Total
12847 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-33079 | 1 Qualcomm | 288 Apq5053-aa, Apq5053-aa Firmware, Ar8035 and 285 more | 2024-11-21 | 7.8 High |
| Memory corruption in Audio while running invalid audio recording from ADSP. | ||||
| CVE-2023-32887 | 1 Mediatek | 38 Mt2735, Mt6813, Mt6833 and 35 more | 2024-11-21 | 7.5 High |
| In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892). | ||||
| CVE-2023-32885 | 2 Google, Mediatek | 32 Android, Mt6761, Mt6765 and 29 more | 2024-11-21 | 6.7 Medium |
| In display drm, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780685; Issue ID: ALPS07780685. | ||||
| CVE-2023-32884 | 2 Google, Mediatek | 60 Android, Mt2713, Mt6580 and 57 more | 2024-11-21 | 6.7 Medium |
| In netdagent, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944011; Issue ID: ALPS07944011. | ||||
| CVE-2023-32656 | 1 Intel | 2 Realsense 450 Fa, Realsense 450 Fa Firmware | 2024-11-21 | 5.3 Medium |
| Improper buffer restrictions in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-31247 | 2 Silabs, Weston-embedded | 3 Gecko Software Development Kit, Cesium Net, Uc-http | 2024-11-21 | 9 Critical |
| A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability. | ||||
| CVE-2023-31194 | 1 Diagon Project | 1 Diagon | 2024-11-21 | 5.3 Medium |
| An improper array index validation vulnerability exists in the GraphPlanar::Write functionality of Diagon v1.0.139. A specially crafted markdown file can lead to memory corruption. A victim would need to open a malicious file to trigger this vulnerability. | ||||
| CVE-2023-2873 | 2 Filseclab, Microsoft | 2 Twister Antivirus, Windows | 2024-11-21 | 5.3 Medium |
| A vulnerability classified as critical was found in Twister Antivirus 8. This vulnerability affects the function 0x804f2143/0x804f217f/0x804f214b/0x80800043 in the library filppd.sys of the component IoControlCode Handler. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229852. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-2794 | 2024-11-21 | 8.1 High | ||
| A flaw was found in ofono, an Open Source Telephony on Linux. A stack overflow bug is triggered within the decode_deliver() function during the SMS decoding. It is assumed that the attack scenario is accessible from a compromised modem, a malicious base station, or just SMS. There is a bound check for this memcpy length in decode_submit(), but it was forgotten in decode_deliver(). | ||||
| CVE-2023-28772 | 2 Linux, Redhat | 4 Linux Kernel, Enterprise Linux, Rhel Eus and 1 more | 2024-11-21 | 6.7 Medium |
| An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow. | ||||
| CVE-2023-28736 | 1 Mdadm Project | 1 Mdadm | 2024-11-21 | 5.7 Medium |
| Buffer overflow in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-28730 | 1 Panasonic | 1 Control Fpwin Pro | 2024-11-21 | 7.8 High |
| A memory corruption vulnerability Panasonic Control FPWIN Pro versions 7.6.0.3 and all previous versions may allow arbitrary code execution when opening specially crafted project files. | ||||
| CVE-2023-28587 | 1 Qualcomm | 380 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 377 more | 2024-11-21 | 7.8 High |
| Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface level. | ||||
| CVE-2023-28585 | 1 Qualcomm | 562 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 559 more | 2024-11-21 | 8.2 High |
| Memory corruption while loading an ELF segment in TEE Kernel. | ||||
| CVE-2023-28551 | 1 Qualcomm | 496 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 493 more | 2024-11-21 | 7.8 High |
| Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments. | ||||
| CVE-2023-28550 | 1 Qualcomm | 670 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 667 more | 2024-11-21 | 7.8 High |
| Memory corruption in MPP performance while accessing DSM watermark using external memory address. | ||||
| CVE-2023-28545 | 1 Qualcomm | 408 315 5g Iot Modem, 315 5g Iot Modem Firmware, 9205 Lte Modem and 405 more | 2024-11-21 | 8.2 High |
| Memory corruption in TZ Secure OS while loading an app ELF. | ||||
| CVE-2023-28391 | 2 Silabs, Weston-embedded | 4 Gecko Platform, Gecko Software Development Kit, Cesium Net and 1 more | 2024-11-21 | 9 Critical |
| A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. Specially crafted network packets can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability. | ||||
| CVE-2023-28383 | 2024-11-21 | 6.1 Medium | ||
| Improper conditions check in some Intel(R) BIOS PPAM firmware may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2023-28379 | 2 Silabs, Weston-embedded | 3 Gecko Software Development Kit, Cesium Net, Uc-http | 2024-11-21 | 9 Critical |
| A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker can send a malicious packet to trigger this vulnerability. | ||||