Skip to main content
CVE-2025-27066 HIGH This Month

Transient DOS while processing an ANQP message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware Ar8035 Firmware +366
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-27065 HIGH This Month

Transient DOS while processing a frame with malformed shared-key descriptor. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6800 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware +145
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-27062 HIGH This Month

Memory corruption while handling client exceptions, allowing unauthorized channel access. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Authentication Bypass Buffer Overflow 315 5g Iot Modem Firmware Apq8064au Firmware Ar8035 Firmware +149
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21477 HIGH This Month

Transient DOS while processing CCCH data when NW sends data with invalid length. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure 315 5g Iot Modem Firmware Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +83
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-21474 HIGH This Month

Memory corruption while processing commands from A2dp sink command queue. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Use After Free Fastconnect 6800 Firmware Fastconnect 6900 Firmware +43
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21473 HIGH This Month

Memory corruption when using Virtual cdm (Camera Data Mover) to write registers. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Fastconnect 6900 Firmware Fastconnect 7800 Firmware Snapdragon 8 Gen 1 Mobile Platform Firmware Wcd9380 Firmware +2
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21461 HIGH This Month

Memory corruption when programming registers through virtual CDM. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Fastconnect 6900 Firmware Fastconnect 7800 Firmware Sm6650 Firmware +21
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21458 HIGH PATCH This Month

Memory corruption when IOCTL interface is called to map and unmap buffers simultaneously. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Memory Corruption Buffer Overflow Use After Free Fastconnect 6900 Firmware Qam8255p Firmware +22
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21456 HIGH This Month

Memory corruption while processing IOCTL command when multiple threads are called to map/unmap buffer concurrently. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Use After Free Ar8035 Firmware C V2x 9150 Firmware +62
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21455 HIGH This Month

Memory corruption while submitting blob data to kernel space though IOCTL. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Fastconnect 6800 Firmware Fastconnect 6900 Firmware Fastconnect 7800 Firmware Qca6391 Firmware +25
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2025-21452 HIGH This Month

Transient DOS while processing a random-access response (RAR) with an invalid PDU length on LTE network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure 315 5g Iot Modem Firmware Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +76
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-54627 HIGH This Month

Out-of-bounds write vulnerability in the skia module. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Memory Corruption Buffer Overflow Harmonyos
NVD
CVSS 3.1
8.8
EPSS
0.0%
CVE-2025-8654 HIGH This Month

Kenwood DMX958XR ReadMVGImage Command Injection Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Command Injection RCE Dmx958Xr Firmware
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2025-8653 HIGH This Month

Kenwood DMX958XR JKRadioService Stack-based Buffer Overflow Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Stack Overflow RCE Dmx958Xr Firmware
NVD
CVSS 3.0
8.8
EPSS
0.1%
CVE-2025-54622 HIGH This Month

Binding authentication bypass vulnerability in the devicemanager module. Rated high severity (CVSS 8.3), this vulnerability is no authentication required. No vendor patch available.

Authentication Bypass Harmonyos
NVD
CVSS 3.1
8.3
EPSS
0.0%
CVE-2025-54606 HIGH This Month

Status verification vulnerability in the lock screen module. Rated high severity (CVSS 7.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Harmonyos
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-54872 HIGH This Month

onion-site-template is a complete, scalable tor hidden service self-hosting sample. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass
NVD GitHub
CVSS 4.0
8.7
EPSS
0.1%
CVE-2025-54801 HIGH PATCH This Month

Fiber is an Express inspired web framework written in Go. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Fiber Suse
NVD GitHub
CVSS 4.0
8.7
EPSS
0.1%
CVE-2025-54124 HIGH POC PATCH This Month

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.

Information Disclosure Xwiki
NVD GitHub
CVSS 4.0
7.1
EPSS
0.0%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy