Total
7420 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-49077 | 1 Microsoft | 8 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 5 more | 2025-01-08 | N/A | 6.8 MEDIUM |
| Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | |||||
| CVE-2024-49065 | 1 Microsoft | 5 365 Apps, Office, Office Long Term Servicing Channel and 2 more | 2025-01-08 | N/A | 5.5 MEDIUM |
| Microsoft Office Remote Code Execution Vulnerability | |||||
| CVE-2024-49109 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-01-08 | N/A | 6.6 MEDIUM |
| Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | |||||
| CVE-2024-49103 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-01-08 | N/A | 4.3 MEDIUM |
| Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability | |||||
| CVE-2024-49101 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-01-08 | N/A | 6.6 MEDIUM |
| Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability | |||||
| CVE-2024-49099 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-01-08 | N/A | 4.3 MEDIUM |
| Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability | |||||
| CVE-2024-49098 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-01-08 | N/A | 4.3 MEDIUM |
| Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability | |||||
| CVE-2024-49092 | 1 Microsoft | 9 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 6 more | 2025-01-08 | N/A | 6.8 MEDIUM |
| Windows Mobile Broadband Driver Elevation of Privilege Vulnerability | |||||
| CVE-2023-20742 | 2 Google, Mediatek | 48 Android, Mt6735, Mt6737 and 45 more | 2025-01-07 | N/A | 4.4 MEDIUM |
| In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591; Issue ID: ALPS07628540. | |||||
| CVE-2023-20741 | 2 Google, Mediatek | 48 Android, Mt6735, Mt6737 and 45 more | 2025-01-07 | N/A | 4.4 MEDIUM |
| In ril, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628591; Issue ID: ALPS07628606. | |||||
| CVE-2023-20728 | 3 Google, Linuxfoundation, Mediatek | 40 Android, Yocto, Mt6781 and 37 more | 2025-01-07 | N/A | 4.4 MEDIUM |
| In wlan, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07573603; Issue ID: ALPS07573603. | |||||
| CVE-2024-48457 | 2025-01-07 | N/A | 7.5 HIGH | ||
| An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.3749 and Netis Wifi 11AC Router NC63 3.0.0.3327 and 3.0.0.3503 and Netis Wifi 11AC Router NC21 3.0.0.3800, 3.0.0.3500 and 3.0.0.3329 and Netis Wifi Router MW5360 1.0.1.3442 and 1.0.1.3031 allows a remote attacker to obtain sensitive information via the endpoint /cgi-bin/skk_set.cgi and binary /bin/scripts/start_wifi.sh | |||||
| CVE-2024-48456 | 2025-01-07 | N/A | 7.5 HIGH | ||
| An issue in Netis Wifi6 Router NX10 2.0.1.3643 and 2.0.1.3582 and Netis Wifi 11AC Router NC65 3.0.0.3749 and Netis Wifi 11AC Router NC63 3.0.0.3327 and 3.0.0.3503 and Netis Wifi 11AC Router NC21 3.0.0.3800, 3.0.0.3500 and 3.0.0.3329 and Netis Wifi Router MW5360 1.0.1.3442 and 1.0.1.3031 allows a remote attacker to obtain sensitive information via the parameter password at the change admin password page at the router web interface. | |||||
| CVE-2023-33537 | 1 Tp-link | 6 Tl-wr740n, Tl-wr740n Firmware, Tl-wr841n and 3 more | 2025-01-07 | N/A | 8.1 HIGH |
| TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/FixMapCfgRpm. | |||||
| CVE-2023-33536 | 1 Tp-link | 6 Tl-wr740n, Tl-wr740n Firmware, Tl-wr841n and 3 more | 2025-01-07 | N/A | 8.1 HIGH |
| TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a buffer overflow via the component /userRpm/WlanMacFilterRpm. | |||||
| CVE-2023-50927 | 1 Contiki-ng | 1 Contiki-ng | 2025-01-07 | N/A | 8.6 HIGH |
| Contiki-NG is an open-source, cross-platform operating system for Next-Generation IoT devices. An attacker can trigger out-of-bounds reads in the RPL-Lite implementation of the RPL protocol in the Contiki-NG operating system. This vulnerability is caused by insufficient control of the lengths for DIO and DAO messages, in particular when they contain RPL sub-option headers. The problem has been patched in Contiki-NG 4.9. Users are advised to upgrade. Users unable to upgrade should manually apply the code changes in PR #2484. | |||||
| CVE-2024-45070 | 2025-01-07 | N/A | 5.5 MEDIUM | ||
| in OpenHarmony v4.1.2 and prior versions allow a local attacker cause information leak through out-of-bounds Read. | |||||
| CVE-2022-48739 | 1 Linux | 1 Linux Kernel | 2025-01-06 | N/A | 7.1 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: ASoC: hdmi-codec: Fix OOB memory accesses Correct size of iec_status array by changing it to the size of status array of the struct snd_aes_iec958. This fixes out-of-bounds slab read accesses made by memcpy() of the hdmi-codec driver. This problem is reported by KASAN. | |||||
| CVE-2023-52766 | 1 Linux | 1 Linux Kernel | 2025-01-06 | N/A | 7.1 HIGH |
| In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler Do not loop over ring headers in hci_dma_irq_handler() that are not allocated and enabled in hci_dma_init(). Otherwise out of bounds access will occur from rings->headers[i] access when i >= number of allocated ring headers. | |||||
| CVE-2023-24535 | 1 Protobuf | 1 Protobuf | 2025-01-06 | N/A | 7.5 HIGH |
| Parsing invalid messages can panic. Parsing a text-format message which contains a potential number consisting of a minus sign, one or more characters of whitespace, and no further input will cause a panic. | |||||