualcomm 288 Apq5053-aa, Apq5053-aa Firmware, Ar8035 and 285 more 2025-08-11 7.8 High
Memory corruption while invoking callback function of AFE from ADSP.
CVE-2024-33054 1 Qualcomm 70 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 67 more 2025-08-11 7.8 High
Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine.
CVE-2023-33092 1 Qualcomm 190 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 187 more 2025-08-11 8.4 High
Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size.
CVE-2023-28563 1 Qualcomm 460 Aqt1000, Aqt1000 Firmware, Ar8031 and 457 more 2025-08-11 6.1 Medium
Information disclosure in IOE Firmware while handling WMI command.
CVE-2023-43520 1 Qualcomm 140 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 137 more 2025-08-11 8.6 High
Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE.
CVE-2023-43536 1 Qualcomm 618 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 615 more 2025-08-11 7.5 High
Transient DOS while parse fils IE with length equal to 1.
CVE-2023-28554 1 Qualcomm 296 Aqt1000, Aqt1000 Firmware, Ar9380 and 293 more 2025-08-11 6.1 Medium
Information Disclosure in Qualcomm IPC while reading values from shared memory in VM.
CVE-2025-2531 1 Luxion 1 Keyshot 2025-08-11 N/A
Luxion KeyShot DAE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of dae files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23704.
CVE-2023-46407 1 Ffmpeg 1 Ffmpeg 2025-08-11 5.5 Medium
FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function.
CVE-2025-26527 1 Moodle 1 Moodle 2025-08-08 5.3 Medium
Tags not expected to be visible to a user could still be discovered by them via the tag search page or in the tags block.
CVE-2024-30363 3 Apple, Foxit, Microsoft 4 Macos, Pdf Editor, Pdf Reader and 1 more 2025-08-08 5.5 Medium
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-23008.
CVE-2024-12093 1 Gitlab 1 Gitlab 2025-08-08 6.8 Medium
An issue has been discovered in GitLab CE/EE affecting all versions from 11.1 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Improper XPath validation allows modified SAML response to bypass 2FA requirement under specialized conditions.
CVE-2025-4979 1 Gitlab 1 Gitlab 2025-08-08 4.9 Medium
An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. An attacker may be able to reveal masked or hidden CI variables (that they did not author) in the WebUI, by simply creating their own variable and observing the HTTP response.
CVE-2025-1278 1 Gitlab 1 Gitlab 2025-08-08 5.3 Medium
An issue has been discovered in GitLab CE/EE affecting all versions from 12.0 before 17.9.8, 17.10 before 17.10.6, and 17.11 before 17.11.2. Under certain conditions users could bypass IP access restrictions and view sensitive information.
CVE-2024-30364 2 Foxit, Microsoft 3 Pdf Editor, Pdf Reader, Windows 2025-08-08 N/A
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-23009.
CVE-2024-30350 2 Foxit, Microsoft 3 Pdf Editor, Pdf Reader, Windows 2025-08-08 N/A
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22708.
CVE-2024-30353 2 Foxit, Microsoft 3 Pdf Editor, Pdf Reader, Windows 2025-08-08 N/A
Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22807.
CVE-2024-30356 2 Foxit, Microsoft 3 Pdf Editor, Pdf Reader, Windows 2025-08-08 N/A
Foxit PDF Reader AcroForm Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects in AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22811.