Total
2446 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-33248 | 1 Qualcomm | 324 Apq8009, Apq8009 Firmware, Apq8009w and 321 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http. | |||||
| CVE-2022-25705 | 1 Qualcomm | 402 Apq8009, Apq8009 Firmware, Apq8009w and 399 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response | |||||
| CVE-2023-33038 | 1 Qualcomm | 288 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 285 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption while receiving a message in Bus Socket Transport Server. | |||||
| CVE-2023-33032 | 1 Qualcomm | 234 9205 Lte Modem, 9205 Lte Modem Firmware, Aqt1000 and 231 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in TZ Secure OS while requesting a memory allocation from TA region. | |||||
| CVE-2023-33022 | 1 Qualcomm | 424 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq5053-aa and 421 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in HLOS while invoking IOCTL calls from user-space. | |||||
| CVE-2023-33018 | 1 Qualcomm | 526 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 523 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption while using the UIM diag command to get the operators name. | |||||
| CVE-2023-28588 | 1 Qualcomm | 428 Apq8017, Apq8017 Firmware, Apq8064au and 425 more | 2024-04-12 | N/A | 7.5 HIGH |
| Transient DOS in Bluetooth Host while rfc slot allocation. | |||||
| CVE-2023-43550 | 2024-04-12 | N/A | 7.8 HIGH | ||
| Memory corruption while processing a QMI request for allocating memory from a DHMS supported subsystem. | |||||
| CVE-2024-21450 | 2024-04-11 | N/A | 8.8 HIGH | ||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2024-21441 | 2024-04-11 | N/A | 8.8 HIGH | ||
| Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2024-20795 | 2024-04-11 | N/A | 7.8 HIGH | ||
| Animate versions 23.0.4, 24.0.1 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
| CVE-2021-46940 | 1 Linux | 1 Linux Kernel | 2024-04-10 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix offset overflow issue in index converting The idx_to_offset() function returns type int (32-bit signed), but MSR_PKG_ENERGY_STAT is u32 and would be interpreted as a negative number. The end result is that it hits the if (offset < 0) check in update_msr_sum() which prevents the timer callback from updating the stat in the background when long durations are used. The similar issue exists in offset_to_idx() and update_msr_sum(). Fix this issue by converting the 'int' to 'off_t' accordingly. | |||||
| CVE-2024-28923 | 2024-04-10 | N/A | 6.4 MEDIUM | ||
| Secure Boot Security Feature Bypass Vulnerability | |||||
| CVE-2024-28931 | 2024-04-10 | N/A | 8.8 HIGH | ||
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2024-28929 | 2024-04-10 | N/A | 8.8 HIGH | ||
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2024-28942 | 2024-04-10 | N/A | 8.8 HIGH | ||
| Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2024-26171 | 2024-04-10 | N/A | 6.7 MEDIUM | ||
| Secure Boot Security Feature Bypass Vulnerability | |||||
| CVE-2024-28936 | 2024-04-10 | N/A | 8.8 HIGH | ||
| Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability | |||||
| CVE-2023-39317 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `string_lens` array. | |||||
| CVE-2023-39316 | 1 Tonybybell | 1 Gtkwave | 2024-04-09 | N/A | 7.8 HIGH |
| Multiple integer overflow vulnerabilities exist in the LXT2 num_dict_entries functionality of GTKWave 3.3.115. A specially crafted .lxt2 file can lead to arbitrary code execution. A victim would need to open a malicious file to trigger these vulnerabilities.This vulnerability concerns the integer overflow when allocating the `string_pointers` array. | |||||