Total
58 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2023-31082 | 1 Linux | 1 Linux Kernel | 2024-03-25 | N/A | 5.5 MEDIUM |
An issue was discovered in drivers/tty/n_gsm.c in the Linux kernel 6.2. There is a sleeping function called from an invalid context in gsmld_write, which will block the kernel. | |||||
CVE-2023-43532 | 1 Qualcomm | 26 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 23 more | 2024-02-08 | N/A | 7.8 HIGH |
Memory corruption while reading ACPI config through the user mode app. | |||||
CVE-2019-11930 | 1 Facebook | 1 Hhvm | 2024-02-08 | 7.5 HIGH | 9.8 CRITICAL |
An invalid free in mb_detect_order can cause the application to crash or potentially result in remote code execution. This issue affects HHVM versions prior to 3.30.12, all versions between 4.0.0 and 4.8.5, all versions between 4.9.0 and 4.23.1, as well as 4.24.0, 4.25.0, 4.26.0, 4.27.0, 4.28.0, and 4.28.1. | |||||
CVE-2022-42309 | 3 Debian, Fedoraproject, Xen | 3 Debian Linux, Fedora, Xen | 2024-02-04 | N/A | 8.8 HIGH |
Xenstore: Guests can crash xenstored Due to a bug in the fix of XSA-115 a malicious guest can cause xenstored to use a wrong pointer during node creation in an error path, resulting in a crash of xenstored or a memory corruption in xenstored causing further damage. Entering the error path can be controlled by the guest e.g. by exceeding the quota value of maximum nodes per domain. | |||||
CVE-2021-30473 | 2 Aomedia, Fedoraproject | 2 Aomedia, Fedora | 2024-01-31 | 7.5 HIGH | 9.8 CRITICAL |
aom_image.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap. | |||||
CVE-2022-46486 | 1 Scontain | 1 Scone | 2024-01-08 | N/A | 5.5 MEDIUM |
A lack of pointer-validation logic in the __scone_dispatch component of SCONE before v5.8.0 for Intel SGX allows attackers to access sensitive information. | |||||
CVE-2023-4883 | 1 Open5gs | 1 Open5gs | 2023-12-10 | N/A | 7.5 HIGH |
Invalid pointer release vulnerability. Exploitation of this vulnerability could allow an attacker to interrupt the correct operation of the service by sending a specially crafted json string to the VNF (Virtual Network Function), and triggering the ogs_sbi_message_free function, which could cause a service outage. | |||||
CVE-2022-26942 | 1 Motorola | 4 Mtm5400, Mtm5400 Firmware, Mtm5500 and 1 more | 2023-12-10 | N/A | 8.2 HIGH |
The Motorola MTM5000 series firmwares lack pointer validation on arguments passed to trusted execution environment (TEE) modules. Two modules are used, one responsible for KVL key management and the other for TETRA cryptographic functionality. In both modules, an adversary with non-secure supervisor level code execution can exploit the issue in order to gain secure supervisor code execution within the TEE. This constitutes a full break of the TEE module, exposing the device key as well as any TETRA cryptographic keys and the confidential TETRA cryptographic primitives. | |||||
CVE-2022-48425 | 1 Linux | 1 Linux Kernel | 2023-12-10 | N/A | 7.8 HIGH |
In the Linux kernel through 6.2.7, fs/ntfs3/inode.c has an invalid kfree because it does not validate MFT flags before replaying logs. | |||||
CVE-2020-27545 | 1 Libdwarf Project | 1 Libdwarf | 2023-12-10 | N/A | 6.5 MEDIUM |
libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted object. | |||||
CVE-2023-34312 | 1 Tencent | 2 Qq, Tim | 2023-12-10 | N/A | 7.8 HIGH |
In Tencent QQ through 9.7.8.29039 and TIM through 3.4.7.22084, QQProtect.exe and QQProtectEngine.dll do not validate pointers from inter-process communication, which leads to a write-what-where condition. | |||||
CVE-2023-0459 | 1 Linux | 1 Linux Kernel | 2023-12-10 | N/A | 5.5 MEDIUM |
Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We recommend upgrading beyond commit 74e19ef0ff8061ef55957c3abd71614ef0f42f47 | |||||
CVE-2023-25565 | 1 Gss-ntlmssp Project | 1 Gss-ntlmssp | 2023-12-10 | N/A | 7.5 HIGH |
GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, an incorrect free when decoding target information can trigger a denial of service. The error condition incorrectly assumes the `cb` and `sh` buffers contain a copy of the data that needs to be freed. However, that is not the case. This vulnerability can be triggered via the main `gss_accept_sec_context` entry point. This will likely trigger an assertion failure in `free`, causing a denial-of-service. This issue is fixed in version 1.2.0. | |||||
CVE-2022-25725 | 1 Qualcomm | 134 Ar8035, Ar8035 Firmware, Csrb31024 and 131 more | 2023-12-10 | N/A | 5.5 MEDIUM |
Denial of service in MODEM due to improper pointer handling | |||||
CVE-2022-2521 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2023-12-10 | N/A | 6.5 MEDIUM |
It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input. | |||||
CVE-2022-37451 | 2 Exim, Fedoraproject | 2 Exim, Fedora | 2023-12-10 | N/A | 7.5 HIGH |
Exim before 4.96 has an invalid free in pam_converse in auths/call_pam.c because store_free is not used after store_malloc. | |||||
CVE-2020-27798 | 1 Upx Project | 1 Upx | 2023-12-10 | N/A | 5.5 MEDIUM |
An invalid memory address reference was discovered in the adjABS function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file. | |||||
CVE-2022-41691 | 1 F5 | 2 Big-ip Advanced Web Application Firewall, Big-ip Application Security Manager | 2023-12-10 | N/A | 7.5 HIGH |
When a BIG-IP Advanced WAF/ASM security policy is configured on a virtual server, undisclosed requests can cause the bd process to terminate. | |||||
CVE-2022-28203 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2023-12-10 | N/A | 7.5 HIGH |
A denial-of-service issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. When many files exist, requesting Special:NewFiles with actor as a condition can result in a very long running query. | |||||
CVE-2020-27797 | 1 Upx Project | 1 Upx | 2023-12-10 | N/A | 5.5 MEDIUM |
An invalid memory address reference was discovered in the elf_lookup function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file. |