Total
304508 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-27051 | 1 Qualcomm | 20 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 17 more | 2025-07-21 | N/A | 7.8 HIGH |
| Memory corruption while processing command message in WLAN Host. | |||||
| CVE-2025-27050 | 1 Qualcomm | 80 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 77 more | 2025-07-21 | N/A | 7.8 HIGH |
| Memory corruption while processing event close when client process terminates abruptly. | |||||
| CVE-2025-27047 | 1 Qualcomm | 40 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 37 more | 2025-07-21 | N/A | 7.8 HIGH |
| Memory corruption while processing the TESTPATTERNCONFIG escape path. | |||||
| CVE-2025-27046 | 1 Qualcomm | 78 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 75 more | 2025-07-21 | N/A | 7.8 HIGH |
| Memory corruption while processing multiple simultaneous escape calls. | |||||
| CVE-2025-27044 | 1 Qualcomm | 16 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 13 more | 2025-07-21 | N/A | 7.8 HIGH |
| Memory corruption while executing timestamp video decode command with large input values. | |||||
| CVE-2025-27043 | 1 Qualcomm | 412 Ar8035, Ar8035 Firmware, Csr8811 and 409 more | 2025-07-21 | N/A | 7.8 HIGH |
| Memory corruption while processing manipulated payload in video firmware. | |||||
| CVE-2025-27061 | 1 Qualcomm | 688 315 5g Iot, 315 5g Iot Firmware, Aqt1000 and 685 more | 2025-07-21 | N/A | 7.8 HIGH |
| Memory corruption whhile handling the subsystem failure memory during the parsing of video packets received from the video firmware. | |||||
| CVE-2025-27058 | 1 Qualcomm | 16 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 13 more | 2025-07-21 | N/A | 7.8 HIGH |
| Memory corruption while processing packet data with exceedingly large packet. | |||||
| CVE-2025-27057 | 1 Qualcomm | 424 Ar8035, Ar8035 Firmware, Csr8811 and 421 more | 2025-07-21 | N/A | 7.5 HIGH |
| Transient DOS while handling beacon frames with invalid IE header length. | |||||
| CVE-2025-27056 | 1 Qualcomm | 50 Fastconnect 7800, Fastconnect 7800 Firmware, Qmp1000 and 47 more | 2025-07-21 | N/A | 7.8 HIGH |
| Memory corruption during sub-system restart while processing clean-up to free up resources. | |||||
| CVE-2025-27055 | 1 Qualcomm | 80 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 77 more | 2025-07-21 | N/A | 7.8 HIGH |
| Memory corruption during the image encoding process. | |||||
| CVE-2025-27052 | 1 Qualcomm | 312 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 309 more | 2025-07-21 | N/A | 7.8 HIGH |
| Memory corruption while processing data packets in diag received from Unix clients. | |||||
| CVE-2024-45244 | 1 Hyperledger | 1 Fabric | 2025-07-21 | N/A | 5.3 MEDIUM |
| Hyperledger Fabric through 3.0.0 and 2.5.x through 2.5.9 do not verify that a request has a timestamp within the expected time window. | |||||
| CVE-2025-1121 | 1 Google | 1 Chrome Os | 2025-07-21 | N/A | 6.8 MEDIUM |
| Privilege escalation in Installer and Recovery image handling in Google ChromeOS version 15786.48.2 on device allows an attacker with physical access to gain root code execution and potentially unenroll enterprise-managed devices via a specially crafted recovery image. | |||||
| CVE-2025-25257 | 1 Fortinet | 1 Fortiweb | 2025-07-21 | N/A | 9.8 CRITICAL |
| An improper neutralization of special elements used in an SQL command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiWeb version 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, 7.2.0 through 7.2.10 and below 7.0.10 allows an unauthenticated attacker to execute unauthorized SQL code or commands via crafted HTTP or HTTPs requests. | |||||
| CVE-2024-38435 | 1 Unitronics | 1 Visilogic | 2025-07-21 | N/A | 6.5 MEDIUM |
| Unitronics Vision PLC – CWE-703: Improper Check or Handling of Exceptional Conditions may allow denial of service | |||||
| CVE-2025-25287 | 2025-07-21 | N/A | 4.7 MEDIUM | ||
| Lakeus is a simple skin made for MediaWiki. Starting in version 1.0.8 and prior to versions 1.3.1+REL1.39, 1.3.1+REL1.42, and 1.4.0, Lakeus is vulnerable to store cross-site scripting via malicious system messages, though editing the messages requires high privileges. Those with `(editinterface)` rights can edit system messages that are improperly handled in order to send raw HTML. In the case of `lakeus-footermessage`, this will affect all users if the server is configured to link back to this repository. Otherwise, the system messages in themeDesigner.js are only used when the user enables it in their preferences. Versions 1.3.1+REL1.39, 1.3.1+REL1.42, and 1.4.0 contain a patch. | |||||
| CVE-2025-5024 | 2025-07-21 | N/A | 7.4 HIGH | ||
| A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being able to open files even after it is restarted via systemd. | |||||
| CVE-2024-52615 | 2025-07-21 | N/A | 5.3 MEDIUM | ||
| A flaw was found in Avahi-daemon, which relies on fixed source ports for wide-area DNS queries. This issue simplifies attacks where malicious DNS responses are injected. | |||||
| CVE-2025-52089 | 1 Totolink | 2 N300rb, N300rb Firmware | 2025-07-19 | N/A | 8.8 HIGH |
| A hidden remote support feature protected by a static secret in TOTOLINK N300RB firmware version 8.54 allows an authenticated attacker to execute arbitrary OS commands with root privileges. | |||||