Total
556 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-33041 | 1 Qualcomm | 254 Ar8035, Ar8035 Firmware, Csr8811 and 251 more | 2024-08-02 | 7.5 High |
| Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. | ||||
| CVE-2023-32843 | 1 Mediatek | 36 Mt2735, Mt2737, Mt6297 and 33 more | 2024-08-02 | 7.5 High |
| In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130204; Issue ID: MOLY01130204 (MSV-849). | ||||
| CVE-2023-32846 | 1 Mediatek | 36 Mt2735, Mt2737, Mt6297 and 33 more | 2024-08-02 | 7.5 High |
| In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01138453 (MSV-861). | ||||
| CVE-2023-32841 | 1 Mediatek | 36 Mt2735, Mt2737, Mt6297 and 33 more | 2024-08-02 | 7.5 High |
| In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01128524; Issue ID: MOLY01128524 (MSV-846). | ||||
| CVE-2023-32842 | 1 Mediatek | 36 Mt2735, Mt2737, Mt6297 and 33 more | 2024-08-02 | 7.5 High |
| In 5G Modem, there is a possible system crash due to improper error handling. This could lead to remote denial of service when receiving malformed RRC messages, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01130256; Issue ID: MOLY01130256 (MSV-848). | ||||
| CVE-2023-31918 | 1 Jerryscript | 1 Jerryscript | 2024-08-02 | 5.5 Medium |
| Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the parser_parse_function_arguments at jerry-core/parser/js/js-parser.c. | ||||
| CVE-2023-31921 | 1 Jerryscript | 1 Jerryscript | 2024-08-02 | 5.5 Medium |
| Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the ecma_big_uint_div_mod at jerry-core/ecma/operations/ecma-big-uint.c. | ||||
| CVE-2023-31913 | 1 Jerryscript | 1 Jerryscript | 2024-08-02 | 5.5 Medium |
| Jerryscript 3.0 *commit 1a2c047) was discovered to contain an Assertion Failure via the component parser_parse_class at jerry-core/parser/js/js-parser-expr.c. | ||||
| CVE-2023-31919 | 1 Jerryscript | 1 Jerryscript | 2024-08-02 | 5.5 Medium |
| Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the jcontext_raise_exception at jerry-core/jcontext/jcontext.c. | ||||
| CVE-2023-31916 | 1 Jerryscript | 1 Jerryscript | 2024-08-02 | 5.5 Medium |
| Jerryscript 3.0 (commit 1a2c047) was discovered to contain an Assertion Failure via the jmem_heap_finalize at jerry-core/jmem/jmem-heap.c. | ||||
| CVE-2023-31920 | 1 Jerryscript | 1 Jerryscript | 2024-08-02 | 5.5 Medium |
| Jerryscript 3.0 (commit 05dbbd1) was discovered to contain an Assertion Failure via the vm_loop at jerry-core/vm/vm.c. | ||||
| CVE-2023-29935 | 1 Llvm | 1 Llvm | 2024-08-02 | 5.5 Medium |
| llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && "operation was already replaced. | ||||
| CVE-2023-29536 | 2 Mozilla, Redhat | 9 Firefox, Firefox Esr, Focus and 6 more | 2024-08-02 | 8.8 High |
| An attacker could cause the memory manager to incorrectly free a pointer that addresses attacker-controlled memory, resulting in an assertion, memory corruption, or a potentially exploitable crash. This vulnerability affects Firefox < 112, Focus for Android < 112, Firefox ESR < 102.10, Firefox for Android < 112, and Thunderbird < 102.10. | ||||
| CVE-2023-28856 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Acm and 1 more | 2024-08-02 | 5.5 Medium |
| Redis is an open source, in-memory database that persists on disk. Authenticated users can use the `HINCRBYFLOAT` command to create an invalid hash field that will crash Redis on access in affected versions. This issue has been addressed in in versions 7.0.11, 6.2.12, and 6.0.19. Users are advised to upgrade. There are no known workarounds for this issue. | ||||
| CVE-2023-28425 | 1 Redis | 1 Redis | 2024-08-02 | 5.5 Medium |
| Redis is an in-memory database that persists on disk. Starting in version 7.0.8 and prior to version 7.0.10, authenticated users can use the MSETNX command to trigger a runtime assertion and termination of the Redis server process. The problem is fixed in Redis version 7.0.10. | ||||
| CVE-2023-27788 | 1 Broadcom | 1 Tcpreplay | 2024-08-02 | 7.5 High |
| An issue found in TCPrewrite v.4.4.3 allows a remote attacker to cause a denial of service via the ports2PORT function at the portmap.c:69 endpoint. | ||||
| CVE-2023-27789 | 1 Broadcom | 1 Tcpreplay | 2024-08-02 | 7.5 High |
| An issue found in TCPprep v.4.4.3 allows a remote attacker to cause a denial of service via the cidr2cidr function at the cidr.c:178 endpoint. | ||||
| CVE-2023-27783 | 1 Broadcom | 1 Tcpreplay | 2024-08-02 | 7.5 High |
| An issue found in TCPreplay tcprewrite v.4.4.3 allows a remote attacker to cause a denial of service via the tcpedit_dlt_cleanup function at plugins/dlt_plugins.c. | ||||
| CVE-2023-24843 | 1 Qualcomm | 132 315 5g Iot Modem, 315 5g Iot Modem Firmware, Ar8035 and 129 more | 2024-08-02 | 7.5 High |
| Transient DOS in Modem while triggering a camping on an 5G cell. | ||||
| CVE-2023-23759 | 1 Facebook | 1 Fizz | 2024-08-02 | 7.5 High |
| There is a vulnerability in the fizz library prior to v2023.01.30.00 where a CHECK failure can be triggered remotely. This behavior requires the client supported cipher advertisement changing between the original ClientHello and the second ClientHello, crashing the process (impact is limited to denial of service). | ||||