Total
2430 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-28580 | 1 Qualcomm | 88 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 85 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache. | |||||
CVE-2023-28579 | 1 Qualcomm | 68 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 65 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length. | |||||
CVE-2023-28546 | 1 Qualcomm | 560 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 557 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory Corruption in SPS Application while exporting public key in sorter TA. | |||||
CVE-2023-43548 | 2024-04-12 | N/A | 7.3 HIGH | ||
Memory corruption while parsing qcp clip with invalid chunk data size. | |||||
CVE-2023-43540 | 2024-04-12 | N/A | 8.4 HIGH | ||
Memory corruption while processing the IOCTL FM HCI WRITE request. | |||||
CVE-2023-28582 | 2024-04-12 | N/A | 9.8 CRITICAL | ||
Memory corruption in Data Modem while verifying hello-verify message during the DTLS handshake. | |||||
CVE-2024-21463 | 2024-04-12 | N/A | 7.3 HIGH | ||
Memory corruption while processing Codec2 during v13k decoder pitch synthesis. | |||||
CVE-2023-43515 | 2024-04-12 | N/A | 6.6 MEDIUM | ||
Memory corruption in HLOS while running kernel address sanitizers (syzkaller) on tmecom with DEBUG_FS enabled. | |||||
CVE-2023-33023 | 2024-04-12 | N/A | 8.4 HIGH | ||
Memory corruption while processing finish_sign command to pass a rsp buffer. | |||||
CVE-2023-28547 | 2024-04-12 | N/A | 8.4 HIGH | ||
Memory corruption in SPS Application while requesting for public key in sorter TA. | |||||
CVE-2024-25115 | 2024-04-10 | N/A | 7.0 HIGH | ||
RedisBloom adds a set of probabilistic data structures to Redis. Starting in version 2.0.0 and prior to version 2.4.7 and 2.6.10, specially crafted `CF.LOADCHUNK` commands may be used by authenticated users to perform heap overflow, which may lead to remote code execution. The problem is fixed in RedisBloom 2.4.7 and 2.6.10. | |||||
CVE-2024-3120 | 2024-04-10 | N/A | 9.0 CRITICAL | ||
A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers in the sip_validate_packet and sip_parse_extra_headers functions within src/sip.c. This vulnerability allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via crafted SIP messages. | |||||
CVE-2024-3119 | 2024-04-10 | N/A | 9.0 CRITICAL | ||
A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. The functions sip_get_callid and sip_get_xcallid in sip.c use the strncpy function to copy header contents into fixed-size buffers without checking the data length. This flaw allows remote attackers to execute arbitrary code or cause a denial of service (DoS) through specially crafted SIP messages. | |||||
CVE-2024-27908 | 2024-04-08 | N/A | 4.9 MEDIUM | ||
A buffer overflow vulnerability was reported in the HTTPS service of some Lenovo Printers that could result in denial of service. | |||||
CVE-2023-52364 | 2024-04-08 | N/A | N/A | ||
Vulnerability of input parameters being not strictly verified in the RSMC module. Impact: Successful exploitation of this vulnerability may cause out-of-bounds write. | |||||
CVE-2023-52551 | 2024-04-08 | N/A | N/A | ||
Vulnerability of data verification errors in the kernel module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||||
CVE-2023-6948 | 2024-04-02 | N/A | 3.0 LOW | ||
A Buffer Copy without Checking Size of Input issue affecting the v2_sdk_service running on a set of DJI drone devices on the port 10000 could allow an attacker to cause a crash of the service through a crafted payload triggering a missing input size check in the sdk_printf function implemented in the libv2_sdk.so library used by the dji_vtwo_sdk binary implementing the service, compromising it in a term of availability and producing a denial-of-service attack. Affected models are Mavic 3 Pro until v01.01.0300, Mavic 3 until v01.00.1200, Mavic 3 Classic until v01.00.0500, Mavic 3 Enterprise until v07.01.10.03, Matrice 300 until v57.00.01.00, Matrice M30 until v07.01.0022 and Mini 3 Pro until v01.00.0620. | |||||
CVE-2023-33009 | 1 Zyxel | 46 Atp100, Atp100 Firmware, Atp100w and 43 more | 2024-04-01 | N/A | 9.8 CRITICAL |
A buffer overflow vulnerability in the notification function in Zyxel ATP series firmware versions 4.60 through 5.36 Patch 1, USG FLEX series firmware versions 4.60 through 5.36 Patch 1, USG FLEX 50(W) firmware versions 4.60 through 5.36 Patch 1, USG20(W)-VPN firmware versions 4.60 through 5.36 Patch 1, VPN series firmware versions 4.60 through 5.36 Patch 1, ZyWALL/USG series firmware versions 4.60 through 4.73 Patch 1, could allow an unauthenticated attacker to cause denial-of-service (DoS) conditions and even a remote code execution on an affected device. | |||||
CVE-2024-29195 | 2024-03-26 | N/A | 6.0 MEDIUM | ||
The azure-c-shared-utility is a C library for AMQP/MQTT communication to Azure Cloud Services. This library may be used by the Azure IoT C SDK for communication between IoT Hub and IoT Hub devices. An attacker can cause an integer wraparound or under-allocation or heap buffer overflow due to vulnerabilities in parameter checking mechanism, by exploiting the buffer length parameter in Azure C SDK, which may lead to remote code execution. Requirements for RCE are 1. Compromised Azure account allowing malformed payloads to be sent to the device via IoT Hub service, 2. By passing IoT hub service max message payload limit of 128KB, and 3. Ability to overwrite code space with remote code. Fixed in commit https://github.com/Azure/azure-c-shared-utility/commit/1129147c38ac02ad974c4c701a1e01b2141b9fe2. | |||||
CVE-2023-6175 | 2024-03-26 | N/A | 7.8 HIGH | ||
NetScreen file parser crash in Wireshark 4.0.0 to 4.0.10 and 3.6.0 to 3.6.18 allows denial of service via crafted capture file |