Total
3239 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-28588 | 1 Qualcomm | 428 Apq8017, Apq8017 Firmware, Apq8064au and 425 more | 2025-08-11 | 7.5 High |
| Transient DOS in Bluetooth Host while rfc slot allocation. | ||||
| CVE-2023-22667 | 1 Qualcomm | 411 205, 205 Firmware, 215 and 408 more | 2025-08-11 | 8.4 High |
| Memory Corruption in Audio while allocating the ion buffer during the music playback. | ||||
| CVE-2023-33018 | 1 Qualcomm | 527 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 524 more | 2025-08-11 | 7.8 High |
| Memory corruption while using the UIM diag command to get the operators name. | ||||
| CVE-2023-43530 | 1 Qualcomm | 316 Aqt1000, Aqt1000 Firmware, Ar8035 and 313 more | 2025-08-11 | 5.9 Medium |
| Memory corruption in HLOS while checking for the storage type. | ||||
| CVE-2023-43550 | 1 Qualcomm | 270 Ar8035, Ar8035 Firmware, Csra6620 and 267 more | 2025-08-11 | 7.8 High |
| Memory corruption while processing a QMI request for allocating memory from a DHMS supported subsystem. | ||||
| CVE-2023-33022 | 1 Qualcomm | 424 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq5053-aa and 421 more | 2025-08-11 | 8.4 High |
| Memory corruption in HLOS while invoking IOCTL calls from user-space. | ||||
| CVE-2023-33107 | 1 Qualcomm | 487 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 484 more | 2025-08-11 | 8.4 High |
| Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. | ||||
| CVE-2024-22861 | 1 Ffmpeg | 1 Ffmpeg | 2025-08-11 | 7.5 High |
| Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to cause a denial of service (DoS) via the avcodec/osq module. | ||||
| CVE-2024-22862 | 1 Ffmpeg | 1 Ffmpeg | 2025-08-11 | 9.8 Critical |
| Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser. | ||||
| CVE-2024-22860 | 1 Ffmpeg | 1 Ffmpeg | 2025-08-11 | 9.8 Critical |
| Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder. | ||||
| CVE-2024-21812 | 3 Fedoraproject, Libbiosig Project, The Biosig Project | 3 Fedora, Libbiosig, Libbiosig | 2025-08-10 | 9.8 Critical |
| An integer overflow vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to an out-of-bounds write which in turn can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2023-41185 | 1 Unified-automation | 1 Uagateway | 2025-08-08 | 7.5 High |
| Unified Automation UaGateway Certificate Parsing Integer Overflow Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Unified Automation UaGateway. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of client certificates. When parsing the certificate length field, the process does not properly validate user-supplied data, which can result in an integer overflow. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-20353. | ||||
| CVE-2025-2023 | 1 Ashlar | 1 Cobalt | 2025-08-08 | N/A |
| Ashlar-Vellum Cobalt LI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of LI files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25348. | ||||
| CVE-2025-2021 | 1 Ashlar | 1 Cobalt | 2025-08-08 | N/A |
| Ashlar-Vellum Cobalt XE File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XE files. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25264. | ||||
| CVE-2025-52520 | 1 Apache | 1 Tomcat | 2025-08-08 | 7.5 High |
| For some unlikely configurations of multipart upload, an Integer Overflow vulnerability in Apache Tomcat could lead to a DoS via bypassing of size limits. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.8, from 10.1.0-M1 through 10.1.42, from 9.0.0.M1 through 9.0.106. The following versions were EOL at the time the CVE was created but are known to be affected: 8.5.0 through 8.5.100. Other, older, EOL versions may also be affected. Users are recommended to upgrade to version 11.0.9, 10.1.43 or 9.0.107, which fix the issue. | ||||
| CVE-2024-10394 | 1 Openafs | 1 Openafs | 2025-08-07 | 7.8 High |
| A local user can bypass the OpenAFS PAG (Process Authentication Group) throttling mechanism in Unix clients, allowing the user to create a PAG using an existing id number, effectively joining the PAG and letting the user steal the credentials in that PAG. | ||||
| CVE-2023-42118 | 2 Exim, Libspf2 Project | 3 Exim, Libspf2, Libspf2 | 2025-08-07 | 8.8 High |
| Exim libspf2 Integer Underflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Exim libspf2. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of SPF macros. When parsing SPF macros, the process does not properly validate user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the service account. . Was ZDI-CAN-17578. | ||||
| CVE-2024-52059 | 1 Rti | 1 Connext Professional | 2025-08-07 | N/A |
| Buffer Copy without Checking Size of Input ('Classic Buffer Overflow'), Heap-based Buffer Overflow, Integer Overflow or Wraparound vulnerability in RTI Connext Professional (Security Plugins) allows Overflow Variables and Tags.This issue affects Connext Professional: from 7.0.0 before 7.3.0.2, from 6.1.0 before 6.1.2.17. | ||||
| CVE-2023-53156 | 1 Ejmahler | 1 Transpose | 2025-08-07 | 4.5 Medium |
| The transpose crate before 0.2.3 for Rust allows an integer overflow via input_width and input_height arguments. | ||||
| CVE-2024-58263 | 1 Cosmwasm | 2 Cosmwasm, Cosmwasm-std | 2025-08-07 | 3.7 Low |
| The cosmwasm-std crate before 2.0.2 for Rust allows integer overflows that cause incorrect contract calculations. | ||||