| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory Corruption in WLAN HOST while parsing QMI response message from firmware. |
| Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command. |
| Memory corruption when resource manager sends the host kernel a reply message with multiple fragments. |
| Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK length. |
| Memory corruption in Core while processing RX intent request. |
| Memory corruption while processing finish_sign command to pass a rsp buffer. |
| Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. |
| Memory corruption when user provides data for FM HCI command control operations. |
| Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine. |
| Memory corruption while processing data packets in diag received from Unix clients. |
| Memory corruption in SPS Application while requesting for public key in sorter TA. |
| Memory Corruption in SPS Application while exporting public key in sorter TA. |
| Memory corruption when Alternative Frequency offset value is set to 255. |
| Memory Corruption in WLAN HOST while processing WLAN FW request to allocate memory. |
| Memory corruption in wearables while processing data from AON. |
| Memory corruption while processing manipulated payload in video firmware. |
| Ashlar-Vellum Cobalt CO File Parsing Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ashlar-Vellum Cobalt. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of CO files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25240. |
| Turbo FTP Server versions 1.30.823 and 1.30.826 contain a buffer overflow vulnerability in the handling of the PORT command. By sending a specially crafted payload, an unauthenticated remote attacker can overwrite memory structures and execute arbitrary code with SYSTEM privileges. |
| A vulnerability classified as critical was found in TOTOLINK T6 4.1.5cu.748_B20211015. This vulnerability affects the function tcpcheck_net of the file /router/meshSlaveDlfw of the component MQTT Packet Handler. The manipulation of the argument serverIp leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. |
| Kofax Power PDF PDF File Parsing Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power PDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22921. |
