Total
313272 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-45540 | 1 Qualcomm | 136 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6200 and 133 more | 2025-10-06 | N/A | 6.6 MEDIUM |
| Memory corruption while invoking IOCTL map buffer request from userspace. | |||||
| CVE-2024-43066 | 1 Qualcomm | 196 Csrb31024, Csrb31024 Firmware, Fastconnect 6200 and 193 more | 2025-10-06 | N/A | 7.8 HIGH |
| Memory corruption while handling file descriptor during listener registration/de-registration. | |||||
| CVE-2024-43065 | 1 Qualcomm | 328 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 325 more | 2025-10-06 | N/A | 7.1 HIGH |
| Cryptographic issues while generating an asymmetric key pair for RKP use cases. | |||||
| CVE-2025-8806 | 1 Zhilink | 1 Adp Application Developer Platform | 2025-10-06 | 6.5 MEDIUM | 6.3 MEDIUM |
| A vulnerability was found in zhilink 智互联(深圳)科技有限公司 ADP Application Developer Platform 应用开发者平台 1.0.0. It has been classified as critical. This affects an unknown part of the file /adpweb/a/sys/office/treeData. The manipulation of the argument extId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2024-43046 | 1 Qualcomm | 620 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 617 more | 2025-10-06 | N/A | 5.5 MEDIUM |
| There may be information disclosure during memory re-allocation in TZ Secure OS. | |||||
| CVE-2024-49848 | 1 Qualcomm | 294 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 291 more | 2025-10-06 | N/A | 6.7 MEDIUM |
| Memory corruption while processing multiple IOCTL calls from HLOS to DSP. | |||||
| CVE-2024-45552 | 1 Qualcomm | 292 Apq8064au, Apq8064au Firmware, Fastconnect 6200 and 289 more | 2025-10-06 | N/A | 8.2 HIGH |
| Information disclosure may occur during a video call if a device resets due to a non-conforming RTCP packet that doesn`t adhere to RFC standards. | |||||
| CVE-2024-45551 | 1 Qualcomm | 484 Aqt1000, Aqt1000 Firmware, Ar8035 and 481 more | 2025-10-06 | N/A | 6.2 MEDIUM |
| Cryptographic issue occurs during PIN/password verification using Gatekeeper, where RPMB writes can be dropped on verification failure, potentially leading to a user throttling bypass. | |||||
| CVE-2024-45549 | 1 Qualcomm | 320 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 317 more | 2025-10-06 | N/A | 7.7 HIGH |
| Information disclosure while creating MQ channels. | |||||
| CVE-2025-40675 | 1 Webkul | 1 Bagisto | 2025-10-06 | N/A | 6.1 MEDIUM |
| A Reflected Cross-Site Scripting (XSS) vulnerability has been found in Bagisto v2.0.0. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending the victim a malicious URL using the parameter 'query' in '/search'. This vulnerability can be exploited to steal sensitive user data, such as session cookies, or to perform actions on behalf of the user. | |||||
| CVE-2025-21448 | 1 Qualcomm | 538 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 535 more | 2025-10-06 | N/A | 7.5 HIGH |
| Transient DOS may occur while parsing SSID in action frames. | |||||
| CVE-2025-21439 | 1 Qualcomm | 50 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 47 more | 2025-10-06 | N/A | 7.8 HIGH |
| Memory corruption may occur while reading board data via IOCTL call when the WLAN driver copies the content to the provided output buffer. | |||||
| CVE-2025-21435 | 1 Qualcomm | 298 Ar8035, Ar8035 Firmware, Csr8811 and 295 more | 2025-10-06 | N/A | 7.5 HIGH |
| Transient DOS may occur while parsing extended IE in beacon. | |||||
| CVE-2025-21434 | 1 Qualcomm | 244 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 241 more | 2025-10-06 | N/A | 7.5 HIGH |
| Transient DOS may occur while parsing EHT operation IE or EHT capability IE. | |||||
| CVE-2025-21430 | 1 Qualcomm | 450 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 447 more | 2025-10-06 | N/A | 7.5 HIGH |
| Transient DOS while connecting STA to AP and initiating ADD TS request from AP to establish TSpec session. | |||||
| CVE-2025-21429 | 1 Qualcomm | 364 9206 Lte Modem, 9206 Lte Modem Firmware, Apq8017 and 361 more | 2025-10-06 | N/A | 7.5 HIGH |
| Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request. | |||||
| CVE-2025-21428 | 1 Qualcomm | 138 9206 Lte Modem, 9206 Lte Modem Firmware, Apq8017 and 135 more | 2025-10-06 | N/A | 7.5 HIGH |
| Memory corruption occurs while connecting a STA to an AP and initiating an ADD TS request from the AP to establish a TSpec session. | |||||
| CVE-2025-40668 | 1 Tcman | 1 Gim | 2025-10-06 | N/A | 6.5 MEDIUM |
| Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an attacker, with low privilege level, to change the password of other users through a POST request using the parameters idUser, PasswordActual, PasswordNew and PasswordNewRepeat in /PC/WebService.aspx/validateChangePassword%C3%B1a. To exploit the vulnerability the PasswordActual parameter must be empty. | |||||
| CVE-2025-40669 | 1 Tcman | 1 Gim | 2025-10-06 | N/A | 6.5 MEDIUM |
| Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an unprivileged attacker to modify the permissions held by each of the application's users, including the user himself by sending a POST request to /PC/Options.aspx?Command=2&Page=-1. | |||||
| CVE-2025-40670 | 1 Tcman | 1 Gim | 2025-10-06 | N/A | 8.8 HIGH |
| Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an unprivileged attacker to create a user and assign it many privileges by sending a POST request to /PC/frmGestionUser.aspx/updateUser. | |||||