Total
365 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-45561 | 1 Qualcomm | 64 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 61 more | 2025-02-12 | 7.8 High |
| Memory corruption while handling IOCTL call from user-space to set latency level. | ||||
| CVE-2023-39540 | 1 Weston-embedded | 1 Uc-tcp-ip | 2025-02-12 | 5.9 Medium |
| A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv4 ICMP packet. | ||||
| CVE-2023-39541 | 1 Weston-embedded | 1 Uc-tcp-ip | 2025-02-12 | 5.9 Medium |
| A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv6 ICMPv6 packet. | ||||
| CVE-2022-25747 | 1 Qualcomm | 24 Mdm8207, Mdm8207 Firmware, Mdm9205 and 21 more | 2025-02-11 | 8.2 High |
| Information disclosure in modem due to improper input validation during parsing of upcoming CoAP message | ||||
| CVE-2023-24513 | 5 Amazon, Arista, Equinix and 2 more | 6 Aws Marketplace, Cloudeos, Dca-200-veos and 3 more | 2025-02-07 | 6.5 Medium |
| On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic. | ||||
| CVE-2024-49838 | 1 Qualcomm | 338 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 335 more | 2025-02-05 | 8.2 High |
| Information disclosure while parsing the OCI IE with invalid length. | ||||
| CVE-2024-38404 | 1 Qualcomm | 80 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 77 more | 2025-02-05 | 7.5 High |
| Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem. | ||||
| CVE-2024-38414 | 1 Qualcomm | 58 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 55 more | 2025-02-05 | 6.1 Medium |
| Information disclosure while processing information on firmware image during core initialization. | ||||
| CVE-2024-38416 | 1 Qualcomm | 144 Ar8035, Ar8035 Firmware, C-v2x 9150 and 141 more | 2025-02-05 | 6.1 Medium |
| Information disclosure during audio playback. | ||||
| CVE-2024-38417 | 1 Qualcomm | 112 Ar8035, Ar8035 Firmware, C-v2x 9150 and 109 more | 2025-02-05 | 6.1 Medium |
| Information disclosure while processing IO control commands. | ||||
| CVE-2024-3077 | 1 Zephyrproject | 1 Zephyr | 2025-01-23 | 6.8 Medium |
| An malicious BLE device can crash BLE victim device by sending malformed gatt packet | ||||
| CVE-2023-28266 | 1 Microsoft | 13 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 10 more | 2025-01-23 | 5.5 Medium |
| Windows Common Log File System Driver Information Disclosure Vulnerability | ||||
| CVE-2024-7347 | 2 F5, Redhat | 4 Nginx Open Source, Nginx Plus, Enterprise Linux and 1 more | 2025-01-22 | 4.7 Medium |
| NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngx_http_mp4_module and the mp4 directive is used in the configuration file. Additionally, the attack is possible only if an attacker can trigger the processing of a specially crafted mp4 file with the ngx_http_mp4_module. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. | ||||
| CVE-2024-9843 | 2 Apple, Ivanti | 2 Macos, Secure Access Client | 2025-01-17 | 5 Medium |
| A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated attacker to cause a denial of service. | ||||
| CVE-2024-21477 | 1 Qualcomm | 368 Aqt1000, Aqt1000 Firmware, Ar8035 and 365 more | 2025-01-15 | 7.5 High |
| Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame. | ||||
| CVE-2023-2854 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2025-01-15 | 5.3 Medium |
| BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file | ||||
| CVE-2024-45548 | 1 Qualcomm | 20 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 17 more | 2025-01-13 | 7.8 High |
| Memory corruption while processing FIPS encryption or decryption validation functionality IOCTL call. | ||||
| CVE-2024-45546 | 1 Qualcomm | 20 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 17 more | 2025-01-13 | 7.8 High |
| Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space. | ||||
| CVE-2023-43539 | 1 Qualcomm | 274 Ar8035, Ar8035 Firmware, Csr8811 and 271 more | 2025-01-10 | 7.5 High |
| Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame. | ||||
| CVE-2023-33090 | 1 Qualcomm | 104 Ar8035, Ar8035 Firmware, Fastconnect 6800 and 101 more | 2025-01-10 | 5.5 Medium |
| Transient DOS while processing channel information for speaker protection v2 module in ADSP. | ||||