Total
389 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-12106 | 2025-12-01 | N/A | 9.1 CRITICAL | ||
| Insufficient argument validation in OpenVPN 2.7_alpha1 through 2.7_rc1 allows an attacker to trigger a heap buffer over-read when parsing IP addresses | |||||
| CVE-2024-53020 | 1 Qualcomm | 468 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 465 more | 2025-11-28 | N/A | 8.2 HIGH |
| Information disclosure may occur while decoding the RTP packet with invalid header extension from network. | |||||
| CVE-2025-21463 | 1 Qualcomm | 422 Ar8035, Ar8035 Firmware, Csr8811 and 419 more | 2025-11-28 | N/A | 7.5 HIGH |
| Transient DOS while processing the EHT operation IE in the received beacon frame. | |||||
| CVE-2024-53026 | 1 Qualcomm | 468 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 465 more | 2025-11-28 | N/A | 8.2 HIGH |
| Information disclosure when an invalid RTCP packet is received during a VoLTE/VoWiFi IMS call. | |||||
| CVE-2024-53021 | 1 Qualcomm | 450 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 447 more | 2025-11-28 | N/A | 8.2 HIGH |
| Information disclosure may occur while processing goodbye RTCP packet from network. | |||||
| CVE-2025-21487 | 1 Qualcomm | 454 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 451 more | 2025-11-28 | N/A | 8.2 HIGH |
| Information disclosure while decoding RTP packet received by UE from the network, when payload length mentioned is greater than the available buffer length. | |||||
| CVE-2025-47318 | 1 Qualcomm | 406 Apq8017, Apq8017 Firmware, Apq8064au and 403 more | 2025-11-28 | N/A | 7.5 HIGH |
| Transient DOS while parsing the EPTM test control message to get the test pattern. | |||||
| CVE-2025-21488 | 1 Qualcomm | 216 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 6700 and 213 more | 2025-11-28 | N/A | 8.2 HIGH |
| Information disclosure while decoding this RTP packet headers received by UE from the network when the padding bit is set. | |||||
| CVE-2025-21484 | 1 Qualcomm | 346 Apq8064au, Apq8064au Firmware, Aqt1000 and 343 more | 2025-11-25 | N/A | 8.2 HIGH |
| Information disclosure when UE receives the RTP packet from the network, while decoding and reassembling the fragments from RTP packet. | |||||
| CVE-2025-63602 | 2025-11-19 | N/A | 7.3 HIGH | ||
| A vulnerability was discovered in Awesome Miner thru 11.2.4 that allows arbitrary read and write to kernel memory and MSRs (such as LSTAR) as an unprivileged user. This is due to the implementation of an insecure version of WinRing0 (1.2.0.5, renamed to IntelliBreeze.Maintenance.Service.sys) that lacks a properly secured DACL, allowing unprivileged users to interact with the driver and, as a result, the kernel. This can result in local privilege escalation, information disclosure, denial of service, and other unspecified impacts. | |||||
| CVE-2025-60720 | 1 Microsoft | 14 Windows 10 1607, Windows 10 1809, Windows 10 21h2 and 11 more | 2025-11-17 | N/A | 7.8 HIGH |
| Buffer over-read in Windows TDX.sys allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-12745 | 2025-11-06 | 4.3 MEDIUM | 5.3 MEDIUM | ||
| A weakness has been identified in QuickJS up to eb2c89087def1829ed99630cb14b549d7a98408c. This affects the function js_array_buffer_slice of the file quickjs.c. This manipulation causes buffer over-read. The attack is restricted to local execution. The exploit has been made available to the public and could be exploited. This product adopts a rolling release strategy to maintain continuous delivery Patch name: c6fe5a98fd3ef3b7064e6e0145dfebfe12449fea. To fix this issue, it is recommended to deploy a patch. | |||||
| CVE-2025-27041 | 1 Qualcomm | 126 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 123 more | 2025-11-05 | N/A | 5.5 MEDIUM |
| Transient DOS while processing video packets received from video firmware. | |||||
| CVE-2025-27045 | 1 Qualcomm | 36 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 33 more | 2025-11-05 | N/A | 6.1 MEDIUM |
| Information disclosure while processing batch command execution in Video driver. | |||||
| CVE-2025-27049 | 1 Qualcomm | 62 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 59 more | 2025-11-05 | N/A | 5.5 MEDIUM |
| Transient DOS while processing IOCTL call for image encoding. | |||||
| CVE-2025-27064 | 1 Qualcomm | 154 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 151 more | 2025-11-05 | N/A | 6.1 MEDIUM |
| Information disclosure while registering commands from clients with diag through diagHal. | |||||
| CVE-2025-47362 | 1 Qualcomm | 76 Msm8996au, Msm8996au Firmware, Qam8255p and 73 more | 2025-11-05 | N/A | 6.1 MEDIUM |
| Information disclosure while processing message from client with invalid payload. | |||||
| CVE-2025-47368 | 1 Qualcomm | 16 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 13 more | 2025-11-05 | N/A | 7.8 HIGH |
| Memory corruption when dereferencing an invalid userspace address in a user buffer during MCDM IOCTL processing. | |||||
| CVE-2023-45919 | 1 Mesa3d | 1 Mesa | 2025-11-04 | N/A | 5.3 MEDIUM |
| Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString(). NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server. | |||||
| CVE-2023-39541 | 1 Weston-embedded | 1 Uc-tcp-ip | 2025-11-04 | N/A | 5.9 MEDIUM |
| A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv6 ICMPv6 packet. | |||||