| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size. |
| Memory corruption when Alternative Frequency offset value is set to 255. |
| Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked. |
| Memory corruption while processing manipulated payload in video firmware. |
| Memory corruption in wearables while processing data from AON. |
| Memory corruption while playing audio file having large-sized input buffer. |
| Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer. |
| Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size. |
| Memory corruption while parsing qcp clip with invalid chunk data size. |
| Memory corruption when IOCTL call is invoked from user-space to read board data. |
| Memory corruption in Core while processing RX intent request. |
| Memory corruption in HLOS while converting from authorization token to HIDL vector. |
| Memory corruption while invoking callback function of AFE from ADSP. |
| Ashlar-Vellum Cobalt CO File Parsing Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25240. |
| A stack buffer overflow was found in Internationl components for unicode (ICU ). While running the genrb binary, the 'subtag' struct overflowed at the SRBRoot::addTag function. This issue may lead to memory corruption and local arbitrary code execution. |
| Turbo FTP Server versions 1.30.823 and 1.30.826 contain a buffer overflow vulnerability in the handling of the PORT command. By sending a specially crafted payload, an unauthenticated remote attacker can overwrite memory structures and execute arbitrary code with SYSTEM privileges. |
| A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748_B20211015. This vulnerability affects the function tcpcheck_net of the file /router/meshSlaveDlfw of the component MQTT Packet Handler. The manipulation of the argument serverIp leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. |
| Kofax Power PDF PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22921. |
| When an HTTP profile with the Enforce RFC Compliance option is configured on a virtual server, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. |
| Buffer overflow vulnerability in matplotlib.This issue affects matplotlib: before upstream commit ba4016014cb4fb4927e36ce8ea429fed47dcb787. |
