| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| sprintf in the GNU C Library (glibc) 2.37 has a buffer overflow (out-of-bounds write) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a number, if the buffer is allocated the exact size required to represent that number as a string. For example, 1,234,567 (with padding to 13) overflows by two bytes. |
| The user interface of Array Networks AG Series and vxAG through 9.4.0.470 could allow a remote attacker to use the gdb tool to overwrite the backend function call stack after accessing the system with administrator privileges. A successful exploit could leverage this vulnerability in the backend binary file that handles the user interface to a cause denial of service attack. This is fixed in AG 9.4.0.481. |
| In ged, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494067; Issue ID: ALPS07494067. |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. |
| In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services. |
| In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services. |
| In wlan driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services. |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. |
| In wlan driver, there is a possible missing params check. This could lead to local denial of service in wlan services. |
|
PowerPath Management Appliance with versions 3.3 & 3.2*, 3.1 & 3.0* contains OS Command Injection vulnerability. An authenticated remote attacker with administrative privileges could potentially exploit the issue and execute commands on the system as the root user.
|
| Raffle Draw System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at get_ticket.php. |
| In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628615; Issue ID: ALPS07628615. |
| In gnss driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in wlan services. |
| In gpu driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service in kernel. |
| Stack overflow vulnerability in the NFC module.Successful exploitation of this vulnerability may affect service availability and integrity. |
| All versions of the package create-choo-app3 are vulnerable to Command Injection via the devInstall function due to improper user-input sanitization.
|
| All versions of the package semver-tags are vulnerable to Command Injection via the getGitTagsRemote function due to improper input sanitization.
|
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_config_get_nl_params(), there is no input validation check on disc_attr->mesh_id_len coming from userspace, which can lead to a heap overwrite. |
| Vulnerability in Realtek RtsPer driver for PCIe Card Reader (RtsPer.sys) before 10.0.22000.21355 and Realtek RtsUer driver for USB Card Reader (RtsUer.sys) before 10.0.22000.31274 allows writing to kernel memory beyond the SystemBuffer of the IRP. |
