Total
200 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-33056 | 2024-12-02 | N/A | 8.4 HIGH | ||
Memory corruption when allocating and accessing an entry in an SMEM partition continuously. | |||||
CVE-2024-33037 | 2024-12-02 | N/A | 6.1 MEDIUM | ||
Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware. | |||||
CVE-2024-42333 | 2024-11-27 | N/A | 2.7 LOW | ||
The researcher is showing that it is possible to leak a small amount of Zabbix Server memory using an out of bounds read in src/libs/zbxmedia/email.c | |||||
CVE-2024-33012 | 1 Qualcomm | 498 Ar8035, Ar8035 Firmware, Ar9380 and 495 more | 2024-11-26 | N/A | 7.5 HIGH |
Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon. | |||||
CVE-2024-33013 | 1 Qualcomm | 340 Ar8035, Ar8035 Firmware, Csr8811 and 337 more | 2024-11-26 | N/A | 7.5 HIGH |
Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length. | |||||
CVE-2024-33011 | 1 Qualcomm | 498 Ar8035, Ar8035 Firmware, Ar9380 and 495 more | 2024-11-26 | N/A | 7.5 HIGH |
Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero. | |||||
CVE-2024-21479 | 1 Qualcomm | 190 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 187 more | 2024-11-26 | N/A | 7.5 HIGH |
Transient DOS during music playback of ALAC content. | |||||
CVE-2024-21467 | 1 Qualcomm | 258 Csr8811, Csr8811 Firmware, Fastconnect 6800 and 255 more | 2024-11-26 | N/A | 6.5 MEDIUM |
Information disclosure while handling beacon probe frame during scan entry generation in client side. | |||||
CVE-2024-23353 | 1 Qualcomm | 498 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 495 more | 2024-11-26 | N/A | 7.5 HIGH |
Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI. | |||||
CVE-2024-21459 | 1 Qualcomm | 350 Ar8035, Ar8035 Firmware, Ar9380 and 347 more | 2024-11-26 | N/A | 6.5 MEDIUM |
Information disclosure while handling beacon or probe response frame in STA. | |||||
CVE-2018-5852 | 2024-11-26 | N/A | 8.4 HIGH | ||
An unsigned integer underflow vulnerability in IPA driver result into a buffer over-read while reading NAT entry using debugfs command 'cat /sys/kernel/debug/ipa/ip4_nat' | |||||
CVE-2017-17772 | 2024-11-26 | N/A | 9.8 CRITICAL | ||
In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation. | |||||
CVE-2024-11596 | 2024-11-21 | N/A | 7.8 HIGH | ||
ECMP dissector crash in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file | |||||
CVE-2024-7347 | 1 F5 | 2 Nginx Open Source, Nginx Plus | 2024-11-21 | N/A | 4.7 MEDIUM |
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | |||||
CVE-2024-3077 | 2024-11-21 | N/A | 6.8 MEDIUM | ||
An malicious BLE device can crash BLE victim device by sending malformed gatt packet | |||||
CVE-2024-38373 | 1 Amazon | 1 Freertos-plus-tcp | 2024-11-21 | N/A | 9.6 CRITICAL |
FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. FreeRTOS-Plus-TCP versions 4.0.0 through 4.1.0 contain a buffer over-read issue in the DNS Response Parser when parsing domain names in a DNS response. A carefully crafted DNS response with domain name length value greater than the actual domain name length, could cause the parser to read beyond the DNS response buffer. This issue affects applications using DNS functionality of the FreeRTOS-Plus-TCP stack. Applications that do not use DNS functionality are not affected, even when the DNS functionality is enabled. This vulnerability has been patched in version 4.1.1. | |||||
CVE-2024-38071 | 1 Microsoft | 6 Windows Server 2008, Windows Server 2012, Windows Server 2016 and 3 more | 2024-11-21 | N/A | 7.5 HIGH |
Windows Remote Desktop Licensing Service Denial of Service Vulnerability | |||||
CVE-2024-31082 | 2024-11-21 | N/A | 7.3 HIGH | ||
A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads. | |||||
CVE-2024-31081 | 2024-11-21 | N/A | 7.3 HIGH | ||
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads. | |||||
CVE-2024-31080 | 2024-11-21 | N/A | 7.3 HIGH | ||
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads. |