Total
13459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-47035 | 1 Google | 1 Android | 2024-10-31 | N/A | 7.8 HIGH |
|
In vring_init of external/headers/include/virtio/virtio_ring.h, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-34668 | 1 Samsung | 1 Android | 2024-10-30 | N/A | 8.8 HIGH |
|
Out-of-bounds write in parsing h.263 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.
|
|||||
| CVE-2024-34667 | 1 Samsung | 1 Android | 2024-10-30 | N/A | 8.8 HIGH |
|
Out-of-bounds write in parsing h.265 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.
|
|||||
| CVE-2024-34666 | 1 Samsung | 1 Android | 2024-10-30 | N/A | 8.8 HIGH |
|
Out-of-bounds write in parsing h.264 format in a specific mode in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.
|
|||||
| CVE-2024-34665 | 1 Samsung | 1 Android | 2024-10-30 | N/A | 8.8 HIGH |
|
Out-of-bounds write in parsing h.264 format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.
|
|||||
| CVE-2024-34669 | 1 Samsung | 1 Android | 2024-10-30 | N/A | 8.8 HIGH |
|
Out-of-bounds write in parsing h.263+ format in librtppayload.so prior to SMR Oct-2024 Release 1 allows remote attackers to execute arbitrary code with system privilege. User interaction is required for triggering this vulnerability.
|
|||||
| CVE-2024-40810 | 1 Apple | 1 Macos | 2024-10-29 | N/A | 5.5 MEDIUM |
|
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Sonoma 14.6. An app may be able to cause a coprocessor crash.
|
|||||
| CVE-2023-20513 | 2024-10-29 | N/A | 3.3 LOW | ||
|
An insufficient bounds check in PMFW (Power Management Firmware) may allow an attacker to utilize a malicious VF (virtualization function) to send a malformed message, potentially resulting in a denial of service.
|
|||||
| CVE-2024-47024 | 1 Google | 1 Android | 2024-10-28 | N/A | 7.8 HIGH |
|
In vring_size of external/headers/include/virtio/virtio_ring.h, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2024-47012 | 1 Google | 1 Android | 2024-10-28 | N/A | 7.8 HIGH |
|
In mm_GetMobileIdIndexForNsUpdate of mm_GmmPduCodec.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
|
|||||
| CVE-2022-48951 | 1 Linux | 1 Linux Kernel | 2024-10-25 | N/A | 7.8 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx()
The bounds checks in snd_soc_put_volsw_sx() are only being applied to the
first channel, meaning it is possible to write out of bounds values to the
second channel in stereo controls. Add appropriate checks.
|
|||||
| CVE-2022-48980 | 1 Linux | 1 Linux Kernel | 2024-10-25 | N/A | 7.8 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing()
The SJA1105 family has 45 L2 policing table entries
(SJA1105_MAX_L2_POLICING_COUNT) and SJA1110 has 110
(SJA1110_MAX_L2_POLICING_COUNT). Keeping the table structure but
accounting for the difference in port count (5 in SJA1105 vs 10 in
SJA1110) does not fully explain the difference. Rather, the SJA1110 also
has L2 ingress policers for multicast traffic ...
Show More |
|||||
| CVE-2024-7973 | 1 Google | 1 Chrome | 2024-10-24 | N/A | 8.8 HIGH |
|
Heap buffer overflow in PDFium in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. (Chromium security severity: Medium)
|
|||||
| CVE-2024-7535 | 1 Google | 1 Chrome | 2024-10-24 | N/A | 8.8 HIGH |
|
Inappropriate implementation in V8 in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2024-42986 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2024-10-24 | N/A | 7.5 HIGH |
|
Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the PPPOEPassword parameter in the fromAdvSetWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
|
|||||
| CVE-2024-42977 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2024-10-24 | N/A | 7.5 HIGH |
|
Tenda FH1206 v02.03.01.35 was discovered to contain a stack overflow via the qos parameter in the fromqossetting function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
|
|||||
| CVE-2023-29929 | 2024-10-24 | N/A | 7.5 HIGH | ||
|
Buffer Overflow vulnerability found in Kemptechnologies Loadmaster before v.7.2.60.0 allows a remote attacker to casue a denial of service via the libkemplink.so, isreverse library.
|
|||||
| CVE-2024-47719 | 1 Linux | 1 Linux Kernel | 2024-10-24 | N/A | 7.8 HIGH |
|
In the Linux kernel, the following vulnerability has been resolved:
iommufd: Protect against overflow of ALIGN() during iova allocation
Userspace can supply an iova and uptr such that the target iova alignment
becomes really big and ALIGN() overflows which corrupts the selected area
range during allocation. CONFIG_IOMMUFD_TEST can detect this:
WARNING: CPU: 1 PID: 5092 at drivers/iommu/iommufd/io_pagetable.c:268 iopt_alloc_area_pages drivers/iommu/iommufd/io_pagetable.c:268 [inline]
WAR ...
Show More |
|||||
| CVE-2024-47714 | 1 Linux | 1 Linux Kernel | 2024-10-24 | N/A | 5.5 MEDIUM |
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: mt76: mt7996: use hweight16 to get correct tx antenna
The chainmask is u16 so using hweight8 cannot get correct tx_ant.
Without this patch, the tx_ant of band 2 would be -1 and lead to the
following issue:
BUG: KASAN: stack-out-of-bounds in mt7996_mcu_add_sta+0x12e0/0x16e0 [mt7996e]
|
|||||
| CVE-2024-10194 | 1 Wavlink | 6 Wn530h4, Wn530h4 Firmware, Wn530hg4 and 3 more | 2024-10-23 | 8.3 HIGH | 8.8 HIGH |
|
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been classified as critical. Affected is the function Goto_chidx of the file login.cgi of the component Front-End Authentication Page. The manipulation of the argument wlanUrl leads to stack-based buffer overflow. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond i ...
Show More |
|||||
| CVE-2024-41902 | 1 Siemens | 1 Jt2go | 2024-10-23 | N/A | 7.8 HIGH |
|
A vulnerability has been identified in JT2Go (All versions < V2406.0003). The affected application contains a stack-based buffer overflow vulnerability that could be triggered while parsing specially crafted PDF files. This could allow an attacker to execute code in the context of the current process.
|
|||||
| CVE-2024-7994 | 1 Autodesk | 1 Revit | 2024-10-21 | N/A | 7.8 HIGH |
|
A maliciously crafted RFA file, when parsed through Autodesk Revit, can force a Stack-Based Buffer Overflow. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.
|
|||||
| CVE-2024-45144 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-10-18 | N/A | 7.8 HIGH |
|
Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-45143 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-10-18 | N/A | 7.8 HIGH |
|
Substance3D - Stager versions 3.0.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-45141 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-10-18 | N/A | 7.8 HIGH |
|
Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-45140 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-10-18 | N/A | 7.8 HIGH |
|
Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-45139 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-10-18 | N/A | 7.8 HIGH |
|
Substance3D - Stager versions 3.0.3 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-45152 | 3 Adobe, Apple, Microsoft | 3 Substance 3d Stager, Macos, Windows | 2024-10-18 | N/A | 7.8 HIGH |
|
Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-45150 | 3 Adobe, Apple, Microsoft | 3 Dimension, Macos, Windows | 2024-10-18 | N/A | 7.8 HIGH |
|
Dimension versions 4.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
|
|||||
| CVE-2024-39439 | 2 Google, Unisoc | 10 Android, S8000, T606 and 7 more | 2024-10-17 | N/A | 4.4 MEDIUM |
|
In DRM service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.
|
|||||
| CVE-2024-47962 | 1 Deltaww | 1 Cncsoft-g2 | 2024-10-17 | N/A | 7.8 HIGH |
|
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can manipulate an insider to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process.
|
|||||
| CVE-2024-47963 | 1 Deltaww | 1 Cncsoft-g2 | 2024-10-17 | N/A | 7.8 HIGH |
|
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process.
|
|||||
| CVE-2024-47964 | 1 Deltaww | 1 Cncsoft-g2 | 2024-10-17 | N/A | 7.8 HIGH |
|
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can manipulate users to visit a malicious page or file to leverage this vulnerability to execute code in the context of the current process.
|
|||||
| CVE-2024-23374 | 1 Qualcomm | 52 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 49 more | 2024-10-16 | N/A | 6.7 MEDIUM |
|
Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file.
|
|||||
| CVE-2024-8231 | 1 Tenda | 2 O6, O6 Firmware | 2024-10-16 | 9.0 HIGH | 8.8 HIGH |
|
A vulnerability classified as critical has been found in Tenda O6 1.0.0.7(2054). Affected is the function fromVirtualSet of the file /goform/setPortForward. The manipulation of the argument ip/localPort/publicPort/app leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
|
|||||
| CVE-2024-45382 | 1 Openatom | 1 Openharmony | 2024-10-16 | N/A | 5.5 MEDIUM |
|
in OpenHarmony v4.1.0 and prior versions allow a local attacker cause DOS through out-of-bounds write.
|
|||||
| CVE-2024-47134 | 1 Electronics.jtekt | 1 Kostac Plc Programming Software | 2024-10-16 | N/A | 7.8 HIGH |
|
Out-of-bounds write vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files.
|
|||||
| CVE-2024-47135 | 1 Jtekt | 1 Kostac Plc | 2024-10-15 | N/A | 7.8 HIGH |
|
Stack-based buffer overflow vulnerability exists in Kostac PLC Programming Software (Former name: Koyo PLC Programming Software) Version 1.6.14.0 and earlier. Having a user open a specially crafted project file which was saved using Kostac PLC Programming Software Version 1.6.9.0 and earlier may cause a denial-of-service (DoS) condition, arbitrary code execution, and/or information disclosure because the issues exist in parsing of KPP project files.
|
|||||
| CVE-2024-8198 | 1 Google | 1 Chrome | 2024-10-15 | N/A | 8.8 HIGH |
|
Heap buffer overflow in Skia in Google Chrome prior to 128.0.6613.113 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||
| CVE-2024-7534 | 1 Google | 1 Chrome | 2024-10-15 | N/A | 8.8 HIGH |
|
Heap buffer overflow in Layout in Google Chrome prior to 127.0.6533.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
|
|||||