Total
82 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-52937 | 2025-01-13 | 6.7 Medium | ||
| Kernel software installed and running inside a Guest VM may exploit memory shared with the GPU Firmware to write data outside the Guest's virtualised GPU memory. | ||||
| CVE-2024-52938 | 2025-01-13 | 7.8 High | ||
| Kernel software installed and running inside a Guest VM may post improper commands to the GPU Firmware to subvert reconstruction activities to trigger a write of data outside the Guest's virtualised GPU memory. | ||||
| CVE-2023-33066 | 1 Qualcomm | 626 205 Mobile, 205 Mobile Firmware, 215 Mobile and 623 more | 2025-01-10 | 8.4 High |
| Memory corruption in Audio while processing RT proxy port register driver. | ||||
| CVE-2024-33041 | 1 Qualcomm | 70 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 67 more | 2025-01-10 | 6.7 Medium |
| Memory corruption when input parameter validation for number of fences is missing for fence frame IOCTL calls, | ||||
| CVE-2017-11076 | 1 Qualcomm | 54 Msm8909w, Msm8909w Firmware, Msm8996au and 51 more | 2025-01-09 | 8.8 High |
| On some hardware revisions where VP9 decoding is hardware-accelerated, the frame size is not programmed correctly into the decoder hardware which can lead to an invalid memory access by the decoder. | ||||
| CVE-2023-43553 | 1 Qualcomm | 262 Ar8035, Ar8035 Firmware, Csr8811 and 259 more | 2025-01-09 | 9.8 Critical |
| Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE. | ||||
| CVE-2024-33036 | 1 Qualcomm | 106 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 103 more | 2024-12-11 | 6.7 Medium |
| Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access. | ||||
| CVE-2023-6560 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 5.5 Medium |
| An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system. | ||||
| CVE-2023-43534 | 1 Qualcomm | 132 Ar8035, Ar8035 Firmware, Fastconnect 6900 and 129 more | 2024-11-21 | 8.6 High |
| Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point. | ||||
| CVE-2023-43513 | 1 Qualcomm | 534 315 5g Iot Modem, 315 5g Iot Modem Firmware, Apq8017 and 531 more | 2024-11-21 | 7.8 High |
| Memory corruption while processing the event ring, the context read pointer is untrusted to HLOS and when it is passed with arbitrary values, may point to address in the middle of ring element. | ||||
| CVE-2023-33079 | 1 Qualcomm | 288 Apq5053-aa, Apq5053-aa Firmware, Ar8035 and 285 more | 2024-11-21 | 7.8 High |
| Memory corruption in Audio while running invalid audio recording from ADSP. | ||||
| CVE-2023-33067 | 1 Qualcomm | 226 9206 Lte Modem, 9206 Lte Modem Firmware, Aqt1000 and 223 more | 2024-11-21 | 6.7 Medium |
| Memory corruption in Audio while calling START command on host voice PCM multiple times for the same RX or TX tap points. | ||||
| CVE-2023-2426 | 1 Vim | 1 Vim | 2024-11-21 | 5.5 Medium |
| Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499. | ||||
| CVE-2023-28575 | 1 Qualcomm | 120 205, 205 Firmware, 215 and 117 more | 2024-11-21 | 6.7 Medium |
| The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to it. | ||||
| CVE-2023-22387 | 1 Qualcomm | 542 205, 205 Firmware, 215 and 539 more | 2024-11-21 | 7.8 High |
| Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory Corruption. | ||||
| CVE-2023-20187 | 1 Cisco | 8 Asr1000-esp100, Asr1000-esp200, Asr1000-esp40 and 5 more | 2024-11-21 | 8.6 High |
| A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect handling of certain IPv6 multicast packets when they are fanned out more than seven times on an affected device. An attacker could exploit this vulnerability by sending a specific IPv6 multicast or IPv6 multicast VPN (MVPNv6) packet through the affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition. | ||||
| CVE-2022-33246 | 1 Qualcomm | 84 Apq8096au, Apq8096au Firmware, Aqt1000 and 81 more | 2024-11-21 | 6.7 Medium |
| Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session id. | ||||
| CVE-2022-32142 | 1 Codesys | 2 Plcwinnt, Runtime Toolkit | 2024-11-21 | 8.1 High |
| Multiple CODESYS Products are prone to a out-of bounds read or write access. A low privileged remote attacker may craft a request with invalid offset, which can cause an out-of-bounds read or write access, resulting in denial-of-service condition or local memory overwrite, which can lead to a change of local files. User interaction is not required. | ||||
| CVE-2022-1420 | 4 Apple, Fedoraproject, Redhat and 1 more | 4 Macos, Fedora, Enterprise Linux and 1 more | 2024-11-21 | 5.5 Medium |
| Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. | ||||
| CVE-2022-0729 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-11-21 | 8.8 High |
| Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. | ||||