Total
3900 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2022-25712 | 1 Qualcomm | 92 Aqt1000, Aqt1000 Firmware, Mdm9150 and 89 more | 2025-04-22 | N/A | 6.7 MEDIUM |
|
Memory corruption in camera due to buffer copy without checking size of input in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables
|
|||||
| CVE-2024-40674 | 1 Google | 1 Android | 2025-04-22 | N/A | 5.3 MEDIUM |
|
In validateSsid of WifiConfigurationUtil.java, there is a possible way to overflow a system configuration file due to a logic error in the code. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-57537 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | N/A | 6.3 MEDIUM |
|
Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (page) is copied to the stack without length verification.
|
|||||
| CVE-2024-57538 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | N/A | 6.5 MEDIUM |
|
Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (anonymous_protect_status) is copied to the stack without length verification.
|
|||||
| CVE-2024-57540 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | N/A | 6.5 MEDIUM |
|
Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (action) is copied to the stack without length verification.
|
|||||
| CVE-2024-57541 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | N/A | 5.5 MEDIUM |
|
Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (ipv6_protect_status) is copied to the stack without length verification.
|
|||||
| CVE-2024-57543 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | N/A | 5.5 MEDIUM |
|
Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (dhcpstart_ip) is copied to the stack without length verification.
|
|||||
| CVE-2024-57544 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | N/A | 5.5 MEDIUM |
|
Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (lan_ipaddr) is copied to the stack without length verification.
|
|||||
| CVE-2024-57545 | 1 Linksys | 2 E8450, E8450 Firmware | 2025-04-22 | N/A | 5.5 MEDIUM |
|
Linksys E8450 v1.2.00.360516 was discovered to contain a buffer overflow vulnerability. The parsed field (hidden_dhcp_num) is copied to the stack without length verification.
|
|||||
| CVE-2025-29045 | 1 Alfa | 2 Wifi Camppro, Wifi Camppro Firmware | 2025-04-21 | N/A | 9.8 CRITICAL |
|
Buffer Overflow vulnerability in ALFA_CAMPRO-co-2.29 allows a remote attacker to execute arbitrary code via the newap_text_0 key value
|
|||||
| CVE-2025-29044 | 1 Netgear | 2 R6100, R6100 Firmware | 2025-04-21 | N/A | 9.8 CRITICAL |
|
Buffer Overflow vulnerability in Netgear- R61 router V1.0.1.28 allows a remote attacker to execute arbitrary code via the QUERY_STRING key value
|
|||||
| CVE-2017-0327 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
|
An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10. Android ID: A-33893669. References: N-CVE-2017-0327.
|
|||||
| CVE-2017-12601 | 2 Debian, Opencv | 2 Debian Linux, Opencv | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
|
OpenCV (Open Source Computer Vision Library) through 3.3 has a buffer overflow in the cv::BmpDecoder::readData function in modules/imgcodecs/src/grfmt_bmp.cpp when reading an image file by using cv::imread, as demonstrated by the 4-buf-overflow-readData-memcpy test case.
|
|||||
| CVE-2017-0442 | 2 Google, Linux | 2 Android, Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
|
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32871330. References: QC-CR#1092497.
|
|||||
| CVE-2017-0782 | 1 Google | 1 Android | 2025-04-20 | 8.3 HIGH | 8.8 HIGH |
|
A remote code execution vulnerability in the Android system (bluetooth). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-63146237.
|
|||||
| CVE-2017-15222 | 1 Nftp Project | 1 Nftp | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
|
Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code.
|
|||||
| CVE-2017-0520 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
|
An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-31750232. References: QC-CR#1082636.
|
|||||
| CVE-2017-0441 | 2 Google, Linux | 2 Android, Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
|
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32872662. References: QC-CR#1095009.
|
|||||
| CVE-2017-0465 | 2 Google, Linux | 2 Android, Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
|
An elevation of privilege vulnerability in the Qualcomm ADSPRPC driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-34112914. References: QC-CR#1110747.
|
|||||
| CVE-2017-11014 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing a Measurement Request IE in a Roam Neighbor Action Report, a buffer overflow can occur.
|
|||||
| CVE-2017-0437 | 2 Google, Linux | 2 Android, Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
|
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32402310. References: QC-CR#1092497.
|
|||||
| CVE-2017-8278 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
In all Qualcomm products with Android releases from CAF using the Linux kernel, while reading audio data from an unspecified driver, a buffer overflow or integer overflow could occur.
|
|||||
| CVE-2017-0614 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
|
An elevation of privilege vulnerability in the Qualcomm Secure Execution Environment Communicator driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-35399405. References: QC-CR#1080290.
|
|||||
| CVE-2017-0438 | 2 Google, Linux | 2 Android, Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
|
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32402604. References: QC-CR#1092497.
|
|||||
| CVE-2017-2831 | 1 Foscam | 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware | 2025-04-20 | 5.0 MEDIUM | 7.5 HIGH |
|
An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37. A specially crafted HTTP request can cause a buffer overflow resulting in overwriting arbitrary data. An attacker can simply send an HTTP request to the device to trigger this vulnerability.
|
|||||
| CVE-2017-2851 | 1 Foscam | 2 C1 Indoor Hd Camera, C1 Indoor Hd Camera Firmware | 2025-04-20 | 6.0 MEDIUM | 7.2 HIGH |
|
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2.37, a specially crafted HTTP request can cause a buffer overflow.
|
|||||
| CVE-2017-0296 | 1 Microsoft | 6 Windows 10, Windows 7, Windows 8.1 and 3 more | 2025-04-20 | 7.2 HIGH | 7.8 HIGH |
|
Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to elevate privilege when tdx.sys fails to check the length of a buffer prior to copying memory to it, aka "Windows TDX Elevation of Privilege Vulnerability".
|
|||||
| CVE-2017-0594 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
An elevation of privilege vulnerability in codecs/aacenc/SoftAACEncoder2.cpp in libstagefright in Mediaserver could enable a local malicious application to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-34617444.
|
|||||
| CVE-2017-0306 | 1 Linux | 1 Linux Kernel | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the operating system to repair the device. Product: Android. Versions: Kernel-3.10. Android ID: A-34132950. References: N-CVE-2017-0306.
|
|||||
| CVE-2015-7853 | 2 Netapp, Ntp | 6 Clustered Data Ontap, Data Ontap, Oncommand Balance and 3 more | 2025-04-20 | 7.5 HIGH | 9.8 CRITICAL |
|
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.
|
|||||
| CVE-2016-10066 | 1 Imagemagick | 1 Imagemagick | 2025-04-20 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Buffer overflow in the ReadVIFFImage function in coders/viff.c in ImageMagick before 6.9.4-5 allows remote attackers to cause a denial of service (application crash) via a crafted file.
|
|||||
| CVE-2017-0767 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
A elevation of privilege vulnerability in the Android media framework (libeffects). Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID: A-37536407.
|
|||||
| CVE-2016-8714 | 2 Debian, R Project | 2 Debian Linux, R | 2025-04-20 | 6.8 MEDIUM | 8.8 HIGH |
|
An exploitable buffer overflow vulnerability exists in the LoadEncoding functionality of the R programming language version 3.3.0. A specially crafted R script can cause a buffer overflow resulting in a memory corruption. An attacker can send a malicious R script to trigger this vulnerability.
|
|||||
| CVE-2017-0481 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
An elevation of privilege vulnerability in NFC could enable a proximate attacker to execute arbitrary code within the context of a privileged process. This issue is rated as High because it could be used to gain local access to elevated capabilities, which are not normally accessible to a third-party application. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1. Android ID: A-33434992.
|
|||||
| CVE-2017-12137 | 3 Citrix, Debian, Xen | 3 Xenserver, Debian Linux, Xen | 2025-04-20 | 7.2 HIGH | 8.8 HIGH |
|
arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.
|
|||||
| CVE-2017-11015 | 1 Google | 1 Android | 2025-04-20 | 9.3 HIGH | 7.8 HIGH |
|
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently, the value of SIR_MAC_AUTH_CHALLENGE_LENGTH is set to 128 which may result in buffer overflow since the frame parser allows challenge text of length up to 253 bytes, but the driver can not handle challenge text larger than 128 bytes.
|
|||||
| CVE-2017-8259 | 1 Google | 1 Android | 2025-04-20 | 6.8 MEDIUM | 7.8 HIGH |
|
In the service locator in all Qualcomm products with Android releases from CAF using the Linux kernel, a buffer overflow can occur as the variable set for determining the size of the buffer is not used to indicate the size of the buffer.
|
|||||
| CVE-2017-0176 | 1 Microsoft | 2 Windows Server 2003, Windows Xp | 2025-04-20 | 9.3 HIGH | 8.1 HIGH |
|
A buffer overflow in Smart Card authentication code in gpkcsp.dll in Microsoft Windows XP through SP3 and Server 2003 through SP2 allows a remote attacker to execute arbitrary code on the target computer, provided that the computer is joined in a Windows domain and has Remote Desktop Protocol connectivity (or Terminal Services) enabled.
|
|||||
| CVE-2017-6421 | 1 Google | 1 Android | 2025-04-20 | 5.8 MEDIUM | 8.8 HIGH |
|
In the touch controller function in all Qualcomm products with Android for MSM, Firefox OS for MSM, or QRD Android, a variable may be controlled by the user and can lead to a buffer overflow.
|
|||||
| CVE-2017-0439 | 2 Google, Linux | 2 Android, Linux Kernel | 2025-04-20 | 7.6 HIGH | 7.0 HIGH |
|
An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kernel-3.18. Android ID: A-32450647. References: QC-CR#1092059.
|
|||||