Total
239 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-6936 | 1 Wolfssl | 1 Wolfssl | 2025-03-26 | N/A | 5.3 MEDIUM |
| In wolfSSL prior to 5.6.6, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS client or network attacker can trigger a buffer over-read on the heap of 5 bytes (WOLFSSL_CALLBACKS is only intended for debugging). | |||||
| CVE-2024-57970 | 2025-02-18 | N/A | 4.0 MEDIUM | ||
| libarchive through 3.7.7 has a heap-based buffer over-read in header_gnu_longlink in archive_read_support_format_tar.c via a TAR archive because it mishandles truncation in the middle of a GNU long linkname. | |||||
| CVE-2024-12011 | 2025-02-13 | N/A | 7.6 HIGH | ||
| A CWE-126 “Buffer Over-read” was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The information disclosure can be triggered by leveraging a memory leak affecting the web server. A remote unauthenticated attacker can exploit this vulnerability in order to leak valid authentication tokens from the process memory associated to users currently logged to the system and bypass the authentication mechanism. | |||||
| CVE-2023-39540 | 1 Weston-embedded | 1 Uc-tcp-ip | 2025-02-12 | N/A | 5.9 MEDIUM |
| A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv4 ICMP packet. | |||||
| CVE-2023-39541 | 1 Weston-embedded | 1 Uc-tcp-ip | 2025-02-12 | N/A | 5.9 MEDIUM |
| A denial of service vulnerability exists in the ICMP and ICMPv6 parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted network packet can lead to an out-of-bounds read. An attacker can send a malicious packet to trigger this vulnerability.This vulnerability concerns a denial of service within the parsing an IPv6 ICMPv6 packet. | |||||
| CVE-2024-49838 | 1 Qualcomm | 338 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 335 more | 2025-02-05 | N/A | 8.2 HIGH |
| Information disclosure while parsing the OCI IE with invalid length. | |||||
| CVE-2024-38404 | 1 Qualcomm | 80 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 77 more | 2025-02-05 | N/A | 7.5 HIGH |
| Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem. | |||||
| CVE-2024-38414 | 1 Qualcomm | 58 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 55 more | 2025-02-05 | N/A | 6.1 MEDIUM |
| Information disclosure while processing information on firmware image during core initialization. | |||||
| CVE-2024-38416 | 1 Qualcomm | 144 Ar8035, Ar8035 Firmware, C-v2x 9150 and 141 more | 2025-02-05 | N/A | 6.1 MEDIUM |
| Information disclosure during audio playback. | |||||
| CVE-2024-38417 | 1 Qualcomm | 112 Ar8035, Ar8035 Firmware, C-v2x 9150 and 109 more | 2025-02-05 | N/A | 6.1 MEDIUM |
| Information disclosure while processing IO control commands. | |||||
| CVE-2024-45561 | 1 Qualcomm | 64 Aqt1000, Aqt1000 Firmware, Fastconnect 6200 and 61 more | 2025-02-05 | N/A | 7.8 HIGH |
| Memory corruption while handling IOCTL call from user-space to set latency level. | |||||
| CVE-2025-21271 | 1 Microsoft | 5 Windows 10 1809, Windows 10 21h2, Windows 10 22h2 and 2 more | 2025-01-27 | N/A | 7.8 HIGH |
| Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | |||||
| CVE-2025-21277 | 1 Microsoft | 15 Windows 10 1507, Windows 10 1607, Windows 10 1809 and 12 more | 2025-01-27 | N/A | 7.5 HIGH |
| Microsoft Message Queuing (MSMQ) Denial of Service Vulnerability | |||||
| CVE-2024-3077 | 1 Zephyrproject | 1 Zephyr | 2025-01-23 | N/A | 6.8 MEDIUM |
| An malicious BLE device can crash BLE victim device by sending malformed gatt packet | |||||
| CVE-2024-9843 | 2 Apple, Ivanti | 2 Macos, Secure Access Client | 2025-01-17 | N/A | 5.0 MEDIUM |
| A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated attacker to cause a denial of service. | |||||
| CVE-2024-21477 | 1 Qualcomm | 368 Aqt1000, Aqt1000 Firmware, Ar8035 and 365 more | 2025-01-15 | N/A | 7.5 HIGH |
| Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame. | |||||
| CVE-2024-45548 | 1 Qualcomm | 20 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 17 more | 2025-01-13 | N/A | 7.8 HIGH |
| Memory corruption while processing FIPS encryption or decryption validation functionality IOCTL call. | |||||
| CVE-2024-45546 | 1 Qualcomm | 20 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 17 more | 2025-01-13 | N/A | 7.8 HIGH |
| Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space. | |||||
| CVE-2024-45559 | 1 Qualcomm | 46 Qam8255p, Qam8255p Firmware, Qam8295p and 43 more | 2025-01-13 | N/A | 5.5 MEDIUM |
| Transient DOS can occur when GVM sends a specific message type to the Vdev-FastRPC backend. | |||||
| CVE-2023-43539 | 1 Qualcomm | 274 Ar8035, Ar8035 Firmware, Csr8811 and 271 more | 2025-01-10 | N/A | 7.5 HIGH |
| Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame. | |||||