Total
12074 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-20099 | 3 Google, Linuxfoundation, Mediatek | 8 Android, Yocto, Mt6768 and 5 more | 2025-04-25 | N/A | 6.7 MEDIUM |
| In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08997492; Issue ID: MSV-1625. | |||||
| CVE-2024-20100 | 2 Google, Mediatek | 19 Android, Iot Yocto, Mt3605 and 16 more | 2025-04-25 | N/A | 9.8 CRITICAL |
| In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998449; Issue ID: MSV-1603. | |||||
| CVE-2020-29367 | 1 Blosc | 1 C-blosc2 | 2025-04-25 | 9.3 HIGH | 7.8 HIGH |
| blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data. | |||||
| CVE-2023-32837 | 2 Google, Mediatek | 7 Android, Mt6883, Mt6885 and 4 more | 2025-04-25 | N/A | 7.8 HIGH |
| In video, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08235273; Issue ID: ALPS08250357. | |||||
| CVE-2023-32836 | 2 Google, Mediatek | 7 Android, Mt6893, Mt6895 and 4 more | 2025-04-25 | N/A | 6.7 MEDIUM |
| In display, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08126725; Issue ID: ALPS08126725. | |||||
| CVE-2023-32832 | 2 Google, Mediatek | 10 Android, Mt6883, Mt6885 and 7 more | 2025-04-25 | N/A | 7.0 HIGH |
| In video, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08235273; Issue ID: ALPS08235273. | |||||
| CVE-2022-45202 | 1 Gpac | 1 Gpac | 2025-04-25 | N/A | 7.8 HIGH |
| GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a stack overflow via the function dimC_box_read at isomedia/box_code_3gpp.c. | |||||
| CVE-2024-46774 | 1 Linux | 1 Linux Kernel | 2025-04-25 | N/A | 7.1 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: powerpc/rtas: Prevent Spectre v1 gadget construction in sys_rtas() Smatch warns: arch/powerpc/kernel/rtas.c:1932 __do_sys_rtas() warn: potential spectre issue 'args.args' [r] (local cap) The 'nargs' and 'nret' locals come directly from a user-supplied buffer and are used as indexes into a small stack-based array and as inputs to copy_to_user() after they are subject to bounds checks. Use array_index_nospec() after the bounds checks to clamp these values for speculative execution. | |||||
| CVE-2022-45640 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-04-24 | N/A | 7.5 HIGH |
| Tenda Tenda AC6V1.0 V15.03.05.19 is affected by buffer overflow. Causes a denial of service (local). | |||||
| CVE-2022-45337 | 1 Tenda | 2 Tx9 Pro, Tx9 Pro Firmware | 2025-04-24 | N/A | 7.5 HIGH |
| Tenda TX9 Pro v22.03.02.10 was discovered to contain a stack overflow via the list parameter at /goform/SetIpMacBind. | |||||
| CVE-2022-45332 | 1 Gnu | 1 Libredwg | 2025-04-24 | N/A | 7.8 HIGH |
| LibreDWG v0.12.4.4643 was discovered to contain a heap buffer overflow via the function decode_preR13_section_hdr at decode_r11.c. | |||||
| CVE-2022-44367 | 1 Tenda | 2 I21, I21 Firmware | 2025-04-24 | N/A | 9.8 CRITICAL |
| Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setUplinkInfo. | |||||
| CVE-2022-44362 | 1 Tenda | 2 I21, I21 Firmware | 2025-04-24 | N/A | 9.8 CRITICAL |
| Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/AddSysLogRule. | |||||
| CVE-2022-44366 | 1 Tenda | 2 I21, I21 Firmware | 2025-04-24 | N/A | 9.8 CRITICAL |
| Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setDiagnoseInfo. | |||||
| CVE-2022-44365 | 1 Tenda | 2 I21, I21 Firmware | 2025-04-24 | N/A | 9.8 CRITICAL |
| Tenda i21 V1.0.0.14(4656) has a stack overflow vulnerability via /goform/setSysPwd. | |||||
| CVE-2022-44363 | 1 Tenda | 2 I21, I21 Firmware | 2025-04-24 | N/A | 9.8 CRITICAL |
| Tenda i21 V1.0.0.14(4656) is vulnerable to Buffer Overflow via /goform/setSnmpInfo. | |||||
| CVE-2022-40918 | 1 Force1rc | 2 Discovery Wifi U818a Hd\+ Fpv, Discovery Wifi U818a Hd\+ Fpv Firmware | 2025-04-24 | N/A | 9.8 CRITICAL |
| Buffer overflow in firmware lewei_cam binary version 2.0.10 in Force 1 Discovery Wifi U818A HD+ FPV Drone allows attacker to gain remote code execution as root user via a specially crafted UDP packet. Please update the Reference section to these links > http://thiscomputer.com/ > https://www.bostoncyber.org/ > https://medium.com/@meekworth/exploiting-the-lw9621-drone-camera-module-773f00081368 | |||||
| CVE-2022-37325 | 1 Sangoma | 1 Asterisk | 2025-04-24 | N/A | 7.5 HIGH |
| In Sangoma Asterisk through 16.28.0, 17.x and 18.x through 18.14.0, and 19.x through 19.6.0, an incoming Setup message to addons/ooh323c/src/ooq931.c with a malformed Calling or Called Party IE can cause a crash. | |||||
| CVE-2022-32634 | 2 Google, Mediatek | 31 Android, Mt6761, Mt6765 and 28 more | 2025-04-24 | N/A | 6.7 MEDIUM |
| In ccci, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07138646; Issue ID: ALPS07138646. | |||||
| CVE-2022-32632 | 3 Google, Mediatek, Yoctoproject | 35 Android, Mt6580, Mt6735 and 32 more | 2025-04-24 | N/A | 6.7 MEDIUM |
| In Wi-Fi, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07441630; Issue ID: ALPS07441630. | |||||