Total
8221 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-1823 | 1 Huawei | 18 Ips Module, Ips Module Firmware, Ngfw Module and 15 more | 2025-01-13 | 3.7 Low |
| There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. | ||||
| CVE-2020-1824 | 1 Huawei | 18 Ips Module, Ips Module Firmware, Ngfw Module and 15 more | 2025-01-13 | 3.7 Low |
| There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. | ||||
| CVE-2022-44517 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-01-10 | 5.5 Medium |
| Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-44516 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-01-10 | 5.5 Medium |
| Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2022-44515 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader and 3 more | 2025-01-10 | 5.5 Medium |
| Acrobat Reader DC version 22.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | ||||
| CVE-2020-1819 | 1 Huawei | 18 Ips Module, Ips Module Firmware, Ngfw Module and 15 more | 2025-01-10 | 3.7 Low |
| There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. | ||||
| CVE-2020-1818 | 1 Huawei | 18 Ips Module, Ips Module Firmware, Ngfw Module and 15 more | 2025-01-10 | 3.7 Low |
| There are multiple out of bounds (OOB) read vulnerabilities in the implementation of the Common Open Policy Service (COPS) protocol of some Huawei products. The specific decoding function may occur out-of-bounds read when processes an incoming data packet. Successful exploit of these vulnerabilities may disrupt service on the affected device. (Vulnerability ID: HWPSIRT-2018-12275,HWPSIRT-2018-12276,HWPSIRT-2018-12277,HWPSIRT-2018-12278,HWPSIRT-2018-12279,HWPSIRT-2018-12280 and HWPSIRT-2018-12289) The seven vulnerabilities have been assigned seven Common Vulnerabilities and Exposures (CVE) IDs: CVE-2020-1818, CVE-2020-1819, CVE-2020-1820, CVE-2020-1821, CVE-2020-1822, CVE-2020-1823 and CVE-2020-1824. | ||||
| CVE-2023-43539 | 1 Qualcomm | 274 Ar8035, Ar8035 Firmware, Csr8811 and 271 more | 2025-01-10 | 7.5 High |
| Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame. | ||||
| CVE-2023-33090 | 1 Qualcomm | 104 Ar8035, Ar8035 Firmware, Fastconnect 6800 and 101 more | 2025-01-10 | 5.5 Medium |
| Transient DOS while processing channel information for speaker protection v2 module in ADSP. | ||||
| CVE-2023-33078 | 1 Qualcomm | 26 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 23 more | 2025-01-10 | 5.1 Medium |
| Information Disclosure while processing IOCTL request in FastRPC. | ||||
| CVE-2024-23366 | 1 Qualcomm | 34 Qam8255p, Qam8255p Firmware, Qam8295p and 31 more | 2025-01-10 | 6.6 Medium |
| Information Disclosure while invoking the mailbox write API when message received from user is larger than mailbox size. | ||||
| CVE-2024-33061 | 1 Qualcomm | 18 Qcs8550, Qcs8550 Firmware, Sw5100 and 15 more | 2025-01-10 | 6.8 Medium |
| Information disclosure while processing IOCTL call made for releasing a trusted VM process release or opening a channel without initializing the process. | ||||
| CVE-2024-43063 | 1 Qualcomm | 34 Qam8255p, Qam8255p Firmware, Qam8295p and 31 more | 2025-01-10 | 6.1 Medium |
| information disclosure while invoking the mailbox read API. | ||||
| CVE-2024-57822 | 2025-01-10 | 4 Medium | ||
| In Raptor RDF Syntax Library through 2.0.16, there is a heap-based buffer over-read when parsing triples with the nquads parser in raptor_ntriples_parse_term_internal(). | ||||
| CVE-2024-23363 | 1 Qualcomm | 250 Ar8035, Ar8035 Firmware, Csr8811 and 247 more | 2025-01-09 | 7.5 High |
| Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame. | ||||
| CVE-2017-17772 | 1 Qualcomm | 14 Sd 450, Sd 450 Firmware, Sd 625 and 11 more | 2025-01-09 | 8.8 High |
| In multiple functions that process 802.11 frames, out-of-bounds reads can occur due to insufficient validation. | ||||
| CVE-2023-25738 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2025-01-09 | 6.5 Medium |
| Members of the <code>DEVMODEW</code> struct set by the printer device driver weren't being validated and could have resulted in invalid values which in turn would cause the browser to attempt out of bounds access to related variables.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. | ||||
| CVE-2023-2977 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2025-01-09 | 7.1 High |
| A vulnerbility was found in OpenSC. This security flaw cause a buffer overrun vulnerability in pkcs15 cardos_have_verifyrc_package. The attacker can supply a smart card package with malformed ASN1 context. The cardos_have_verifyrc_package function scans the ASN1 buffer for 2 tags, where remaining length is wrongly caculated due to moved starting pointer. This leads to possible heap-based buffer oob read. In cases where ASAN is enabled while compiling this causes a crash. Further info leak or more damage is possible. | ||||
| CVE-2024-3933 | 1 Eclipse | 1 Openj9 | 2025-01-09 | 5.3 Medium |
| In Eclipse OpenJ9 release versions prior to 0.44.0 and after 0.13.0, when running with JVM option -Xgc:concurrentScavenge, the sequence generated for System.arrayCopy on the IBM Z platform with hardware and software support for guarded storage [1], could allow access to a buffer with an incorrect length value when executing an arraycopy sequence while the Concurrent Scavenge Garbage Collection cycle is active and the source and destination memory regions for arraycopy overlap. This allows read and write to addresses beyond the end of the array range. | ||||
| CVE-2023-25752 | 2 Mozilla, Redhat | 8 Firefox, Firefox Esr, Thunderbird and 5 more | 2025-01-09 | 6.5 Medium |
| When accessing throttled streams, the count of available bytes needed to be checked in the calling function to be within bounds. This may have lead future code to be incorrect and vulnerable. This vulnerability affects Firefox < 111, Firefox ESR < 102.9, and Thunderbird < 102.9. | ||||