Total
501 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-29231 | 1 Synology | 2 Diskstation Manager, Surveillance Station | 2025-03-25 | 5.4 Medium |
| Improper validation of array index vulnerability in UserPrivilege.Enum webapi component in Synology Surveillance Station before 9.2.0-9289 and 9.2.0-11289 allows remote authenticated users to bypass security constraints via unspecified vectors. | ||||
| CVE-2024-41565 | 1 Mezz | 1 Justenoughitems | 2025-03-19 | 4.3 Medium |
| JustEnoughItems (JEI) 19.5.0.33 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index in JEI for Minecraft, which allows in-game item duplication. | ||||
| CVE-2024-42698 | 1 Shedaniel | 1 Roughlyenoughitems | 2025-03-18 | 4.3 Medium |
| Roughly Enough Items (REI) v.16.0.729 and before contains an Improper Validation of Specified Index, Position, or Offset in Input vulnerability. The specific issue is a failure to validate slot index and decrement stack count in the Roughly Enough Items (REI) mod for Minecraft, which allows in-game item duplication. | ||||
| CVE-2025-30077 | 2025-03-17 | 6.2 Medium | ||
| Open Networking Foundation SD-RAN ONOS onos-lib-go 0.10.28 allows an index out-of-range panic in asn1/aper GetBitString via a zero value of numBits. | ||||
| CVE-2024-12975 | 2025-03-07 | N/A | ||
| A buffer overread can occur in the CPC application when operating in full duplex SPI upon receiving an invalid packet over the SPI interface. | ||||
| CVE-2023-20633 | 2 Google, Mediatek | 25 Android, Mt6580, Mt6735 and 22 more | 2025-03-06 | 6.7 Medium |
| In usb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628508; Issue ID: ALPS07628508. | ||||
| CVE-2024-53014 | 1 Qualcomm | 502 215, 215 Firmware, 315 5g Iot Modem and 499 more | 2025-03-06 | 7.8 High |
| Memory corruption may occur while validating ports and channels in Audio driver. | ||||
| CVE-2022-33256 | 1 Qualcomm | 130 Ar8035, Ar8035 Firmware, Qca6390 and 127 more | 2025-03-05 | 9.8 Critical |
| Memory corruption due to improper validation of array index in Multi-mode call processor. | ||||
| CVE-2024-49836 | 2025-03-05 | 7.8 High | ||
| Memory corruption may occur during the synchronization of the camera`s frame processing pipeline. | ||||
| CVE-2024-49837 | 1 Qualcomm | 52 Qam8255p, Qam8255p Firmware, Qam8295p and 49 more | 2025-02-28 | 7.8 High |
| Memory corruption while reading CPU state data during guest VM suspend. | ||||
| CVE-2024-45569 | 1 Qualcomm | 348 Ar8035, Ar8035 Firmware, Csr8811 and 345 more | 2025-02-28 | 9.8 Critical |
| Memory corruption while parsing the ML IE due to invalid frame content. | ||||
| CVE-2022-33275 | 1 Qualcomm | 518 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq5053-aa and 515 more | 2025-02-27 | 8.4 High |
| Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range. | ||||
| CVE-2022-40534 | 1 Qualcomm | 26 Snapdragon W5\+ Gen 1 Wearable Platform, Snapdragon W5\+ Gen 1 Wearable Platform Firmware, Sw5100 and 23 more | 2025-02-27 | 8.4 High |
| Memory corruption due to improper validation of array index in Audio. | ||||
| CVE-2023-28548 | 1 Qualcomm | 366 Aqt1000, Aqt1000 Firmware, Ar8035 and 363 more | 2025-02-27 | 7.8 High |
| Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART. | ||||
| CVE-2023-28565 | 1 Qualcomm | 588 9205 Lte, 9205 Lte Firmware, Apq8017 and 585 more | 2025-02-27 | 7.8 High |
| Memory corruption in WLAN HAL while handling command streams through WMI interfaces. | ||||
| CVE-2023-28567 | 1 Qualcomm | 582 315 5g Iot, 315 5g Iot Firmware, Aqt1000 and 579 more | 2025-02-27 | 7.8 High |
| Memory corruption in WLAN HAL while handling command through WMI interfaces. | ||||
| CVE-2023-24850 | 1 Qualcomm | 412 Apq5053-aa, Apq5053-aa Firmware, Apq8017 and 409 more | 2025-02-27 | 7.8 High |
| Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application. | ||||
| CVE-2024-2214 | 1 Eclipse | 1 Threadx | 2025-02-13 | 7 High |
| In Eclipse ThreadX before version 6.4.0, the _Mtxinit() function in the Xtensa port was missing an array size check causing a memory overwrite. The affected file was ports/xtensa/xcc/src/tx_clib_lock.c | ||||
| CVE-2023-46724 | 2 Redhat, Squid-cache | 6 Enterprise Linux, Rhel Aus, Rhel E4s and 3 more | 2025-02-13 | 8.6 High |
| Squid is a caching proxy for the Web. Due to an Improper Validation of Specified Index bug, Squid versions 3.3.0.1 through 5.9 and 6.0 prior to 6.4 compiled using `--with-openssl` are vulnerable to a Denial of Service attack against SSL Certificate validation. This problem allows a remote server to perform Denial of Service against Squid Proxy by initiating a TLS Handshake with a specially crafted SSL Certificate in a server certificate chain. This attack is limited to HTTPS and SSL-Bump. This bug is fixed in Squid version 6.4. In addition, patches addressing this problem for the stable releases can be found in Squid's patch archives. Those who you use a prepackaged version of Squid should refer to the package vendor for availability information on updated packages. | ||||
| CVE-2024-22181 | 1 Libigl | 1 Libigl | 2025-02-13 | 7.8 High |
| An out-of-bounds write vulnerability exists in the readNODE functionality of libigl v2.5.0. A specially crafted .node file can lead to an out-of-bounds write. An attacker can provide a malicious file to trigger this vulnerability. | ||||