Total
259 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-53026 | 1 Qualcomm | 468 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 465 more | 2025-11-28 | N/A | 8.2 HIGH |
| Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call. | |||||
| CVE-2024-53021 | 1 Qualcomm | 450 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 447 more | 2025-11-28 | N/A | 8.2 HIGH |
| Information disclosure may occur while processing goodbye RTCP packet from network. | |||||
| CVE-2025-21487 | 1 Qualcomm | 454 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 451 more | 2025-11-28 | N/A | 8.2 HIGH |
| Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the available buffer length. | |||||
| CVE-2025-47318 | 1 Qualcomm | 406 Apq8017, Apq8017 Firmware, Apq8064au and 403 more | 2025-11-28 | N/A | 7.5 HIGH |
| Transient DOS while parsing the EPTM test control message to get the test pattern. | |||||
| CVE-2025-21488 | 1 Qualcomm | 216 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 213 more | 2025-11-28 | N/A | 8.2 HIGH |
| Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set. | |||||
| CVE-2025-21484 | 1 Qualcomm | 346 Apq8064au, Apq8064au Firmware, Aqt1000 and 343 more | 2025-11-25 | N/A | 8.2 HIGH |
| Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet. | |||||
| CVE-2025-60720 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2025-11-17 | N/A | 7.8 HIGH |
| Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-27041 | 1 Qualcomm | 126 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 123 more | 2025-11-05 | N/A | 5.5 MEDIUM |
| Transient DOS while processing video packets received from video firmware. | |||||
| CVE-2025-27045 | 1 Qualcomm | 36 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 33 more | 2025-11-05 | N/A | 6.1 MEDIUM |
| Information disclosure while processing batch command execution in Video driver. | |||||
| CVE-2025-27049 | 1 Qualcomm | 62 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 59 more | 2025-11-05 | N/A | 5.5 MEDIUM |
| Transient DOS while processing IOCTL call for image encoding. | |||||
| CVE-2025-27064 | 1 Qualcomm | 154 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 151 more | 2025-11-05 | N/A | 6.1 MEDIUM |
| Information disclosure while registering commands from clients with diag through diagHal. | |||||
| CVE-2025-47362 | 1 Qualcomm | 76 Msm8996au, Msm8996au Firmware, Qam8255p and 73 more | 2025-11-05 | N/A | 6.1 MEDIUM |
| Information disclosure while processing message from client with invalid payload. | |||||
| CVE-2025-47368 | 1 Qualcomm | 16 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 13 more | 2025-11-05 | N/A | 7.8 HIGH |
| Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing. | |||||
| CVE-2023-45919 | 1 Mesa3d | 1 Mesa | 2025-11-04 | N/A | 5.3 MEDIUM |
| Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString(). NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server. | |||||
| CVE-2023-39541 | 1 Weston-embedded | 1 Uc-tcp-ip | 2025-11-04 | N/A | 5.9 MEDIUM |
| A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv6 ICMPv6 packet. | |||||
| CVE-2023-39540 | 1 Weston-embedded | 1 Uc-tcp-ip | 2025-11-04 | N/A | 5.9 MEDIUM |
| A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv4 ICMP packet. | |||||
| CVE-2024-42333 | 1 Zabbix | 1 Zabbix | 2025-11-03 | N/A | 2.7 LOW |
| The researcher is showing that it is possible to leak a small amount of Zabbix Server memory using an out of bounds read in src/libs/zbxmedia/email.c | |||||
| CVE-2024-7347 | 1 F5 | 2 Nginx Open Source, Nginx Plus | 2025-11-03 | N/A | 4.7 MEDIUM |
| NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
| CVE-2025-32053 | 2025-11-03 | N/A | 6.5 MEDIUM | ||
| A flaw was found in libsoup. A vulnerability in sniff_feed_or_html() and skip_insignificant_space() functions may lead to a heap buffer over-read. | |||||
| CVE-2025-32052 | 2025-11-03 | N/A | 6.5 MEDIUM | ||
| A flaw was found in libsoup. A vulnerability in the sniff_unknown() function may lead to heap buffer over-read. | |||||