Search Results (23211 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-33065 1 Qualcomm 208 Aqt1000, Aqt1000 Firmware, Ar8035 and 205 more 2025-08-11 6.1 Medium
Information disclosure in Audio while accessing AVCS services from ADSP payload.
CVE-2023-33098 1 Qualcomm 526 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 523 more 2025-08-11 7.5 High
Transient DOS while parsing WPA IES, when it is passed with length more than expected size.
CVE-2023-33112 1 Qualcomm 255 Ar8035, Ar8035 Firmware, Csra6620 and 252 more 2025-08-11 7.5 High
Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element.
CVE-2023-33087 1 Qualcomm 236 Apq5053-aa, Apq5053-aa Firmware, Ar8035 and 233 more 2025-08-11 7.8 High
Memory corruption in Core while processing RX intent request.
CVE-2023-33064 1 Qualcomm 178 Aqt1000, Aqt1000 Firmware, Ar8035 and 175 more 2025-08-11 5.5 Medium
Transient DOS in Audio when invoking callback function of ASM driver.
CVE-2023-33069 1 Qualcomm 226 9206 Lte Modem, 9206 Lte Modem Firmware, Aqt1000 and 223 more 2025-08-11 6.7 Medium
Memory corruption in Audio while processing the calibration data returned from ACDB loader.
CVE-2023-33085 1 Qualcomm 210 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 207 more 2025-08-11 7.8 High
Memory corruption in wearables while processing data from AON.
CVE-2023-33068 1 Qualcomm 226 9206 Lte Modem, 9206 Lte Modem Firmware, Aqt1000 and 223 more 2025-08-11 6.7 Medium
Memory corruption in Audio while processing IIR config data from AFE calibration block.
CVE-2023-33080 1 Qualcomm 733 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 730 more 2025-08-11 7.5 High
Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame.
CVE-2023-33062 1 Qualcomm 580 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 577 more 2025-08-11 7.5 High
Transient DOS in WLAN Firmware while parsing a BTM request.
CVE-2023-33077 1 Qualcomm 192 Aqt1000, Aqt1000 Firmware, Ar8035 and 189 more 2025-08-11 6.7 Medium
Memory corruption in HLOS while converting from authorization token to HIDL vector.
CVE-2025-2531 1 Luxion 1 Keyshot 2025-08-11 N/A
Luxion KeyShot DAE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of dae files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23704.
CVE-2023-46407 1 Ffmpeg 1 Ffmpeg 2025-08-11 5.5 Medium
FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function.
CVE-2025-26527 1 Moodle 1 Moodle 2025-08-08 5.3 Medium
Tags not expected to be visible to a user could still be discovered by them via the tag search page or in the tags block.
CVE-2024-30363 3 Apple, Foxit, Microsoft 4 Macos, Pdf Editor, Pdf Reader and 1 more 2025-08-08 5.5 Medium
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-23008.
CVE-2024-12093 1 Gitlab 1 Gitlab 2025-08-08 6.8 Medium
An issue has been discovered in GitLab CE/EE affecting all versions from 11.1 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Improper XPath validation allows modified SAML response to bypass 2FA requirement under specialized conditions.
CVE-2025-4979 1 Gitlab 1 Gitlab 2025-08-08 4.9 Medium
An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. An attacker may be able to reveal masked or hidden CI variables (that they did not author) in the WebUI, by simply creating their own variable and observing the HTTP response.
CVE-2025-1278 1 Gitlab 1 Gitlab 2025-08-08 5.3 Medium
An issue has been discovered in GitLab CE/EE affecting all versions from 12.0 before 17.9.8, 17.10 before 17.10.6, and 17.11 before 17.11.2. Under certain conditions users could bypass IP access restrictions and view sensitive information.
CVE-2024-30364 2 Foxit, Microsoft 3 Pdf Editor, Pdf Reader, Windows 2025-08-08 N/A
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-23009.
CVE-2024-30350 2 Foxit, Microsoft 3 Pdf Editor, Pdf Reader, Windows 2025-08-08 N/A
Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22708.