CVE Watch
Every published CVE, mapped to engagement reality.
Crawled from cve.org every day. Each entry annotated with the QSearch coverage signal — how many of our agents, skills, and playbooks address the technique. Subscribe via RSS for SIEM pipe, or get the weekly digest by email.
Memory corruption while processing fastboot commands with invalid input
Memory corruption while processing fastboot commands with invalid input.
qualcommCWE-1286Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader
Cryptographic Issue while processing a specific partition which allows unauthorized write access to load a customized bootloader.
qualcommCWE-306Memory corruption while processing fastboot OEM commands
Memory corruption while processing fastboot OEM commands.
qualcommCWE-1286Memory Corruption when processing display command line information due to improper initialization of a variable
Memory Corruption when processing display command line information due to improper initialization of a variable.
qualcommCWE-121A security vulnerability has been detected in SGLang 0.5.10.post1
A security vulnerability has been detected in SGLang 0.5.10.post1. Impacted is an unknown function of the file python/sglang/srt/lora/lora_manager.py of the component Inference HTTP Endpoint. Such manipulation of the argument lora_path leads to reachable assertion. The attack can be launched remotely. A high complexity level is associated with this attack. The exploitability is considered difficult. The exploit has been disclosed publicly and may be used. The pull request to fix this issue awaits acceptance.
CWE-617A weakness has been identified in code-projects Online Hospital Management System 1.0
A weakness has been identified in code-projects Online Hospital Management System 1.0. This issue affects some unknown processing of the file viewdoctortimings.php. This manipulation of the argument delid causes improper control of resource identifiers. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.
CWE-99A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2
A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2. This vulnerability affects the function whisper_model_load of the file ggml/src/ggml.c. The manipulation results in null pointer dereference. Attacking locally is a requirement. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.
CWE-404CWE-476A vulnerability was identified in itsourcecode Fees Management System 1.0
A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown part of the file /manage_course.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.
CWE-74CWE-89A vulnerability was determined in itsourcecode Fees Management System 1.0
A vulnerability was determined in itsourcecode Fees Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.
CWE-74CWE-89A vulnerability was found in SourceCodester Customer Review App 1.0
A vulnerability was found in SourceCodester Customer Review App 1.0. Affected by this vulnerability is the function add_review/save_review/get_all_reviews of the file review_app.py. Performing a manipulation of the argument name/comment results in denial of service. The attack requires a local approach. The exploit has been made public and could be used.
CWE-404Memory Corruption when sending random number generator command with insufficient output buffer size
Memory Corruption when sending random number generator command with insufficient output buffer size.
qualcommCWE-787Memory Corruption when output buffer size is smaller than input buffer size during data copying operation
Memory Corruption when output buffer size is smaller than input buffer size during data copying operation.
qualcommCWE-121Memory corruption in windows drivers while sending incorrect trusted application request
Memory corruption in windows drivers while sending incorrect trusted application request
qualcommCWE-121Memory corruption in diagnostic services due to absence of input validation
Memory corruption in diagnostic services due to absence of input validation
qualcommCWE-787Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer
Memory Corruption when processing IOCTL requests with mismatched API versions due to concurrent modification of user-space buffer.
qualcommCWE-367Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length
Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length.
qualcommCWE-126Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization
Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization.
qualcommCWE-476Memory Corruption when processing device identifier strings that exceed the expected maximum length
Memory Corruption when processing device identifier strings that exceed the expected maximum length.
qualcommCWE-787Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer
Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer.
qualcommCWE-476Information Disclosure when resetting device to factory default settings through powerline interface allows unauthorized access to device...
Information Disclosure when resetting device to factory default settings through powerline interface allows unauthorized access to device configuration.
qualcommCWE-1230
7.2 HIGH
3.7 LOW
6.3 MEDIUMWeekly digest
Get the curated CVE digest every Monday
One email a week, sent Monday morning CET. The CVEs published or modified in the last seven days, severity-ordered, with the QSearch coverage signal. Unsubscribe with one click — included in every send.
Pipe the CVE feed into your stack.
CVE Watch publishes RSS, Atom, and JSON feeds — wire them into your SIEM, Slack, Discord, or your RSS reader of choice. Or get the curated weekly digest by email.