Total
3844 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-43542 | 1 Qualcomm | 418 9205 Lte Modem, 9205 Lte Modem Firmware, Aqt1000 and 415 more | 2025-08-11 | 7.8 High |
| Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked. | ||||
| CVE-2024-33054 | 1 Qualcomm | 70 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 67 more | 2025-08-11 | 7.8 High |
| Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine. | ||||
| CVE-2023-33055 | 1 Qualcomm | 304 Apq5053-aa, Apq5053-aa Firmware, Aqt1000 and 301 more | 2025-08-11 | 7.8 High |
| Memory Corruption in Audio while invoking callback function in driver from ADSP. | ||||
| CVE-2023-33023 | 1 Qualcomm | 636 215 Mobile, 215 Mobile Firmware, 315 5g Iot and 633 more | 2025-08-11 | 8.4 High |
| Memory corruption while processing finish_sign command to pass a rsp buffer. | ||||
| CVE-2023-43519 | 1 Qualcomm | 268 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 265 more | 2025-08-11 | 7.3 High |
| Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size. | ||||
| CVE-2023-33092 | 1 Qualcomm | 190 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 187 more | 2025-08-11 | 8.4 High |
| Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size. | ||||
| CVE-2023-33077 | 1 Qualcomm | 192 Aqt1000, Aqt1000 Firmware, Ar8035 and 189 more | 2025-08-11 | 6.7 Medium |
| Memory corruption in HLOS while converting from authorization token to HIDL vector. | ||||
| CVE-2023-43556 | 1 Qualcomm | 136 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 133 more | 2025-08-11 | 9.3 Critical |
| Memory corruption in Hypervisor when platform information mentioned is not aligned. | ||||
| CVE-2025-2017 | 1 Ashlar | 1 Cobalt | 2025-08-08 | N/A |
| Ashlar-Vellum Cobalt CO File Parsing Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25240. | ||||
| CVE-2025-5222 | 2 Redhat, Unicode | 5 Enterprise Linux, Openshift, Rhel E4s and 2 more | 2025-08-08 | 7 High |
| A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution. | ||||
| CVE-2012-10035 | 1 Turbosoft | 1 Turboftp | 2025-08-07 | N/A |
| Turbo FTP Server versions 1.30.823 and 1.30.826 contain a buffer overflow vulnerability in the handling of the PORT command. By sending a specially crafted payload, an unauthenticated remote attacker can overwrite memory structures and execute arbitrary code with SYSTEM privileges. | ||||
| CVE-2024-52059 | 1 Rti | 1 Connext Professional | 2025-08-07 | N/A |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Heap-based Buffer Overflow, Integer Overflow or Wraparound vulnerability in RTI Connext Professional (Security Plugins) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.0 before 6.1.2.17. | ||||
| CVE-2025-8170 | 1 Totolink | 2 T6, T6 Firmware | 2025-08-07 | 8.8 High |
| A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748_B20211015. This vulnerability affects the function tcpcheck_net of the file /router/meshSlaveDlfw of the component MQTT Packet Handler. The manipulation of the argument serverIp leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2024-5305 | 1 Tungstenautomation | 1 Power Pdf | 2025-08-06 | 7.8 High |
| Kofax Power PDF PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22921. | ||||
| CVE-2025-36557 | 1 F5 | 14 Big-ip, Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager and 11 more | 2025-08-06 | 7.5 High |
| When an HTTP profile with the Enforce RFC Compliance option is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2013-1424 | 1 Debian | 1 Matplotlib | 2025-08-06 | 5.6 Medium |
| Buffer overflow vulnerability in matplotlib.This issue affects matplotlib: before upstream commit ba4016014cb4fb4927e36ce8ea429fed47dcb787. | ||||
| CVE-2015-0843 | 1 Debian | 1 Yubiserver | 2025-08-06 | 9.8 Critical |
| yubiserver before 0.6 is prone to buffer overflows due to misuse of sprintf. | ||||
| CVE-2024-5243 | 2 Tp-link, Tp Link | 3 Omada Er605, Omada Er605 Firmware, Omada Er605 | 2025-08-06 | 7.5 High |
| TP-Link Omada ER605 Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Omada ER605 routers. Authentication is not required to exploit this vulnerability. However, devices are vulnerable only if configured to use the Comexe DDNS service. The specific flaw exists within the handling of DNS names. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-22523. | ||||
| CVE-2025-8160 | 1 Tenda | 2 Ac20, Ac20 Firmware | 2025-08-05 | 8.8 High |
| A vulnerability classified as critical has been found in Tenda AC20 up to 16.03.08.12. Affected is an unknown function of the file /goform/SetSysTimeCfg of the component httpd. The manipulation of the argument timeZone leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2025-8180 | 1 Tenda | 2 Ch22, Ch22 Firmware | 2025-08-05 | 8.8 High |
| A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. Affected by this issue is the function formdeleteUserName of the file /goform/deleteUserName. The manipulation of the argument old_account leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | ||||