Vulnerabilities (CVE)

Filtered by CWE-763
Total 58 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-31082 1 Linux 1 Linux Kernel 2024-03-25 N/A 5.5 MEDIUM
An issue was discovered in drivers/tty/n_gsm.c in the Linux kernel 6.2. There is a sleeping function called from an invalid context in gsmld_write, which will block the kernel.
CVE-2023-43532 1 Qualcomm 26 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 23 more 2024-02-08 N/A 7.8 HIGH
Memory corruption while reading ACPI config through the user mode app.
CVE-2019-11930 1 Facebook 1 Hhvm 2024-02-08 7.5 HIGH 9.8 CRITICAL
An invalid free in mb_detect_order can cause the application to crash or potentially result in remote code execution. This issue affects HHVM versions prior to 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.28.0, and 4.28.1.
CVE-2022-42309 3 Debian, Fedoraproject, Xen 3 Debian Linux, Fedora, Xen 2024-02-04 N/A 8.8 HIGH
Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage. Entering the error path can be controlled by the guest e.g. by exceeding the quota value of maximum nodes per domain.
CVE-2021-30473 2 Aomedia, Fedoraproject 2 Aomedia, Fedora 2024-01-31 7.5 HIGH 9.8 CRITICAL
aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap.
CVE-2022-46486 1 Scontain 1 Scone 2024-01-08 N/A 5.5 MEDIUM
A lack of pointer-validation logic in the __scone_dispatch component of SCONE before v5.8.0 for Intel SGX allows attackers to access sensitive information.
CVE-2023-4883 1 Open5gs 1 Open5gs 2023-12-10 N/A 7.5 HIGH
Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an attacker to interrupt the correct operation of the service by sending a specially crafted json string to the VNF (Virtual Network Function), and triggering the ogs_sbi_message_free function, which could cause a service outage.
CVE-2022-26942 1 Motorola 4 Mtm5400, Mtm5400 Firmware, Mtm5500 and 1 more 2023-12-10 N/A 8.2 HIGH
The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted execution environment (TEE) modules. Two modules are used, one responsible for KVL key management and the other for TETRA cryptographic functionality. In both modules, an adversary with non-secure supervisor level code execution can exploit the issue in order to gain secure supervisor code execution within the TEE. This constitutes a full break of the TEE module, exposing the device key as well as any TETRA cryptographic keys and the confidential TETRA cryptographic primitives.
CVE-2022-48425 1 Linux 1 Linux Kernel 2023-12-10 N/A 7.8 HIGH
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs.
CVE-2020-27545 1 Libdwarf Project 1 Libdwarf 2023-12-10 N/A 6.5 MEDIUM
libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted object.
CVE-2023-34312 1 Tencent 2 Qq, Tim 2023-12-10 N/A 7.8 HIGH
In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition.
CVE-2023-0459 1 Linux 1 Linux Kernel 2023-12-10 N/A 5.5 MEDIUM
Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commit 74e19ef0ff8061ef55957c3abd71614ef0f42f47
CVE-2023-25565 1 Gss-ntlmssp Project 1 Gss-ntlmssp 2023-12-10 N/A 7.5 HIGH
GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, an incorrect free when decoding target information can trigger a denial of service. The error condition incorrectly assumes the `cb` and `sh` buffers contain a copy of the data that needs to be freed. However, that is not the case. This vulnerability can be triggered via the main `gss_accept_sec_context` entry point. This will likely trigger an assertion failure in `free`, causing a denial-of-service. This issue is fixed in version 1.2.0.
CVE-2022-25725 1 Qualcomm 134 Ar8035, Ar8035 Firmware, Csrb31024 and 131 more 2023-12-10 N/A 5.5 MEDIUM
Denial of service in MODEM due to improper pointer handling
CVE-2022-2521 2 Debian, Libtiff 2 Debian Linux, Libtiff 2023-12-10 N/A 6.5 MEDIUM
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input.
CVE-2022-37451 2 Exim, Fedoraproject 2 Exim, Fedora 2023-12-10 N/A 7.5 HIGH
Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc.
CVE-2020-27798 1 Upx Project 1 Upx 2023-12-10 N/A 5.5 MEDIUM
An invalid memory address reference was discovered in the adjABS function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
CVE-2022-41691 1 F5 2 Big-ip Advanced Web Application Firewall, Big-ip Application Security Manager 2023-12-10 N/A 7.5 HIGH
When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate.
CVE-2022-28203 2 Debian, Mediawiki 2 Debian Linux, Mediawiki 2023-12-10 N/A 7.5 HIGH
A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. When many files exist, requesting Special:NewFiles with actor as a condition can result in a very long running query.
CVE-2020-27797 1 Upx Project 1 Upx 2023-12-10 N/A 5.5 MEDIUM
An invalid memory address reference was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.