| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Bentley View FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of FBX files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18491. |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. |
| An issue in ETSI Open-Source MANO (OSM) 14.0.x before 14.0.3, 15.0.x before 15.0.2, 16.0.0, and 17.0.0 allows a remote authenticated attacker to escalate privileges via the /osm/admin/v1/users component. |
| Bagisto v1.5.1 is vulnerable for Cross site scripting(XSS) via png file upload vulnerability in product review option. |
| This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. |
| Issue of buffer overflow caused by insufficient data verification in the kernel gyroscope module.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Issue of buffer overflow caused by insufficient data verification in the kernel acceleration module.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Issue of inconsistent read/write serialization in the ad module.
Impact: Successful exploitation of this vulnerability may affect the availability of the ad service. |
| Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Issue of buffer overflow caused by insufficient data verification in the kernel drop detection module.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Vulnerability of returning released pointers in the distributed notification service.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Vulnerability of improper processing of abnormal conditions in huge page separation.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Out-of-bounds read vulnerability in the register configuration of the DMA module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| MantisBT is an open source bug tracker. Due to insufficient access-level checks on the Wiki redirection page, any user can reveal private Projects' names, by accessing wiki.php with sequentially incremented IDs. This issue has been addressed in commit `65c44883f` which has been included in release `2.25.8`. Users are advised to upgrade. Users unable to upgrade should disable wiki integration ( `$g_wiki_enable = OFF;`). |
| Memory corruption while processing audio effects. |
| Memory corruption while processing a private escape command in an event trigger. |
| Memory Corruption in Data Modem while making a MO call or MT VOLTE call. |
| Memory Corruption in camera while installing a fd for a particular DMA buffer. |
| Transient DOS while parsing per STA profile in ML IE. |
| Memory corruption while calling the NPU driver APIs concurrently. |
