Total
8989 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-38106 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2025-08-12 | N/A |
| Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-21018. | ||||
| CVE-2025-23333 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Triton Inference Server | 2025-08-12 | 5.9 Medium |
| NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds read by manipulating shared memory data. A successful exploit of this vulnerability might lead to information disclosure. | ||||
| CVE-2025-23334 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Triton Inference Server | 2025-08-12 | 5.9 Medium |
| NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python backend, where an attacker could cause an out-of-bounds read by sending a request. A successful exploit of this vulnerability might lead to information disclosure. | ||||
| CVE-2025-54609 | 1 Huawei | 1 Harmonyos | 2025-08-12 | 5.4 Medium |
| Out-of-bounds access vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2023-38105 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2025-08-12 | N/A |
| Foxit PDF Reader PDF File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-21017. | ||||
| CVE-2025-54950 | 1 Meta | 1 Executorch | 2025-08-12 | 9.8 Critical |
| An out-of-bounds access vulnerability in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit b6b7a16df5e7852d976d8c34c8a7e9a1b6f7d005. | ||||
| CVE-2022-43656 | 1 Bentley | 1 View | 2025-08-12 | 5.5 Medium |
| Bentley View FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of FBX files. Crafted data in an FBX file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-18492. | ||||
| CVE-2024-30323 | 2 Foxit, Microsoft | 3 Pdf Editor, Pdf Reader, Windows | 2025-08-11 | N/A |
| Foxit PDF Reader template Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of template objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22501. | ||||
| CVE-2025-20234 | 2 Cisco, Clamav | 3 Secure Endpoint, Secure Endpoint Private Cloud, Clamav | 2025-08-11 | 5.3 Medium |
| A vulnerability in Universal Disk Format (UDF) processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability by submitting a crafted file containing UDF content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software. For a description of this vulnerability, see the . | ||||
| CVE-2025-54637 | 1 Huawei | 2 Emui, Harmonyos | 2025-08-11 | 4.4 Medium |
| Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2025-54633 | 1 Huawei | 1 Harmonyos | 2025-08-11 | 6.7 Medium |
| Out-of-bounds read vulnerability in the register configuration of the DMA module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | ||||
| CVE-2024-33050 | 1 Qualcomm | 541 Ar8035, Ar8035 Firmware, Ar9380 and 538 more | 2025-08-11 | 7.5 High |
| Transient DOS while parsing MBSSID during new IE generation in beacon/probe frame when IE length check is either missing or improper. | ||||
| CVE-2023-33064 | 1 Qualcomm | 178 Aqt1000, Aqt1000 Firmware, Ar8035 and 175 more | 2025-08-11 | 5.5 Medium |
| Transient DOS in Audio when invoking callback function of ASM driver. | ||||
| CVE-2024-33073 | 1 Qualcomm | 320 Ar8035, Ar8035 Firmware, Csr8811 and 317 more | 2025-08-11 | 8.2 High |
| Information disclosure while parsing the BSS parameter change count or MLD capabilities fields of the ML IE. | ||||
| CVE-2023-33065 | 1 Qualcomm | 208 Aqt1000, Aqt1000 Firmware, Ar8035 and 205 more | 2025-08-11 | 6.1 Medium |
| Information disclosure in Audio while accessing AVCS services from ADSP payload. | ||||
| CVE-2023-33080 | 1 Qualcomm | 733 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 730 more | 2025-08-11 | 7.5 High |
| Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. | ||||
| CVE-2025-27055 | 1 Qualcomm | 80 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 77 more | 2025-08-11 | 7.8 High |
| Memory corruption during the image encoding process. | ||||
| CVE-2023-33115 | 1 Qualcomm | 336 Aqt1000, Aqt1000 Firmware, Ar8035 and 333 more | 2025-08-11 | 7.8 High |
| Memory corruption while processing buffer initialization, when trusted report for certain report types are generated. | ||||
| CVE-2024-38397 | 1 Qualcomm | 234 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 231 more | 2025-08-11 | 7.5 High |
| Transient DOS while parsing probe response and assoc response frame. | ||||
| CVE-2023-43527 | 1 Qualcomm | 108 Fastconnect 6800, Fastconnect 6800 Firmware, Fastconnect 6900 and 105 more | 2025-08-11 | 6.8 Medium |
| Information disclosure while parsing dts header atom in Video. | ||||