Vulnerabilities (CVE)

Filtered by CWE-680
Total 30 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-38422 1 Qualcomm 536 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 533 more 2024-11-07 N/A 7.8 HIGH
Memory corruption while processing voice packet with arbitrary data received from ADSP.
CVE-2024-28219 2024-08-20 N/A 6.7 MEDIUM
In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy.
CVE-2024-24478 2024-08-02 N/A 7.5 HIGH
An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected.
CVE-2024-33078 2024-08-01 N/A 9.8 CRITICAL
Tencent Libpag v4.3 is vulnerable to Buffer Overflow. A user can send a crafted image to trigger a overflow leading to remote code execution.
CVE-2023-37536 3 Apache, Fedoraproject, Hcltech 3 Xerces-c\+\+, Fedora, Bigfix Platform 2024-08-01 N/A 8.8 HIGH
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request.
CVE-2024-6381 2024-07-03 N/A 4.0 MEDIUM
The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer overflow where the function will try to free memory at a negative offset. This may result in memory corruption. This issue affected libbson versions prior to 1.26.2
CVE-2024-2608 2024-07-03 N/A N/A
`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.
CVE-2024-37305 2024-06-20 N/A 8.2 HIGH
oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, and S/MIME using post-quantum algorithms from liboqs. Flaws have been identified in the way oqs-provider handles lengths decoded with DECODE_UINT32 at the start of serialized hybrid (traditional + post-quantum) keys and signatures. Unchecked length values are later used for memory reads and writes; malformed input can lead to crashes or information leakage. Handling of plain/non-hybrid PQ key operation is not affected. This issue has been patched in in v0.6.1. All users are advised to upgrade. There are no workarounds for this issue.
CVE-2023-21648 1 Qualcomm 68 Aqt1000, Aqt1000 Firmware, Qca6391 and 65 more 2024-04-12 N/A 7.8 HIGH
Memory corruption in RIL while trying to send apdu packet.
CVE-2023-21644 1 Qualcomm 102 Aqt1000, Aqt1000 Firmware, Qca6390 and 99 more 2024-04-12 N/A 7.8 HIGH
Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request.
CVE-2022-40530 1 Qualcomm 378 Aqt1000, Aqt1000 Firmware, Ar8031 and 375 more 2024-04-12 N/A 7.8 HIGH
Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase.
CVE-2022-33296 1 Qualcomm 228 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8905 and 225 more 2024-04-12 N/A 7.8 HIGH
Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message.
CVE-2022-33282 1 Qualcomm 40 Msm8996au, Msm8996au Firmware, Qam8295p and 37 more 2024-04-12 N/A 7.8 HIGH
Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video playback.
CVE-2022-33248 1 Qualcomm 324 Apq8009, Apq8009 Firmware, Apq8009w and 321 more 2024-04-12 N/A 7.8 HIGH
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http.
CVE-2022-25705 1 Qualcomm 402 Apq8009, Apq8009 Firmware, Apq8009w and 399 more 2024-04-12 N/A 7.8 HIGH
Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response
CVE-2023-33022 1 Qualcomm 424 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq5053-aa and 421 more 2024-04-12 N/A 7.8 HIGH
Memory corruption in HLOS while invoking IOCTL calls from user-space.
CVE-2023-33018 1 Qualcomm 526 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 523 more 2024-04-12 N/A 7.8 HIGH
Memory corruption while using the UIM diag command to get the operators name.
CVE-2023-28585 1 Qualcomm 562 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 559 more 2024-04-12 N/A 8.8 HIGH
Memory corruption while loading an ELF segment in TEE Kernel.
CVE-2024-21470 2024-04-12 N/A 8.4 HIGH
Memory corruption while allocating memory for graphics.
CVE-2024-21454 2024-04-12 N/A 7.5 HIGH
Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics.