Total
8221 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-37240 | 1 Huawei | 2 Emui, Harmonyos | 2024-11-21 | 9.1 Critical |
| Vulnerability of missing input length verification in the distributed file system. Successful exploitation of this vulnerability may cause out-of-bounds read. | ||||
| CVE-2023-36838 | 1 Juniper | 31 Csrx, Junos, Srx100 and 28 more | 2024-11-21 | 5.5 Medium |
| An Out-of-bounds Read vulnerability in the flow processing daemon (flowd) of Juniper Networks Junos OS on SRX Series allows a local, authenticated attacker with low privileges, to cause a Denial of Service (DoS). If a low privileged user executes a specific CLI command, flowd which is responsible for traffic forwarding in SRX crashes and generates a core dump. This will cause temporary traffic interruption until the flowd process is restarted automatically. Continued execution of this command will lead to a sustained DoS. This issue affects Juniper Networks Junos OS on SRX Series: All versions prior to 20.2R3-S7; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3-S6; 21.1 versions prior to 21.1R3-S5; 21.2 versions prior to 21.2R3-S4; 21.3 versions prior to 21.3R3-S4; 21.4 versions prior to 21.4R3-S3; 22.1 versions prior to 22.1R3-S1; 22.2 versions prior to 22.2R3; 22.3 versions prior to 22.3R2; 22.4 versions prior to 22.4R1-S1, 22.4R2. | ||||
| CVE-2023-36201 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 7.5 High |
| An issue in JerryscriptProject jerryscript v.3.0.0 allows an attacker to obtain sensitive information via a crafted script to the arrays. | ||||
| CVE-2023-35694 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| In DMPixelLogger_ProcessDmCommand of DMPixelLogger.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-35691 | 1 Google | 1 Android | 2024-11-21 | 7.2 High |
| there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-35679 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In MtpPropertyValue of MtpProperty.h, there is a possible out of bounds read due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation. | ||||
| CVE-2023-35664 | 1 Google | 1 Android | 2024-11-21 | 5.5 Medium |
| In convertSubgraphFromHAL of ShimConverter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-35663 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| In Init of protocolnetadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-35661 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| In ProfSixDecomTcpSACKoption of RohcPacketCommon.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-35656 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| In multiple functions of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-35655 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In CanConvertPadV2Op of darwinn_mlir_converter_aidl.cc, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-35654 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In ctrl_roi of stmvl53l1_module.c, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-35652 | 1 Google | 1 Android | 2024-11-21 | 7.5 High |
| In ProtocolEmergencyCallListIndAdapter::Init of protocolcalladapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation. | ||||
| CVE-2023-35648 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| In ProtocolMiscLceIndAdapter::GetConfLevel() of protocolmiscadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation. | ||||
| CVE-2023-35647 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| In ProtocolEmbmsGlobalCellIdAdapter::Init() of protocolembmsadapter.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with baseband firmware compromise required. User interaction is not needed for exploitation. | ||||
| CVE-2023-34359 | 1 Asus | 2 Rt-ax88u, Rt-ax88u Firmware | 2024-11-21 | 7.5 High |
| ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to the device which causes the httpd binary to crash within the "do_json_decode()" function of ej.c, resulting in a DoS condition. | ||||
| CVE-2023-34358 | 1 Asus | 2 Rt-ax88u, Rt-ax88u Firmware | 2024-11-21 | 7.5 High |
| ASUS RT-AX88U's httpd is subject to an unauthenticated DoS condition. A remote attacker can send a specially crafted request to a device which contains a specific user agent, causing the httpd binary to crash during a string comparison performed within web.c, resulting in a DoS condition. | ||||
| CVE-2023-34044 | 2 Apple, Vmware | 3 Mac Os X, Fusion, Workstation | 2024-11-21 | 7.1 High |
| VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine. | ||||
| CVE-2023-33383 | 1 Shelly | 2 Pro 4pm, Pro 4pm Firmware | 2024-11-21 | 5.3 Medium |
| Shelly 4PM Pro four-channel smart switch 0.11.0 allows an attacker to trigger a BLE out of bounds read fault condition that results in a device reload. | ||||
| CVE-2023-33097 | 1 Qualcomm | 244 Ar8035, Ar8035 Firmware, Csr8811 and 241 more | 2024-11-21 | 7.5 High |
| Transient DOS in WLAN Firmware while processing a FTMR frame. | ||||