Total
32389 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-53186 | 1 Huawei | 2 Emui, Harmonyos | 2025-08-12 | 5.9 Medium |
| Vulnerability that allows third-party call apps to send broadcasts without verification in the audio framework module Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2025-53178 | 1 Huawei | 2 Emui, Harmonyos | 2025-08-12 | 4.8 Medium |
| Permission bypass vulnerability in the calendar storage module Impact: Successful exploitation of this vulnerability may affect the schedule reminder function of head units. | ||||
| CVE-2025-53177 | 1 Huawei | 2 Emui, Harmonyos | 2025-08-12 | 3.9 Low |
| Permission bypass vulnerability in the calendar storage module Impact: Successful exploitation of this vulnerability may affect the schedule syncing function of watches. | ||||
| CVE-2025-53168 | 1 Huawei | 1 Harmonyos | 2025-08-12 | 5.7 Medium |
| Vulnerability of bypassing the process to start SA and use related functions on distributed cameras Impact: Successful exploitation of this vulnerability may allow the peer device to use the camera without user awareness. | ||||
| CVE-2025-5982 | 1 Gitlab | 1 Gitlab | 2025-08-12 | 3.7 Low |
| An issue has been discovered in GitLab EE affecting all versions from 12.0 before 17.10.8, 17.11 before 17.11.4, and 18.0 before 18.0.2. Under certain conditions users could bypass IP access restrictions and view sensitive information. | ||||
| CVE-2025-8279 | 1 Gitlab | 2 Gitlab-language-server, Language Server | 2025-08-11 | 8.7 High |
| Insufficient input validation within GitLab Language Server 7.6.0 and later before 7.30.0 allows arbitrary GraphQL query execution | ||||
| CVE-2025-49591 | 1 Xwiki | 1 Cryptpad | 2025-08-11 | 9.1 Critical |
| CryptPad is a collaboration suite. Prior to version 2025.3.0, enforcement of Two-Factor Authentication (2FA) in CryptPad can be trivially bypassed, due to weak implementation of access controls. An attacker that compromises a user's credentials can gain access to the victim's account, even if the victim has 2FA set up. This is due to 2FA not being enforced if the path parameter is not 44 characters long, which can be bypassed by simply URL encoding a single character in the path. This issue has been patched in version 2025.3.0. | ||||
| CVE-2021-1425 | 1 Cisco | 10 Asyncos, Content Security Management Appliance Sma M190, Content Security Management Appliance Sma M195 and 7 more | 2025-08-11 | 4.3 Medium |
| A vulnerability in the web-based management interface of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an authenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because confidential information is being included in HTTP requests that are exchanged between the user and the device. An attacker could exploit this vulnerability by looking at the raw HTTP requests that are sent to the interface. A successful exploit could allow the attacker to obtain some of the passwords that are configured throughout the interface.Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. | ||||
| CVE-2024-21453 | 1 Qualcomm | 26 C-v2x 9150, C-v2x 9150 Firmware, Qcs410 and 23 more | 2025-08-11 | 7.5 High |
| Transient DOS while decoding message of size that exceeds the available system memory. | ||||
| CVE-2024-43051 | 1 Qualcomm | 488 Aqt1000, Aqt1000 Firmware, Ar8031 and 485 more | 2025-08-11 | 5.5 Medium |
| Information disclosure while deriving keys for a session for any Widevine use case. | ||||
| CVE-2023-33112 | 1 Qualcomm | 255 Ar8035, Ar8035 Firmware, Csra6620 and 252 more | 2025-08-11 | 7.5 High |
| Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element. | ||||
| CVE-2023-24848 | 1 Qualcomm | 488 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9206 Lte Modem and 485 more | 2025-08-11 | 8.2 High |
| Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value. | ||||
| CVE-2023-21631 | 1 Qualcomm | 320 205, 205 Firmware, 215 and 317 more | 2025-08-11 | 7.5 High |
| Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from network. | ||||
| CVE-2023-24849 | 1 Qualcomm | 476 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9206 Lte Modem and 473 more | 2025-08-11 | 8.2 High |
| Information Disclosure in data Modem while parsing an FMTP line in an SDP message. | ||||
| CVE-2023-28556 | 1 Qualcomm | 452 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 449 more | 2025-08-11 | 7.1 High |
| Cryptographic issue in HLOS during key management. | ||||
| CVE-2023-28566 | 1 Qualcomm | 250 Aqt1000, Aqt1000 Firmware, Csrb31024 and 247 more | 2025-08-11 | 6.1 Medium |
| Information disclosure in WLAN HAL while handling the WMI state info command. | ||||
| CVE-2023-28569 | 1 Qualcomm | 416 Aqt1000, Aqt1000 Firmware, Ar9380 and 413 more | 2025-08-11 | 6.1 Medium |
| Information disclosure in WLAN HAL while handling command through WMI interfaces. | ||||
| CVE-2023-21671 | 1 Qualcomm | 48 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 45 more | 2025-08-11 | 9.3 Critical |
| Memory Corruption in Core during syscall for Sectools Fuse comparison feature. | ||||
| CVE-2023-28554 | 1 Qualcomm | 296 Aqt1000, Aqt1000 Firmware, Ar9380 and 293 more | 2025-08-11 | 6.1 Medium |
| Information Disclosure in Qualcomm IPC while reading values from shared memory in VM. | ||||
| CVE-2023-28563 | 1 Qualcomm | 460 Aqt1000, Aqt1000 Firmware, Ar8031 and 457 more | 2025-08-11 | 6.1 Medium |
| Information disclosure in IOE Firmware while handling WMI command. | ||||