Total
101 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-24478 | 1 Wireshark | 1 Wireshark | 2025-04-14 | N/A | 7.5 HIGH |
| An issue in Wireshark before 4.2.0 allows a remote attacker to cause a denial of service via the packet-bgp.c, dissect_bgp_open(tvbuff_t*tvb, proto_tree*tree, packet_info*pinfo), optlen components. NOTE: this is disputed by the vendor because neither release 4.2.0 nor any other release was affected. | |||||
| CVE-2024-2608 | 2 Debian, Mozilla | 3 Debian Linux, Firefox, Thunderbird | 2025-04-01 | N/A | 8.4 HIGH |
| `AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. | |||||
| CVE-2024-55626 | 1 Oisf | 1 Suricata | 2025-03-31 | N/A | 3.3 LOW |
| Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to 7.0.8, a large BPF filter file provided to Suricata at startup can lead to a buffer overflow at Suricata startup. The issue has been addressed in Suricata 7.0.8. | |||||
| CVE-2024-57956 | 1 Huawei | 1 Harmonyos | 2025-03-17 | N/A | 2.8 LOW |
| Out-of-bounds read vulnerability in the interpreter string module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2022-36765 | 1 Tianocore | 1 Edk2 | 2025-02-13 | N/A | 7.0 HIGH |
| EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability. | |||||
| CVE-2024-21454 | 1 Qualcomm | 6 Auto 4g Modem, Auto 4g Modem Firmware, Auto 5g Modem-rf and 3 more | 2025-01-13 | N/A | 7.5 HIGH |
| Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics. | |||||
| CVE-2024-21470 | 1 Qualcomm | 66 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 63 more | 2025-01-13 | N/A | 8.4 HIGH |
| Memory corruption while allocating memory for graphics. | |||||
| CVE-2024-56451 | 1 Huawei | 1 Harmonyos | 2025-01-13 | N/A | 7.3 HIGH |
| Integer overflow vulnerability during glTF model loading in the 3D engine module Impact: Successful exploitation of this vulnerability may affect availability. | |||||
| CVE-2024-37305 | 2024-11-21 | N/A | 8.2 HIGH | ||
| oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, and S/MIME using post-quantum algorithms from liboqs. Flaws have been identified in the way oqs-provider handles lengths decoded with DECODE_UINT32 at the start of serialized hybrid (traditional + post-quantum) keys and signatures. Unchecked length values are later used for memory reads and writes; malformed input can lead to crashes or information leakage. Handling of plain/non-hybrid PQ key operation is not affected. This issue has been patched in in v0.6.1. All users are advised to upgrade. There are no workarounds for this issue. | |||||
| CVE-2023-37536 | 3 Apache, Fedoraproject, Hcltech | 3 Xerces-c\+\+, Fedora, Bigfix Platform | 2024-11-21 | N/A | 8.2 HIGH |
| An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request. | |||||
| CVE-2023-22443 | 1 Intel | 20 Server System D50tnp1mhcpac, Server System D50tnp1mhcpac Firmware, Server System D50tnp1mhcrac and 17 more | 2024-11-21 | N/A | 6.0 MEDIUM |
| Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable denial of service via local access. | |||||
| CVE-2023-22305 | 3 Intel, Linux, Microsoft | 3 Aptio V Uefi Firmware Integrator Tools, Linux Kernel, Windows | 2024-11-21 | N/A | 6.5 MEDIUM |
| Integer overflow in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2023-21648 | 1 Qualcomm | 68 Aqt1000, Aqt1000 Firmware, Qca6391 and 65 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| Memory corruption in RIL while trying to send apdu packet. | |||||
| CVE-2023-21644 | 1 Qualcomm | 102 Aqt1000, Aqt1000 Firmware, Qca6390 and 99 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request. | |||||
| CVE-2022-40530 | 1 Qualcomm | 378 Aqt1000, Aqt1000 Firmware, Ar8031 and 375 more | 2024-11-21 | N/A | 8.4 HIGH |
| Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase. | |||||
| CVE-2022-35289 | 1 Facebook | 1 Hermes | 2024-11-21 | N/A | 9.8 CRITICAL |
| A write-what-where condition in hermes caused by an integer overflow, prior to commit 5b6255ae049fa4641791e47fad994e8e8c4da374 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected. | |||||
| CVE-2022-33296 | 1 Qualcomm | 228 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8905 and 225 more | 2024-11-21 | N/A | 5.9 MEDIUM |
| Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message. | |||||
| CVE-2022-33282 | 1 Qualcomm | 40 Msm8996au, Msm8996au Firmware, Qam8295p and 37 more | 2024-11-21 | N/A | 8.4 HIGH |
| Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video playback. | |||||
| CVE-2022-33248 | 1 Qualcomm | 324 Apq8009, Apq8009 Firmware, Apq8009w and 321 more | 2024-11-21 | N/A | 7.8 HIGH |
| Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http. | |||||
| CVE-2022-32543 | 1 Estsoft | 1 Alyac | 2024-11-21 | N/A | 7.8 HIGH |
| An integer overflow vulnerability exists in the way ESTsoft Alyac 2.5.8.544 parses OLE files. A specially-crafted OLE file can lead to a heap buffer overflow which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||