Total
30 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-38422 | 1 Qualcomm | 536 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 533 more | 2024-11-07 | N/A | 7.8 HIGH |
Memory corruption while processing voice packet with arbitrary data received from ADSP. | |||||
CVE-2024-28219 | 2024-08-20 | N/A | 6.7 MEDIUM | ||
In _imagingcms.c in Pillow before 10.3.0, a buffer overflow exists because strcpy is used instead of strncpy. | |||||
CVE-2024-24478 | 2024-08-02 | N/A | 7.5 HIGH | ||
An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected. | |||||
CVE-2024-33078 | 2024-08-01 | N/A | 9.8 CRITICAL | ||
Tencent Libpag v4.3 is vulnerable to Buffer Overflow. A user can send a crafted image to trigger a overflow leading to remote code execution. | |||||
CVE-2023-37536 | 3 Apache, Fedoraproject, Hcltech | 3 Xerces-c\+\+, Fedora, Bigfix Platform | 2024-08-01 | N/A | 8.8 HIGH |
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request. | |||||
CVE-2024-6381 | 2024-07-03 | N/A | 4.0 MEDIUM | ||
The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer overflow where the function will try to free memory at a negative offset. This may result in memory corruption. This issue affected libbson versions prior to 1.26.2 | |||||
CVE-2024-2608 | 2024-07-03 | N/A | N/A | ||
`AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. | |||||
CVE-2024-37305 | 2024-06-20 | N/A | 8.2 HIGH | ||
oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, and S/MIME using post-quantum algorithms from liboqs. Flaws have been identified in the way oqs-provider handles lengths decoded with DECODE_UINT32 at the start of serialized hybrid (traditional + post-quantum) keys and signatures. Unchecked length values are later used for memory reads and writes; malformed input can lead to crashes or information leakage. Handling of plain/non-hybrid PQ key operation is not affected. This issue has been patched in in v0.6.1. All users are advised to upgrade. There are no workarounds for this issue. | |||||
CVE-2023-21648 | 1 Qualcomm | 68 Aqt1000, Aqt1000 Firmware, Qca6391 and 65 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in RIL while trying to send apdu packet. | |||||
CVE-2023-21644 | 1 Qualcomm | 102 Aqt1000, Aqt1000 Firmware, Qca6390 and 99 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request. | |||||
CVE-2022-40530 | 1 Qualcomm | 378 Aqt1000, Aqt1000 Firmware, Ar8031 and 375 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase. | |||||
CVE-2022-33296 | 1 Qualcomm | 228 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8905 and 225 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message. | |||||
CVE-2022-33282 | 1 Qualcomm | 40 Msm8996au, Msm8996au Firmware, Qam8295p and 37 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video playback. | |||||
CVE-2022-33248 | 1 Qualcomm | 324 Apq8009, Apq8009 Firmware, Apq8009w and 321 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http. | |||||
CVE-2022-25705 | 1 Qualcomm | 402 Apq8009, Apq8009 Firmware, Apq8009w and 399 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response | |||||
CVE-2023-33022 | 1 Qualcomm | 424 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq5053-aa and 421 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption in HLOS while invoking IOCTL calls from user-space. | |||||
CVE-2023-33018 | 1 Qualcomm | 526 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 523 more | 2024-04-12 | N/A | 7.8 HIGH |
Memory corruption while using the UIM diag command to get the operators name. | |||||
CVE-2023-28585 | 1 Qualcomm | 562 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 559 more | 2024-04-12 | N/A | 8.8 HIGH |
Memory corruption while loading an ELF segment in TEE Kernel. | |||||
CVE-2024-21470 | 2024-04-12 | N/A | 8.4 HIGH | ||
Memory corruption while allocating memory for graphics. | |||||
CVE-2024-21454 | 2024-04-12 | N/A | 7.5 HIGH | ||
Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics. |