Search Results (14569 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-28580 1 Qualcomm 88 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 85 more 2025-08-11 6.7 Medium
Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache.
CVE-2023-24851 1 Qualcomm 382 Ar8035, Ar8035 Firmware, Csr8811 and 379 more 2025-08-11 7.8 High
Memory Corruption in WLAN HOST while parsing QMI response message from firmware.
CVE-2023-28545 1 Qualcomm 408 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 405 more 2025-08-11 8.2 High
Memory corruption in TZ Secure OS while loading an app ELF.
CVE-2023-28550 1 Qualcomm 670 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 667 more 2025-08-11 7.8 High
Memory corruption in MPP performance while accessing DSM watermark using external memory address.
CVE-2023-28551 1 Qualcomm 496 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 493 more 2025-08-11 7.8 High
Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.
CVE-2023-21633 1 Qualcomm 194 Apq8064au, Apq8064au Firmware, Aqt1000 and 191 more 2025-08-11 6.7 Medium
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage request.
CVE-2023-28578 1 Qualcomm 680 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 677 more 2025-08-11 9.3 Critical
Memory corruption in Core Services while executing the command for removing a single event listener.
CVE-2023-43513 1 Qualcomm 534 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 531 more 2025-08-11 7.8 High
Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element.
CVE-2023-22386 1 Qualcomm 402 215, 215 Firmware, Ar8035 and 399 more 2025-08-11 7.8 High
Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory.
CVE-2023-33028 1 Qualcomm 352 Ar8035, Ar8035 Firmware, Ar9380 and 349 more 2025-08-11 9.8 Critical
Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.
CVE-2023-33113 1 Qualcomm 254 Ar8035, Ar8035 Firmware, Csra6620 and 251 more 2025-08-11 8.4 High
Memory corruption when resource manager sends the host kernel a reply message with multiple fragments.
CVE-2024-33054 1 Qualcomm 70 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 67 more 2025-08-11 7.8 High
Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine.
CVE-2024-33045 1 Qualcomm 385 Ar8035, Ar8035 Firmware, Csra6620 and 382 more 2025-08-11 8.4 High
Memory corruption when BTFM client sends new messages over Slimbus to ADSP.
CVE-2024-33042 1 Qualcomm 456 205, 205 Firmware, 215 and 453 more 2025-08-11 7.8 High
Memory corruption when Alternative Frequency offset value is set to 255.
CVE-2024-33041 1 Qualcomm 70 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 67 more 2025-08-11 6.7 Medium
Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls,
CVE-2024-33038 1 Qualcomm 96 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 93 more 2025-08-11 7.8 High
Memory corruption while passing untrusted/corrupted pointers from DSP to EVA.
CVE-2025-2531 1 Luxion 1 Keyshot 2025-08-11 N/A
Luxion KeyShot DAE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of dae files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23704.
CVE-2023-47470 1 Ffmpeg 1 Ffmpeg 2025-08-11 7.8 High
Buffer Overflow vulnerability in Ffmpeg before github commit 4565747056a11356210ed8edcecb920105e40b60 allows a remote attacker to achieve an out-of-array write, execute arbitrary code, and cause a denial of service (DoS) via the ref_pic_list_struct function in libavcodec/evc_ps.c
CVE-2023-50227 1 Parallels 1 Parallels Desktop 2025-08-08 N/A
Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parallels Desktop. User interaction is required to exploit this vulnerability in that the target in a guest system must visit a malicious page or open a malicious file. The specific flaw exists within the virtio-gpu virtual device. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the hypervisor. . Was ZDI-CAN-21260.
CVE-2024-30348 3 Apple, Foxit, Microsoft 4 Macos, Pdf Editor, Pdf Reader and 1 more 2025-08-08 N/A
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22911.