Total
124 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-26721 | 1 Linux | 1 Linux Kernel | 2025-03-17 | N/A | 5.5 MEDIUM |
| In the Linux kernel, the following vulnerability has been resolved: drm/i915/dsc: Fix the macro that calculates DSCC_/DSCA_ PPS reg address Commit bd077259d0a9 ("drm/i915/vdsc: Add function to read any PPS register") defines a new macro to calculate the DSC PPS register addresses with PPS number as an input. This macro correctly calculates the addresses till PPS 11 since the addresses increment by 4. So in that case the following macro works correctly to give correct register address: _MMIO(_DSCA_PPS_0 + (pps) * 4) However after PPS 11, the register address for PPS 12 increments by 12 because of RC Buffer memory allocation in between. Because of this discontinuity in the address space, the macro calculates wrong addresses for PPS 12 - 16 resulting into incorrect DSC PPS parameter value read/writes causing DSC corruption. This fixes it by correcting this macro to add the offset of 12 for PPS >=12. v3: Add correct paranthesis for pps argument (Jani Nikula) (cherry picked from commit 6074be620c31dc2ae11af96a1a5ea95580976fb5) | |||||
| CVE-2023-20627 | 2 Google, Mediatek | 6 Android, Mt6879, Mt6895 and 3 more | 2025-03-06 | N/A | 6.7 MEDIUM |
| In pqframework, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07629585; Issue ID: ALPS07629585. | |||||
| CVE-2020-17087 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2025-02-11 | 7.2 HIGH | 7.8 HIGH |
| Windows Kernel Local Elevation of Privilege Vulnerability | |||||
| CVE-2023-6780 | 2 Fedoraproject, Gnu | 2 Fedora, Glibc | 2025-02-07 | N/A | 5.3 MEDIUM |
| An integer overflow was found in the __vsyslog_internal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when these functions are called with a very long message, leading to an incorrect calculation of the buffer size to store the message, resulting in undefined behavior. This issue affects glibc 2.37 and newer. | |||||
| CVE-2021-38435 | 1 Rti | 2 Connext Professional, Connext Secure | 2025-02-05 | 7.5 HIGH | 6.6 MEDIUM |
| RTI Connext DDS Professional and Connext DDS Secure Versions 4.2x to 6.1.0 not correctly calculate the size when allocating the buffer, which may result in a buffer overflow. | |||||
| CVE-2024-23805 | 1 F5 | 2 Big-ip Advanced Web Application Firewall, Big-ip Application Security Manager | 2025-01-23 | N/A | 7.5 HIGH |
| Undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. For the Application Visibility and Reporting module, this may occur when the HTTP Analytics profile with URLs enabled under Collected Entities is configured on a virtual server and the DB variables avr.IncludeServerInURI or avr.CollectOnlyHostnameFromURI are enabled. For BIG-IP Advanced WAF and ASM, this may occur when either a DoS or Bot Defense profile is configured on a virtual server and the DB variables avr.IncludeServerInURI or avr.CollectOnlyHostnameFromURI are enabled. Note: The DB variables avr.IncludeServerInURI and avr.CollectOnlyHostnameFromURI are not enabled by default. For more information about the HTTP Analytics profile and the Collect URLs setting, refer to K30875743: Create a new Analytics profile and attach it to your virtual servers https://my.f5.com/manage/s/article/K30875743 . Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated | |||||
| CVE-2024-23606 | 2 Fedoraproject, Libbiosig Project | 2 Fedora, Libbiosig | 2025-01-22 | N/A | 9.8 CRITICAL |
| An out-of-bounds write vulnerability exists in the sopen_FAMOS_read functionality of The Biosig Project libbiosig 2.5.0 and Master Branch (ab0ee111). A specially crafted .famos file can lead to arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2024-11425 | 2025-01-17 | N/A | 7.5 HIGH | ||
| CWE-131: Incorrect Calculation of Buffer Size vulnerability exists that could cause Denial-of-Service of the product when an unauthenticated user is sending a crafted HTTPS packet to the webserver. | |||||
| CVE-2024-8361 | 2025-01-07 | N/A | 7.5 HIGH | ||
| In SiWx91x devices, the SHA2/224 algorithm returns a hash of 256 bits instead of 224 bits. This incorrect hash length triggers a software assertion, which subsequently causes a Denial of Service (DoS). If a watchdog is implemented, device will restart after watch dog expires. If watchdog is not implemented, device can be recovered only after a hard reset | |||||
| CVE-2017-13315 | 1 Google | 1 Android | 2024-12-18 | N/A | 7.8 HIGH |
| In writeToParcel and createFromParcel of DcParamObject.java, there is a permission bypass due to a write size mismatch. This could lead to an elevation of privileges where the user can start an activity with system privileges, with no additional execution privileges needed. User interaction is not needed for exploitation. | |||||
| CVE-2024-5000 | 2024-11-21 | N/A | 7.5 HIGH | ||
| An unauthenticated remote attacker can use a malicious OPC UA client to send a crafted request to affected CODESYS products which can cause a DoS due to incorrect calculation of buffer size. | |||||
| CVE-2024-45287 | 1 Freebsd | 1 Freebsd | 2024-11-21 | N/A | 7.5 HIGH |
| A malicious value of size in a structure of packed libnv can cause an integer overflow, leading to the allocation of a smaller buffer than required for the parsed data. | |||||
| CVE-2024-28052 | 1 Level1 | 2 Wbr-6012, Wbr-6012 Firmware | 2024-11-21 | N/A | 5.3 MEDIUM |
| The WBR-6012 is a wireless SOHO router. It is a low-cost device which functions as an internet gateway for homes and small offices while aiming to be easy to configure and operate. In addition to providing a WiFi access point, the device serves as a 4-port wired router and implements a variety of common SOHO router capabilities such as port forwarding, quality-of-service, web-based administration, a DHCP server, a basic DMZ, and UPnP capabilities. | |||||
| CVE-2024-23622 | 1 Ibm | 1 Merge Efilm Workstation | 2024-11-21 | 10.0 HIGH | 10.0 CRITICAL |
| A stack-based buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution with SYSTEM privileges. | |||||
| CVE-2024-23621 | 1 Ibm | 1 Merge Efilm Workstation | 2024-11-21 | 10.0 HIGH | 10.0 CRITICAL |
| A buffer overflow exists in IBM Merge Healthcare eFilm Workstation license server. A remote, unauthenticated attacker can exploit this vulnerability to achieve remote code execution. | |||||
| CVE-2023-6387 | 1 Silabs | 1 Gecko Software Development Kit | 2024-11-21 | N/A | 7.5 HIGH |
| A potential buffer overflow exists in the Bluetooth LE HCI CPC sample application in the Gecko SDK which may result in a denial of service or remote code execution | |||||
| CVE-2023-5941 | 1 Freebsd | 1 Freebsd | 2024-11-21 | N/A | 9.8 CRITICAL |
| In versions of FreeBSD 12.4-RELEASE prior to 12.4-RELEASE-p7 and FreeBSD 13.2-RELEASE prior to 13.2-RELEASE-p5 the __sflush() stdio function in libc does not correctly update FILE objects' write space members for write-buffered streams when the write(2) system call returns an error. Depending on the nature of an application that calls libc's stdio functions and the presence of errors returned from the write(2) system call (or an overridden stdio write routine) a heap buffer overflow may occur. Such overflows may lead to data corruption or the execution of arbitrary code at the privilege level of the calling program. | |||||
| CVE-2023-52558 | 2024-11-21 | N/A | 7.5 HIGH | ||
| In OpenBSD 7.4 before errata 002 and OpenBSD 7.3 before errata 019, a network buffer that had to be split at certain length that could crash the kernel after receiving specially crafted escape sequences. | |||||
| CVE-2023-52557 | 2024-11-21 | N/A | 7.5 HIGH | ||
| In OpenBSD 7.3 before errata 016, npppd(8) could crash by a l2tp message which has an AVP (Attribute-Value Pair) with wrong length. | |||||
| CVE-2023-50736 | 2024-11-21 | N/A | 9.0 CRITICAL | ||
| A memory corruption vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code. | |||||