Total
5046 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-21661 | 1 Qualcomm | 230 Ar8035, Ar8035 Firmware, Ar9380 and 227 more | 2023-06-10 | N/A | 7.5 HIGH |
Transient DOS while parsing WLAN beacon or probe-response frame. | |||||
CVE-2023-21669 | 1 Qualcomm | 122 Aqt1000, Aqt1000 Firmware, Flight Rb5 5g Platform and 119 more | 2023-06-10 | N/A | 7.5 HIGH |
Information Disclosure in WLAN HOST while sending DPP action frame to peer with an invalid source address. | |||||
CVE-2023-21659 | 1 Qualcomm | 540 315 5g Iot Modem, 315 5g Iot Modem Firmware, Aqt1000 and 537 more | 2023-06-10 | N/A | 7.5 HIGH |
Transient DOS in WLAN Firmware while processing frames with missing header fields. | |||||
CVE-2023-21658 | 1 Qualcomm | 302 Ar8035, Ar8035 Firmware, Ar9380 and 299 more | 2023-06-10 | N/A | 7.5 HIGH |
Transient DOS in WLAN Firmware while processing the received beacon or probe response frame. | |||||
CVE-2023-21660 | 1 Qualcomm | 158 Csr8811, Csr8811 Firmware, Immersive Home 214 Platform and 155 more | 2023-06-10 | N/A | 7.5 HIGH |
Transient DOS in WLAN Firmware while parsing FT Information Elements. | |||||
CVE-2023-34100 | 2023-06-09 | N/A | N/A | ||
Contiki-NG is an open-source, cross-platform operating system for IoT devices. When reading the TCP MSS option value from an incoming packet, the Contiki-NG OS does not verify that certain buffer indices to read from are within the bounds of the IPv6 packet buffer, uip_buf. In particular, there is a 2-byte buffer read in the module os/net/ipv6/uip6.c. The buffer is indexed using 'UIP_IPTCPH_LEN + 2 + c' and 'UIP_IPTCPH_LEN + 3 + c', but the uip_buf buffer may not have enough data, resulting in a 2-byte read out of bounds. The problem has been patched in the "develop" branch of Contiki-NG, and is expected to be included in release 4.9. Users are advised to watch for the 4.9 release and to upgrade when it becomes available. There are no workarounds for this vulnerability aside from manually patching with the diff in commit `cde4e9839`. | |||||
CVE-2022-28739 | 3 Apple, Debian, Ruby-lang | 3 Macos, Debian Linux, Ruby | 2023-06-09 | 4.3 MEDIUM | 7.5 HIGH |
There is a buffer over-read in Ruby before 2.6.10, 2.7.x before 2.7.6, 3.x before 3.0.4, and 3.1.x before 3.1.2. It occurs in String-to-Float conversion, including Kernel#Float and String#to_f. | |||||
CVE-2021-31239 | 1 Sqlite | 1 Sqlite | 2023-06-09 | N/A | 7.5 HIGH |
An issue found in SQLite SQLite3 v.3.35.4 that allows a remote attacker to cause a denial of service via the appendvfs.c function. | |||||
CVE-2023-2176 | 1 Linux | 1 Linux Kernel | 2023-06-09 | N/A | 7.8 HIGH |
A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege. | |||||
CVE-2023-20727 | 3 Google, Linuxfoundation, Mediatek | 20 Android, Yocto, Mt6789 and 17 more | 2023-06-09 | N/A | 4.4 MEDIUM |
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07588531; Issue ID: ALPS07588531. | |||||
CVE-2023-32206 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2023-06-09 | N/A | 6.5 MEDIUM |
An out-of-bound read could have led to a crash in the RLBox Expat driver. This vulnerability affects Firefox < 113, Firefox ESR < 102.11, and Thunderbird < 102.11. | |||||
CVE-2023-20728 | 3 Google, Linuxfoundation, Mediatek | 40 Android, Yocto, Mt6781 and 37 more | 2023-06-09 | N/A | 4.4 MEDIUM |
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573603; Issue ID: ALPS07573603. | |||||
CVE-2023-20729 | 3 Google, Linuxfoundation, Mediatek | 8 Android, Yocto, Mt6985 and 5 more | 2023-06-09 | N/A | 4.4 MEDIUM |
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573552; Issue ID: ALPS07573575. | |||||
CVE-2023-20731 | 3 Google, Linuxfoundation, Mediatek | 46 Android, Yocto, Mt6761 and 43 more | 2023-06-09 | N/A | 4.4 MEDIUM |
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573495; Issue ID: ALPS07573495. | |||||
CVE-2023-20730 | 3 Google, Linuxfoundation, Mediatek | 8 Android, Yocto, Mt6985 and 5 more | 2023-06-09 | N/A | 4.4 MEDIUM |
In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573552; Issue ID: ALPS07573552. | |||||
CVE-2023-20742 | 2 Google, Mediatek | 48 Android, Mt6735, Mt6737 and 45 more | 2023-06-09 | N/A | 4.4 MEDIUM |
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591; Issue ID: ALPS07628540. | |||||
CVE-2023-20741 | 2 Google, Mediatek | 48 Android, Mt6735, Mt6737 and 45 more | 2023-06-09 | N/A | 4.4 MEDIUM |
In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591; Issue ID: ALPS07628606. | |||||
CVE-2023-20723 | 2 Google, Mediatek | 4 Android, Mt8167, Mt8175 and 1 more | 2023-06-09 | N/A | 6.7 MEDIUM |
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07843845; Issue ID: ALPS07843845. | |||||
CVE-2023-20724 | 2 Google, Mediatek | 4 Android, Mt8167, Mt8175 and 1 more | 2023-06-09 | N/A | 6.7 MEDIUM |
In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07843845; Issue ID: ALPS07843841. | |||||
CVE-2023-25738 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2023-06-08 | N/A | 6.5 MEDIUM |
Members of the <code>DEVMODEW</code> struct set by the printer device driver weren't being validated and could have resulted in invalid values which in turn would cause the browser to attempt out of bounds access to related variables.<br>*This bug only affects Firefox on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 110, Thunderbird < 102.8, and Firefox ESR < 102.8. |