Total
14375 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-17528 | 1 Apache | 1 Nuttx | 2025-02-13 | 9.1 Critical |
| Out-of-bounds Write vulnerability in TCP stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying arbitrary urgent data pointer offsets within TCP packets including beyond the length of the packet. | ||||
| CVE-2023-26976 | 1 Tenda | 2 Ac6, Ac6 Firmware | 2025-02-13 | 7.5 High |
| Tenda AC6 v15.03.05.09_multi was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. | ||||
| CVE-2023-20653 | 2 Google, Mediatek | 60 Android, Mt6580, Mt6731 and 57 more | 2025-02-13 | 6.7 Medium |
| In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589144. | ||||
| CVE-2023-20652 | 2 Google, Mediatek | 60 Android, Mt6580, Mt6731 and 57 more | 2025-02-13 | 6.7 Medium |
| In keyinstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628168; Issue ID: ALPS07589135. | ||||
| CVE-2024-27375 | 1 Samsung | 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more | 2025-02-13 | 6.7 Medium |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_followup_get_nl_params(), there is no input validation check on hal_req->sdea_service_specific_info_len coming from userspace, which can lead to a heap overwrite. | ||||
| CVE-2024-27374 | 2 Samsung, Samsung Mobile | 11 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 8 more | 2025-02-13 | 6.7 Medium |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_publish_get_nl_params(), there is no input validation check on hal_req->service_specific_info_len coming from userspace, which can lead to a heap overwrite. | ||||
| CVE-2024-27371 | 1 Samsung | 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more | 2025-02-13 | 6.7 Medium |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_followup_get_nl_params(), there is no input validation check on hal_req->service_specific_info_len coming from userspace, which can lead to a heap overwrite. | ||||
| CVE-2024-27370 | 1 Samsung | 10 Exynos 1280, Exynos 1280 Firmware, Exynos 1330 and 7 more | 2025-02-13 | 6.7 Medium |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_nan_config_get_nl_params(), there is no input validation check on hal_req->num_config_discovery_attr coming from userspace, which can lead to a heap overwrite. | ||||
| CVE-2023-25212 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2025-02-13 | 9.8 Critical |
| Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromSetWirelessRepeat function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | ||||
| CVE-2023-25211 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2025-02-13 | 9.8 Critical |
| Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the R7WebsSecurityHandler function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | ||||
| CVE-2023-25210 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2025-02-13 | 9.8 Critical |
| Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | ||||
| CVE-2023-24800 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2025-02-13 | 9.8 Critical |
| D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_495220 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | ||||
| CVE-2023-24799 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2025-02-13 | 9.8 Critical |
| D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_48AF78 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | ||||
| CVE-2023-24798 | 1 Dlink | 2 Dir-878, Dir-878 Firmware | 2025-02-13 | 9.8 Critical |
| D-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_475FB0 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | ||||
| CVE-2023-24797 | 1 Dlink | 2 Dir-882 A1, Dir-882 A1 Firmware | 2025-02-13 | 9.8 Critical |
| D-Link DIR882 DIR882A1_FW110B02 was discovered to contain a stack overflow in the sub_48AC20 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | ||||
| CVE-2023-20670 | 2 Google, Mediatek | 46 Android, Mt2715, Mt6580 and 43 more | 2025-02-13 | 6.7 Medium |
| In audio, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648710; Issue ID: ALPS07648710. | ||||
| CVE-2023-20666 | 2 Google, Mediatek | 11 Android, Mt6789, Mt6855 and 8 more | 2025-02-13 | 6.7 Medium |
| In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07310651; Issue ID: ALPS07292173. | ||||
| CVE-2023-1579 | 2 Gnu, Redhat | 2 Binutils, Enterprise Linux | 2025-02-13 | 7.8 High |
| Heap based buffer overflow in binutils-gdb/bfd/libbfd.c in bfd_getl64. | ||||
| CVE-2023-25213 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2025-02-12 | 9.8 Critical |
| Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the check_param_changed function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | ||||
| CVE-2023-25220 | 1 Tenda | 2 Ac5, Ac5 Firmware | 2025-02-12 | 9.8 Critical |
| Tenda AC5 US_AC5V1.0RTL_V15.03.06.28 was discovered to contain a stack overflow via the add_white_node function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload. | ||||