Export limit exceeded: 23212 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Search Results (23212 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-33077 1 Qualcomm 192 Aqt1000, Aqt1000 Firmware, Ar8035 and 189 more 2025-08-11 6.7 Medium
Memory corruption in HLOS while converting from authorization token to HIDL vector.
CVE-2023-43519 1 Qualcomm 268 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 265 more 2025-08-11 7.3 High
Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size.
CVE-2023-43520 1 Qualcomm 140 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 137 more 2025-08-11 8.6 High
Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE.
CVE-2023-43527 1 Qualcomm 108 Fastconnect 6800, Fastconnect 6800 Firmware, Fastconnect 6900 and 105 more 2025-08-11 6.8 Medium
Information disclosure while parsing dts header atom in Video.
CVE-2023-43528 1 Qualcomm 182 Ar8035, Ar8035 Firmware, C-v2x 9150 and 179 more 2025-08-11 6.1 Medium
Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size.
CVE-2023-43533 1 Qualcomm 476 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 473 more 2025-08-11 7.5 High
Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame.
CVE-2023-43536 1 Qualcomm 618 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 615 more 2025-08-11 7.5 High
Transient DOS while parse fils IE with length equal to 1.
CVE-2023-43537 1 Qualcomm 224 Ar8035, Ar8035 Firmware, Csr8811 and 221 more 2025-08-11 6.5 Medium
Information disclosure while handling T2LM Action Frame in WLAN Host.
CVE-2023-43542 1 Qualcomm 418 9205 Lte Modem, 9205 Lte Modem Firmware, Aqt1000 and 415 more 2025-08-11 7.8 High
Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked.
CVE-2023-43555 1 Qualcomm 238 215 Mobile, 215 Mobile Firmware, Aqt1000 and 235 more 2025-08-11 8.2 High
Information disclosure in Video while parsing mp2 clip with invalid section length.
CVE-2023-22385 1 Qualcomm 482 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 479 more 2025-08-11 8.2 High
Memory Corruption in Data Modem while making a MO call or MT VOLTE call.
CVE-2023-28541 1 Qualcomm 426 Aqt1000, Aqt1000 Firmware, Ar8031 and 423 more 2025-08-11 7.8 High
Memory Corruption in Data Modem while processing DMA buffer release event about CFR data.
CVE-2025-2531 1 Luxion 1 Keyshot 2025-08-11 N/A
Luxion KeyShot DAE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of dae files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23704.
CVE-2023-46407 1 Ffmpeg 1 Ffmpeg 2025-08-11 5.5 Medium
FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function.
CVE-2025-26527 1 Moodle 1 Moodle 2025-08-08 5.3 Medium
Tags not expected to be visible to a user could still be discovered by them via the tag search page or in the tags block.
CVE-2024-30363 3 Apple, Foxit, Microsoft 4 Macos, Pdf Editor, Pdf Reader and 1 more 2025-08-08 5.5 Medium
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-23008.
CVE-2024-12093 1 Gitlab 1 Gitlab 2025-08-08 6.8 Medium
An issue has been discovered in GitLab CE/EE affecting all versions from 11.1 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Improper XPath validation allows modified SAML response to bypass 2FA requirement under specialized conditions.
CVE-2025-4979 1 Gitlab 1 Gitlab 2025-08-08 4.9 Medium
An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. An attacker may be able to reveal masked or hidden CI variables (that they did not author) in the WebUI, by simply creating their own variable and observing the HTTP response.
CVE-2025-1278 1 Gitlab 1 Gitlab 2025-08-08 5.3 Medium
An issue has been discovered in GitLab CE/EE affecting all versions from 12.0 before 17.9.8, 17.10 before 17.10.6, and 17.11 before 17.11.2. Under certain conditions users could bypass IP access restrictions and view sensitive information.
CVE-2024-30364 2 Foxit, Microsoft 3 Pdf Editor, Pdf Reader, Windows 2025-08-08 N/A
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-23009.