Total
495 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-54643 | 1 Huawei | 2 Emui, Harmonyos | 2025-09-20 | N/A | 6.6 MEDIUM |
| Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2025-54644 | 1 Huawei | 2 Emui, Harmonyos | 2025-09-20 | N/A | 6.6 MEDIUM |
| Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
| CVE-2025-54650 | 1 Huawei | 1 Harmonyos | 2025-09-20 | N/A | 4.2 MEDIUM |
| Improper array index verification vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect the audio decoding function. | |||||
| CVE-2024-26914 | 1 Linux | 1 Linux Kernel | 2025-09-16 | N/A | 7.8 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix incorrect mpc_combine array size [why] MAX_SURFACES is per stream, while MAX_PLANES is per asic. The mpc_combine is an array that records all the planes per asic. Therefore MAX_PLANES should be used as the array size. Using MAX_SURFACES causes array overflow when there are more than 3 planes. [how] Use the MAX_PLANES for the mpc_combine array size. | |||||
| CVE-2024-21970 | 2025-09-08 | N/A | 4.4 MEDIUM | ||
| Improper validation of an array index in the AND power Management Firmware could allow a privileged attacker to corrupt AGESA memory potentially leading to a loss of integrity. | |||||
| CVE-2023-31306 | 2025-09-08 | N/A | 3.3 LOW | ||
| Improper validation of an array index in the AMD graphics driver software could allow an attacker to pass malformed arguments to the dynamic power management (DPM) functions resulting in an out of bounds read and loss of availability. | |||||
| CVE-2025-21447 | 1 Qualcomm | 16 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 13 more | 2025-08-20 | N/A | 7.8 HIGH |
| Memory corruption may occur while processing device IO control call for session control. | |||||
| CVE-2025-21423 | 1 Qualcomm | 90 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 87 more | 2025-08-19 | N/A | 7.8 HIGH |
| Memory corruption occurs when handling client calls to EnableTestMode through an Escape call. | |||||
| CVE-2025-27067 | 1 Qualcomm | 16 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 13 more | 2025-08-18 | N/A | 7.8 HIGH |
| Memory corruption while processing DDI call with invalid buffer. | |||||
| CVE-2025-27075 | 1 Qualcomm | 72 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 69 more | 2025-08-18 | N/A | 7.8 HIGH |
| Memory corruption while processing IOCTL command with larger buffer in Bluetooth Host. | |||||
| CVE-2025-54645 | 1 Huawei | 1 Harmonyos | 2025-08-13 | N/A | 5.0 MEDIUM |
| Out-of-bounds array access issue due to insufficient data verification in the location service module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2025-54610 | 1 Huawei | 1 Harmonyos | 2025-08-12 | N/A | 5.4 MEDIUM |
| Out-of-bounds access vulnerability in the audio codec module. Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2023-24850 | 1 Qualcomm | 412 Apq5053-aa, Apq5053-aa Firmware, Apq8017 and 409 more | 2025-08-11 | N/A | 7.8 HIGH |
| Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application. | |||||
| CVE-2024-53014 | 1 Qualcomm | 502 215, 215 Firmware, 315 5g Iot Modem and 499 more | 2025-08-11 | N/A | 7.8 HIGH |
| Memory corruption may occur while validating ports and channels in Audio driver. | |||||
| CVE-2024-53009 | 1 Qualcomm | 378 Aqt1000, Aqt1000 Firmware, Ar8035 and 375 more | 2025-08-11 | N/A | 5.3 MEDIUM |
| Memory corruption while operating the mailbox in Automotive. | |||||
| CVE-2023-33111 | 1 Qualcomm | 172 Ar8035, Ar8035 Firmware, C-v2x 9150 and 169 more | 2025-08-11 | N/A | 5.5 MEDIUM |
| Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command. | |||||
| CVE-2023-33053 | 1 Qualcomm | 234 Csr8811, Csr8811 Firmware, Immersive Home 214 Platform and 231 more | 2025-08-11 | N/A | 8.4 HIGH |
| Memory corruption in Kernel while parsing metadata. | |||||
| CVE-2024-29231 | 1 Synology | 2 Diskstation Manager, Surveillance Station | 2025-08-04 | N/A | 5.4 MEDIUM |
| Improper validation of array index vulnerability in UserPrivilege.Enum webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to obtain non-sensitive information and conduct limited denial-of-service attacks via unspecified vectors. | |||||
| CVE-2025-23278 | 2025-08-04 | N/A | 7.1 HIGH | ||
| NVIDIA Display Driver for Windows and Linux contains a vulnerability where an attacker might cause an improper index validation by issuing a call with crafted parameters. A successful exploit of this vulnerability might lead to data tampering or denial of service. | |||||
| CVE-2023-52728 | 1 Linuxfoundation | 1 Onos-lib-go | 2025-07-14 | N/A | 5.5 MEDIUM |
| Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.25 allows an index out-of-range condition in putBitString. | |||||