Total
7759 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-38405 | 1 Qualcomm | 198 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 195 more | 2024-11-07 | N/A | 7.5 HIGH |
| Transient DOS while processing the CU information from RNR IE. | |||||
| CVE-2024-47402 | 1 Openatom | 1 Openharmony | 2024-11-06 | N/A | 3.3 LOW |
| in OpenHarmony v4.0.0 and prior versions allow a local attacker cause DOS through out-of-bounds read. | |||||
| CVE-2021-46772 | 2024-11-05 | N/A | 3.9 LOW | ||
| Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory read and write, potentially resulting in memory corruption or denial of service. | |||||
| CVE-2024-10387 | 1 Rockwellautomation | 1 Thinmanager | 2024-11-05 | N/A | 7.5 HIGH |
| CVE-2024-10387 IMPACT A Denial-of-Service vulnerability exists in the affected product. The vulnerability could allow a threat actor with network access to send crafted messages to the device, potentially resulting in Denial-of-Service. | |||||
| CVE-2024-43424 | 2 Sharp, Toshibatec | 640 Bp-30c25, Bp-30c25 Firmware, Bp-30c25t and 637 more | 2024-11-05 | N/A | 7.5 HIGH |
| Sharp and Toshiba Tec MFPs improperly process HTTP request headers, resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed. | |||||
| CVE-2024-42420 | 2 Sharp, Toshibatec | 640 Bp-30c25, Bp-30c25 Firmware, Bp-30c25t and 637 more | 2024-11-05 | N/A | 7.5 HIGH |
| Sharp and Toshiba Tec MFPs contain multiple Out-of-bounds Read vulnerabilities, due to improper processing of keyword search input and improper processing of SOAP messages. Crafted HTTP requests may cause affected products crashed. | |||||
| CVE-2024-45829 | 2 Sharp, Toshibatec | 640 Bp-30c25, Bp-30c25 Firmware, Bp-30c25t and 637 more | 2024-11-05 | N/A | 4.9 MEDIUM |
| Sharp and Toshiba Tec MFPs provide the web page to download data, where query parameters in HTTP requests are improperly processed and resulting in an Out-of-bounds Read vulnerability. Crafted HTTP requests may cause affected products crashed. | |||||
| CVE-2024-50612 | 1 Libsndfile Project | 1 Libsndfile | 2024-11-05 | N/A | 5.5 MEDIUM |
| libsndfile through 1.2.2 has an ogg_vorbis.c vorbis_analysis_wrote out-of-bounds read. | |||||
| CVE-2024-47041 | 1 Google | 1 Android | 2024-11-04 | N/A | 7.8 HIGH |
| In valid_address of syscall.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2023-20509 | 2024-11-04 | N/A | 5.2 MEDIUM | ||
| An insufficient DRAM address validation in PMFW may allow a privileged attacker to perform a DMA read from an invalid DRAM address to SRAM, potentially resulting in loss of data integrity. | |||||
| CVE-2022-48999 | 1 Linux | 1 Linux Kernel | 2024-10-31 | N/A | 7.1 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: ipv4: Handle attempt to delete multipath route when fib_info contains an nh reference Gwangun Jung reported a slab-out-of-bounds access in fib_nh_match: fib_nh_match+0xf98/0x1130 linux-6.0-rc7/net/ipv4/fib_semantics.c:961 fib_table_delete+0x5f3/0xa40 linux-6.0-rc7/net/ipv4/fib_trie.c:1753 inet_rtm_delroute+0x2b3/0x380 linux-6.0-rc7/net/ipv4/fib_frontend.c:874 Separate nexthop objects are mutually exclusive with the legacy multipath spec. Fix fib_nh_match to return if the config for the to be deleted route contains a multipath spec while the fib_info is using a nexthop object. | |||||
| CVE-2024-44460 | 1 Emqx | 1 Nanomq | 2024-10-30 | N/A | 7.5 HIGH |
| An invalid read size in Nanomq v0.21.9 allows attackers to cause a Denial of Service (DoS). | |||||
| CVE-2024-45182 | 2 Microsoft, Wibu | 2 Windows, Wibukey | 2024-10-29 | N/A | 5.5 MEDIUM |
| An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70 An improper bounds check allows specially crafted packets to cause an arbitrary address read, resulting in Denial of Service. | |||||
| CVE-2024-7255 | 1 Google | 1 Chrome | 2024-10-29 | N/A | 8.8 HIGH |
| Out of bounds read in WebTransport in Google Chrome prior to 127.0.6533.88 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High) | |||||
| CVE-2024-47021 | 1 Google | 1 Android | 2024-10-28 | N/A | 7.5 HIGH |
| In sms_ExtractCbLanguage of sms_CellBroadcast.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-47018 | 1 Google | 1 Android | 2024-10-28 | N/A | 5.5 MEDIUM |
| In pmucal_rae_handle_seq_int of flexpmu_cal_rae.c, there is a possible out of bounds read due to a buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-47019 | 1 Google | 1 Android | 2024-10-28 | N/A | 5.5 MEDIUM |
| In ProtocolEmbmsSaiListAdapter::Init() of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitation. | |||||
| CVE-2024-47026 | 1 Google | 1 Android | 2024-10-28 | N/A | 5.5 MEDIUM |
| In gsc_gsa_rescue of gsc_gsa.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-47028 | 1 Google | 1 Android | 2024-10-28 | N/A | 4.4 MEDIUM |
| In ffu_flash_pack of ffu.c, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-47029 | 1 Google | 1 Android | 2024-10-28 | N/A | 5.5 MEDIUM |
| In TrustySharedMemoryManager::GetSharedMemory of ondevice/trusty/trusty_shared_memory_manager.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||