Total
385 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-55091 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-21 | N/A | 6.5 MEDIUM |
| In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ip_packet_receive() function when received an Ethernet with type set as IP but no IP data. | |||||
| CVE-2025-55090 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-21 | N/A | 6.5 MEDIUM |
| In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receive() function when received an Ethernet frame with less than 4 bytes of IP packet. | |||||
| CVE-2025-55084 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-21 | N/A | 5.3 MEDIUM |
| In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check in_nx_secure_tls_proc_clienthello_supported_versions_extension() in the extension version field. | |||||
| CVE-2025-55083 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-21 | N/A | 5.3 MEDIUM |
| In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check resulting it out by two out of bound read. | |||||
| CVE-2025-59933 | 1 Libvips | 1 Libvips | 2025-10-18 | N/A | 7.8 HIGH |
| libvips is a demand-driven, horizontally threaded image processing library. For versions 8.17.1 and below, when libvips is compiled with support for PDF input via poppler, the pdfload operation is affected by a buffer read overflow when parsing the header of a crafted PDF with a page that defines a width but not a height. Those using libvips compiled without support for PDF input are unaffected as well as thosewith support for PDF input via PDFium. This issue is fixed in version 8.17.2. A workaround for those affected is to block the VipsForeignLoadPdf operation via vips_operation_block_set, which is available in most language bindings, or to set VIPS_BLOCK_UNTRUSTED environment variable at runtime, which will block all untrusted loaders including PDF input via poppler. | |||||
| CVE-2025-59192 | 1 Microsoft | 14 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 11 more | 2025-10-17 | N/A | 7.8 HIGH |
| Buffer over-read in Storport.sys Driver allows an authorized attacker to elevate privileges locally. | |||||
| CVE-2025-27041 | 2025-10-09 | N/A | 5.5 MEDIUM | ||
| Transient DOS while processing video packets received from video firmware. | |||||
| CVE-2025-27049 | 2025-10-09 | N/A | 5.5 MEDIUM | ||
| Transient DOS while processing IOCTL call for image encoding. | |||||
| CVE-2025-27045 | 2025-10-09 | N/A | 6.1 MEDIUM | ||
| Information disclosure while processing batch command execution in Video driver. | |||||
| CVE-2024-45552 | 1 Qualcomm | 292 Apq8064au, Apq8064au Firmware, Fastconnect 6200 and 289 more | 2025-10-06 | N/A | 8.2 HIGH |
| Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards. | |||||
| CVE-2025-21448 | 1 Qualcomm | 538 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 535 more | 2025-10-06 | N/A | 7.5 HIGH |
| Transient DOS may occur while parsing SSID in action frames. | |||||
| CVE-2025-21435 | 1 Qualcomm | 298 Ar8035, Ar8035 Firmware, Csr8811 and 295 more | 2025-10-06 | N/A | 7.5 HIGH |
| Transient DOS may occur while parsing extended IE in beacon. | |||||
| CVE-2025-21434 | 1 Qualcomm | 244 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 241 more | 2025-10-06 | N/A | 7.5 HIGH |
| Transient DOS may occur while parsing EHT operation IE or EHT capability IE. | |||||
| CVE-2025-21430 | 1 Qualcomm | 450 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 447 more | 2025-10-06 | N/A | 7.5 HIGH |
| Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session. | |||||
| CVE-2025-21429 | 1 Qualcomm | 364 9206 Lte Modem, 9206 Lte Modem Firmware, Apq8017 and 361 more | 2025-10-06 | N/A | 7.5 HIGH |
| Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. | |||||
| CVE-2025-21428 | 1 Qualcomm | 138 9206 Lte Modem, 9206 Lte Modem Firmware, Apq8017 and 135 more | 2025-10-06 | N/A | 7.5 HIGH |
| Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session. | |||||
| CVE-2024-23364 | 1 Qualcomm | 358 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 355 more | 2025-10-03 | N/A | 7.5 HIGH |
| Transient DOS when processing the non-transmitted BSSID profile sub-elements present within the MBSSID Information Element (IE) of a beacon frame that is received from over-the-air (OTA). | |||||
| CVE-2024-23358 | 1 Qualcomm | 106 205 Mobile Platform, 205 Mobile Platform Firmware, Apq8017 and 103 more | 2025-10-03 | N/A | 7.5 HIGH |
| Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in Modem. | |||||
| CVE-2024-23359 | 1 Qualcomm | 322 205 Mobile Platform, 205 Mobile Platform Firmware, 315 5g Iot Modem and 319 more | 2025-10-03 | N/A | 8.2 HIGH |
| Information disclosure while decoding Tracking Area Update Accept or Attach Accept message received from network. | |||||
| CVE-2025-53798 | 1 Microsoft | 7 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 4 more | 2025-10-02 | N/A | 6.5 MEDIUM |
| Buffer over-read in Windows Routing and Remote Access Service (RRAS) allows an unauthorized attacker to disclose information over a network. | |||||