Total
99 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2022-41886 | 1 Google | 1 Tensorflow | 2023-12-10 | N/A | 7.5 HIGH |
TensorFlow is an open source platform for machine learning. When `tf.raw_ops.ImageProjectiveTransformV2` is given a large output shape, it overflows. We have patched the issue in GitHub commit 8faa6ea692985dbe6ce10e1a3168e0bd60a723ba. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. | |||||
CVE-2022-32630 | 2 Google, Mediatek | 6 Android, Mt6789, Mt6855 and 3 more | 2023-12-10 | N/A | 6.7 MEDIUM |
In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07405966; Issue ID: ALPS07405966. | |||||
CVE-2022-41907 | 1 Google | 1 Tensorflow | 2023-12-10 | N/A | 7.5 HIGH |
TensorFlow is an open source platform for machine learning. When `tf.raw_ops.ResizeNearestNeighborGrad` is given a large `size` input, it overflows. We have patched the issue in GitHub commit 00c821af032ba9e5f5fa3fe14690c8d28a657624. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range. | |||||
CVE-2022-32651 | 2 Google, Mediatek | 3 Android, Mt6879, Mt6983 | 2023-12-10 | N/A | 6.7 MEDIUM |
In mtk-aie, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07225857; Issue ID: ALPS07225857. | |||||
CVE-2022-32650 | 2 Google, Mediatek | 4 Android, Mt6879, Mt6895 and 1 more | 2023-12-10 | N/A | 6.7 MEDIUM |
In mtk-isp, there is a possible use after free due to a logic error. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07225853; Issue ID: ALPS07225853. | |||||
CVE-2022-32624 | 2 Google, Mediatek | 8 Android, Mt6789, Mt6855 and 5 more | 2023-12-10 | N/A | 6.7 MEDIUM |
In throttling, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07405923; Issue ID: ALPS07405923. | |||||
CVE-2023-1175 | 1 Vim | 1 Vim | 2023-12-10 | N/A | 6.6 MEDIUM |
Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378. | |||||
CVE-2022-32618 | 2 Google, Mediatek | 5 Android, Mt6833, Mt6873 and 2 more | 2023-12-10 | N/A | 6.8 MEDIUM |
In typec, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262454; Issue ID: ALPS07262454. | |||||
CVE-2022-32617 | 2 Google, Mediatek | 6 Android, Mt6789, Mt6855 and 3 more | 2023-12-10 | N/A | 6.8 MEDIUM |
In typec, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege, for an attacker who has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07262364; Issue ID: ALPS07262364. | |||||
CVE-2022-26474 | 2 Google, Mediatek | 6 Android, Mt6789, Mt6855 and 3 more | 2023-12-10 | N/A | 6.7 MEDIUM |
In sensorhub, there is a possible out of bounds write due to an incorrect calculation of buffer size. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07129717; Issue ID: ALPS07129717. | |||||
CVE-2022-39377 | 3 Debian, Fedoraproject, Sysstat Project | 3 Debian Linux, Fedora, Sysstat | 2023-12-10 | N/A | 7.8 HIGH |
sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocate_structures contains a size_t overflow in sa_common.c. The allocate_structures function insufficiently checks bounds before arithmetic multiplication, allowing for an overflow in the size allocated for the buffer representing system activities. This issue may lead to Remote Code Execution (RCE). This issue has been patched in version 12.7.1. | |||||
CVE-2021-4155 | 1 Linux | 1 Linux Kernel | 2023-12-10 | N/A | 5.5 MEDIUM |
A data leak flaw was found in the way XFS_IOC_ALLOCSP IOCTL in the XFS filesystem allowed for size increase of files with unaligned size. A local attacker could use this flaw to leak data on the XFS filesystem otherwise not accessible to them. | |||||
CVE-2022-2520 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2023-12-10 | N/A | 6.5 MEDIUM |
A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input. | |||||
CVE-2022-2873 | 5 Debian, Fedoraproject, Linux and 2 more | 14 Debian Linux, Fedora, Linux Kernel and 11 more | 2023-12-10 | N/A | 5.5 MEDIUM |
An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system. | |||||
CVE-2021-35134 | 1 Qualcomm | 59 Qca6391, Qca6391 Firmware, Qcm6490 and 56 more | 2023-12-10 | N/A | 8.4 HIGH |
Due to insufficient validation of ELF headers, an Incorrect Calculation of Buffer Size can occur in Boot leading to memory corruption in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile | |||||
CVE-2021-40048 | 1 Huawei | 3 Emui, Harmonyos, Magic Ui | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
There is an incorrect buffer size calculation vulnerability in the video framework. Successful exploitation of this vulnerability will affect availability. | |||||
CVE-2021-38423 | 1 Gurum | 1 Gurumdds | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
All versions of GurumDDS improperly calculate the size to be used when allocating the buffer, which may result in a buffer overflow. | |||||
CVE-2021-44510 | 1 Fisglobal | 1 Gt.m | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in FIS GT.M through V7.0-000 (related to the YottaDB code base). Using crafted input, attackers can cause a calculation of the size of calls to memset in op_fnj3 in sr_port/op_fnj3.c to result in an extremely large value in order to cause a segmentation fault and crash the application. | |||||
CVE-2022-22137 | 1 Accusoft | 1 Imagegear | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
A memory corruption vulnerability exists in the ioca_mys_rgb_allocate functionality of Accusoft ImageGear 19.10. A specially-crafted malformed file can lead to an arbitrary free. An attacker can provide a malicious file to trigger this vulnerability. | |||||
CVE-2021-4206 | 3 Debian, Qemu, Redhat | 3 Debian Linux, Qemu, Enterprise Linux | 2023-12-10 | 4.6 MEDIUM | 8.2 HIGH |
A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on the host or potentially execute arbitrary code within the context of the QEMU process. |