Total
3257 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-32828 | 2 Google, Mediatek | 17 Android, Iot Yocto, Mt6771 and 14 more | 2024-11-21 | 6.7 Medium |
| In vpu, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07767817; Issue ID: ALPS07767817. | ||||
| CVE-2023-32823 | 2 Google, Mediatek | 31 Android, Mt6580, Mt6739 and 28 more | 2024-11-21 | 6.7 Medium |
| In rpmb , there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07912966; Issue ID: ALPS07912966. | ||||
| CVE-2023-2914 | 1 Rockwellautomation | 1 Thinmanager Thinserver | 2024-11-21 | 7.5 High |
| The Rockwell Automation Thinmanager Thinserver is impacted by an improper input validation vulnerability, an integer overflow condition exists in the affected products. When the ThinManager processes incoming messages, a read access violation occurs and terminates the process. A malicious user could exploit this vulnerability by sending a crafted synchronization protocol message and causing a denial of service condition in the software. | ||||
| CVE-2023-28537 | 1 Qualcomm | 366 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8098 and 363 more | 2024-11-21 | 8.4 High |
| Memory corruption while allocating memory in COmxApeDec module in Audio. | ||||
| CVE-2023-25516 | 1 Nvidia | 1 Gpu Display Driver | 2024-11-21 | 7.1 High |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause an integer overflow, which may lead to information disclosure and denial of service. | ||||
| CVE-2023-24609 | 2 Matrixssl, Rambus | 2 Matrixssl, Tls Toolkit | 2024-11-21 | 7.5 High |
| Matrix SSL 4.x through 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow for Client Hello Pre-Shared Key extension parsing in the TLS 1.3 server. An attacked device calculates an SHA-2 hash over at least 65 KB (in RAM). With a large number of crafted TLS messages, the CPU becomes heavily loaded. This occurs in tls13VerifyBinder and tls13TranscriptHashUpdate. | ||||
| CVE-2023-22666 | 1 Qualcomm | 344 Apq8009, Apq8009 Firmware, Apq8017 and 341 more | 2024-11-21 | 8.4 High |
| Memory Corruption in Audio while playing amrwbplus clips with modified content. | ||||
| CVE-2023-22305 | 3 Intel, Linux, Microsoft | 3 Aptio V Uefi Firmware Integrator Tools, Linux Kernel, Windows | 2024-11-21 | 6.5 Medium |
| Integer overflow in some Intel(R) Aptio* V UEFI Firmware Integrator Tools may allow an authenticated user to potentially enable denial of service via local access. | ||||
| CVE-2023-21655 | 1 Qualcomm | 62 Qca6391, Qca6391 Firmware, Qca6574au and 59 more | 2024-11-21 | 6.7 Medium |
| Memory corruption in Audio while validating and mapping metadata. | ||||
| CVE-2023-21644 | 1 Qualcomm | 102 Aqt1000, Aqt1000 Firmware, Qca6390 and 99 more | 2024-11-21 | 6.7 Medium |
| Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request. | ||||
| CVE-2023-21630 | 1 Qualcomm | 84 Qca6391, Qca6391 Firmware, Qca6574 and 81 more | 2024-11-21 | 8.4 High |
| Memory Corruption in Multimedia Framework due to integer overflow when synx bind is called along with synx signal. | ||||
| CVE-2023-21375 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In Sysproxy, there is a possible out of bounds write due to an integer underflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-21371 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In Secure Element, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-21370 | 1 Google | 1 Android | 2024-11-21 | 6.7 Medium |
| In the Security Element API, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-21241 | 1 Google | 1 Android | 2024-11-21 | 7.8 High |
| In rw_i93_send_to_upper of rw_i93.cc, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2022-41409 | 1 Pcre | 1 Pcre2 | 2024-11-21 | 7.5 High |
| Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input. | ||||
| CVE-2022-40532 | 1 Qualcomm | 706 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8905 and 703 more | 2024-11-21 | 8.4 High |
| Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target. | ||||
| CVE-2022-40530 | 1 Qualcomm | 378 Aqt1000, Aqt1000 Firmware, Ar8031 and 375 more | 2024-11-21 | 8.4 High |
| Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase. | ||||
| CVE-2022-39842 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | 6.1 Medium |
| An issue was discovered in the Linux kernel before 5.19. In pxa3xx_gcu_write in drivers/video/fbdev/pxa3xx-gcu.c, the count parameter has a type conflict of size_t versus int, causing an integer overflow and bypassing the size check. After that, because it is used as the third argument to copy_from_user(), a heap overflow may occur. NOTE: the original discoverer disputes that the overflow can actually happen. | ||||
| CVE-2022-38784 | 4 Debian, Fedoraproject, Freedesktop and 1 more | 4 Debian Linux, Fedora, Poppler and 1 more | 2024-11-21 | 7.8 High |
| Poppler prior to and including 22.08.0 contains an integer overflow in the JBIG2 decoder (JBIG2Stream::readTextRegionSeg() in JBIGStream.cc). Processing a specially crafted PDF file or JBIG2 image could lead to a crash or the execution of arbitrary code. This is similar to the vulnerability described by CVE-2022-38171 in Xpdf. | ||||