Total
80 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-6381 | 2024-07-03 | N/A | 4.0 MEDIUM | ||
| The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer overflow where the function will try to free memory at a negative offset. This may result in memory corruption. This issue affected libbson versions prior to 1.26.2 | |||||
| CVE-2024-2608 | 2024-07-03 | N/A | N/A | ||
| `AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9. | |||||
| CVE-2024-37305 | 2024-06-20 | N/A | 8.2 HIGH | ||
| oqs-provider is a provider for the OpenSSL 3 cryptography library that adds support for post-quantum cryptography in TLS, X.509, and S/MIME using post-quantum algorithms from liboqs. Flaws have been identified in the way oqs-provider handles lengths decoded with DECODE_UINT32 at the start of serialized hybrid (traditional + post-quantum) keys and signatures. Unchecked length values are later used for memory reads and writes; malformed input can lead to crashes or information leakage. Handling of plain/non-hybrid PQ key operation is not affected. This issue has been patched in in v0.6.1. All users are advised to upgrade. There are no workarounds for this issue. | |||||
| CVE-2023-41175 | 3 Fedoraproject, Libtiff, Redhat | 3 Fedora, Libtiff, Enterprise Linux | 2024-04-30 | N/A | 6.5 MEDIUM |
| A vulnerability was found in libtiff due to multiple potential integer overflows in raw2tiff.c. This flaw allows remote attackers to cause a denial of service or possibly execute an arbitrary code via a crafted tiff image, which triggers a heap-based buffer overflow. | |||||
| CVE-2023-21648 | 1 Qualcomm | 68 Aqt1000, Aqt1000 Firmware, Qca6391 and 65 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in RIL while trying to send apdu packet. | |||||
| CVE-2023-21644 | 1 Qualcomm | 102 Aqt1000, Aqt1000 Firmware, Qca6390 and 99 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request. | |||||
| CVE-2022-40530 | 1 Qualcomm | 378 Aqt1000, Aqt1000 Firmware, Ar8031 and 375 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase. | |||||
| CVE-2022-33296 | 1 Qualcomm | 228 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8905 and 225 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption due to integer overflow to buffer overflow in Modem while parsing Traffic Channel Neighbor List Update message. | |||||
| CVE-2022-33282 | 1 Qualcomm | 40 Msm8996au, Msm8996au Firmware, Qam8295p and 37 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in Automotive Multimedia due to integer overflow to buffer overflow during IOCTL calls in video playback. | |||||
| CVE-2022-33248 | 1 Qualcomm | 324 Apq8009, Apq8009 Firmware, Apq8009w and 321 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in User Identity Module due to integer overflow to buffer overflow when a segement is received via qmi http. | |||||
| CVE-2022-25705 | 1 Qualcomm | 402 Apq8009, Apq8009 Firmware, Apq8009w and 399 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in modem due to integer overflow to buffer overflow while handling APDU response | |||||
| CVE-2023-33022 | 1 Qualcomm | 424 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq5053-aa and 421 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption in HLOS while invoking IOCTL calls from user-space. | |||||
| CVE-2023-33018 | 1 Qualcomm | 526 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 523 more | 2024-04-12 | N/A | 7.8 HIGH |
| Memory corruption while using the UIM diag command to get the operators name. | |||||
| CVE-2023-28585 | 1 Qualcomm | 562 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 559 more | 2024-04-12 | N/A | 8.8 HIGH |
| Memory corruption while loading an ELF segment in TEE Kernel. | |||||
| CVE-2024-21470 | 2024-04-12 | N/A | 8.4 HIGH | ||
| Memory corruption while allocating memory for graphics. | |||||
| CVE-2024-21454 | 2024-04-12 | N/A | 7.5 HIGH | ||
| Transient DOS while decoding the ToBeSignedMessage in Automotive Telematics. | |||||
| CVE-2022-36765 | 1 Tianocore | 1 Edk2 | 2024-03-13 | N/A | 7.8 HIGH |
| EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local network. Successful exploitation of this vulnerability may result in a compromise of confidentiality, integrity, and/or availability. | |||||
| CVE-2020-13576 | 2 Fedoraproject, Genivia | 2 Fedora, Gsoap | 2024-03-01 | 7.5 HIGH | 9.8 CRITICAL |
| A code execution vulnerability exists in the WS-Addressing plugin functionality of Genivia gSOAP 2.8.107. A specially crafted SOAP request can lead to remote code execution. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2023-22305 | 3 Intel, Linux, Microsoft | 3 Aptio V Uefi Firmware Integrator Tools, Linux Kernel, Windows | 2023-11-20 | N/A | 5.5 MEDIUM |
| Integer overflow in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2023-22443 | 1 Intel | 20 Server System D50tnp1mhcpac, Server System D50tnp1mhcpac Firmware, Server System D50tnp1mhcrac and 17 more | 2023-11-07 | N/A | 5.5 MEDIUM |
| Integer overflow in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable denial of service via local access. | |||||