| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Information Disclosure in Qualcomm IPC while reading values from shared memory in VM. |
| Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command. |
| Memory corruption in HLOS while converting from authorization token to HIDL vector. |
| Transient DOS in WLAN Firmware while parsing a NAN management frame. |
| Memory corruption while processing finish_sign command to pass a rsp buffer. |
| Memory corruption while using the UIM diag command to get the operators name. |
| Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. |
| Memory corruption in Kernel while parsing metadata. |
| Transient DOS in Audio when invoking callback function of ASM driver. |
| Information disclosure in Audio while accessing AVCS services from ADSP payload. |
| Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command. |
| Memory corruption while processing buffer initialization, when trusted report for certain report types are generated. |
| Memory corruption when IOCTL call is invoked from user-space to read board data. |
| Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption. |
| Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter.
This vulnerability is due to an incorrect connection count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the rate filter. This could allow unintended traffic to enter the network protected by the affected device. |
| Luxion KeyShot DAE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of dae files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23704. |
| Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to cause a denial of service (DoS) via the avcodec/osq module. |
| Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser. |
| FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function. |
| Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder. |