Search Results (366468 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-20741 2 Google, Mediatek 48 Android, Mt6735, Mt6737 and 45 more 2025-01-07 4.4 Medium
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591; Issue ID: ALPS07628606.
CVE-2023-20740 3 Google, Linuxfoundation, Mediatek 39 Android, Iot-yocto, Yocto and 36 more 2025-01-07 6.7 Medium
In vcu, there is a possible memory corruption due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07559819; Issue ID: ALPS07559840.
CVE-2023-20728 3 Google, Linuxfoundation, Mediatek 40 Android, Yocto, Mt6781 and 37 more 2025-01-07 4.4 Medium
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573603; Issue ID: ALPS07573603.
CVE-2023-20725 4 Google, Mediatek, Openwrt and 1 more 41 Android, Mt6580, Mt6739 and 38 more 2025-01-07 6.7 Medium
In preloader, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only); Issue ID: ALPS07734004 / ALPS07874358 (For MT6880, MT6890, MT6980, MT6990 only).
CVE-2022-48445 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-07 5.9 Medium
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
CVE-2022-48444 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-07 5.9 Medium
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
CVE-2022-48443 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-07 5.9 Medium
In telephony service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
CVE-2022-48442 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-07 6.2 Medium
In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
CVE-2022-48441 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-07 6.2 Medium
In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
CVE-2022-48440 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-07 6.2 Medium
In dialer service, there is a possible missing permission check. This could lead to local denial of service with no additional execution privileges.
CVE-2022-48439 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-07 4.4 Medium
In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
CVE-2022-48438 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-07 7.3 High
In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
CVE-2022-48390 2 Google, Unisoc 14 Android, S8000, Sc7731e and 11 more 2025-01-07 7.3 High
In telephony service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.
CVE-2023-37395 1 Ibm 1 Aspera Faspex 2025-01-07 2.5 Low
IBM Aspera Faspex 5.0.0 through 5.0.7 could allow a local user to obtain sensitive information due to improper encryption of certain data.
CVE-2023-27283 1 Ibm 1 Aspera Orchestrator 2025-01-07 5.3 Medium
IBM Aspera Orchestrator 4.0.1 could allow a remote attacker to enumerate usernames due to observable response discrepancies. IBM X-Force ID: 248545.
CVE-2023-37407 1 Ibm 1 Aspera Orchestrator 2025-01-07 8.8 High
IBM Aspera Orchestrator 4.0.1 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 260116.
CVE-2024-31904 1 Ibm 1 App Connect Enterprise 2025-01-07 6.5 Medium
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 integration nodes could allow an authenticated user to cause a denial of service due to an uncaught exception. IBM X-Force ID: 289647.
CVE-2024-31893 1 Ibm 1 App Connect Enterprise 2025-01-07 4.3 Medium
IBM App Connect Enterprise 12.0.1.0 through 12.0.12.1 could allow an authenticated user to obtain sensitive calendar information using an expired access token. IBM X-Force ID: 288174.
CVE-2024-28760 1 Ibm 1 App Connect Enterprise 2025-01-07 4.3 Medium
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.25 and 12.0.1.0 through 12.0.12.0 dashboard is vulnerable to a denial of service due to improper restrictions of resource allocation. IBM X-Force ID: 285244.
CVE-2023-40695 1 Ibm 1 Cognos Controller 2025-01-07 6.3 Medium
IBM Cognos Controller 10.4.1, 10.4.2, and 11.0.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. IBM X-Force ID: 264938.