Export limit exceeded: 44126 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (44126 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-21080 | 1 Google | 1 Android | 2025-02-05 | 5.5 Medium |
| In register_notification_rsp of btif_rc.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-245916076 | ||||
| CVE-2023-20935 | 1 Google | 1 Android | 2025-02-05 | 5.5 Medium |
| In deserialize of multiple files, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID: A-256589724 | ||||
| CVE-2021-33972 | 1 Browser.360 | 1 Safe Browser | 2025-02-05 | 10 Critical |
| Buffer Overflow vulnerability in Qihoo 360 Safe Browser v13.0.2170.0 allows attacker to escalate priveleges. | ||||
| CVE-2021-33971 | 1 360 | 1 Total Security | 2025-02-05 | 7.8 High |
| Qihoo 360 (https://www.360.cn/) Qihoo 360 Safeguard (https://www.360.cn/) Qihoo 360 Total Security (http://www.360totalsecurity.com/) is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: This is a set of vulnerabilities affecting popular software, "360 Safeguard(12.1.0.1004,12.1.0.1005,13.1.0.1001)" , "360 Total Security(10.8.0.1060,10.8.0.1213)", "360 Safe Browser & 360 Chrome(13.0.2170.0)". The attack vector is: On the browser vulnerability, just open a link to complete the vulnerability exploitation remotely; on the client software, you need to locally execute the vulnerability exploitation program, which of course can be achieved with the full chain of browser vulnerability. ¶¶ This is a set of the most serious vulnerabilities that exist on Qihoo 360's PC client a variety of popular software, remote vulnerabilities can be completed by opening a link to arbitrary code execution on both security browsers, with the use of local vulnerabilities, not only help the vulnerability code constitutes an escalation of privileges, er can make the spyware persistent without being scanned permanently resides on the target PC computer (because local vulnerability against Qihoo 360 company's antivirus kernel flaws); this group of remote and local vulnerability of the perfect match, to achieve an information security fallacy, in Qihoo 360's antivirus vulnerability, not only can not be scanned out of the virus, but will help the virus persistently control the target computer, while Qihoo 360 claims to be a safe browser, which exists in the kernel vulnerability but helped the composition of the remote vulnerability. (Security expert "Memory Corruptor" have reported this set of vulnerabilities to the corresponding vendor, all vulnerabilities have been fixed and the vendor rewarded thousands of dollars to the security experts) | ||||
| CVE-2021-0885 | 1 Google | 1 Android | 2025-02-05 | 7.8 High |
| In PVRSRVBridgeSyncPrimOpTake of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270401914 | ||||
| CVE-2021-0884 | 1 Google | 1 Android | 2025-02-05 | 7.8 High |
| In PVRSRVBridgePhysmemImportSparseDmaBuf of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270393454 | ||||
| CVE-2021-0883 | 1 Google | 1 Android | 2025-02-05 | 7.8 High |
| In PVRSRVBridgeCacheOpQueue of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270395013 | ||||
| CVE-2021-0882 | 1 Google | 1 Android | 2025-02-05 | 7.8 High |
| In PVRSRVBridgeRGXKickSync of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270395803 | ||||
| CVE-2021-0881 | 1 Google | 1 Android | 2025-02-05 | 7.8 High |
| In PVRSRVBridgeRGXKickCDM of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270396350 | ||||
| CVE-2024-27088 | 1 Medikoo | 1 Es5-ext | 2025-02-05 | 0 Low |
| es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into `function#copy` or `function#toStringTokens` may cause the script to stall. The vulnerability is patched in v0.10.63. | ||||
| CVE-2023-30463 | 1 Altran | 1 Picotcp | 2025-02-05 | 7.5 High |
| Altran picoTCP through 1.7.0 allows memory corruption (and subsequent denial of service) because of an integer overflow in pico_ipv6_alloc when processing large ICMPv6 packets. This affects installations with Ethernet support in which a packet size greater than 65495 may occur. | ||||
| CVE-2022-29604 | 1 Opennetworking | 1 Onos | 2025-02-05 | 9.8 Critical |
| An issue was discovered in ONOS 2.5.1. An intent with an uppercase letter in a device ID shows the CORRUPT state, which is misleading to a network operator. Improper handling of case sensitivity causes inconsistency between intent and flow rules in the network. | ||||
| CVE-2022-26124 | 1 Intel | 8 Nuc 8 Rugged Board Nuc8cchbn, Nuc 8 Rugged Board Nuc8cchbn Firmware, Nuc 8 Rugged Kit Nuc8cchkr and 5 more | 2025-02-05 | 7.5 High |
| Improper buffer restrictions in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC 8 Boards, Intel(R) NUC 8 Rugged Boards and Intel(R) NUC 8 Rugged Kits before version CHAPLCEL.0059 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2021-33975 | 1 Browser.360 | 1 Safe Browser | 2025-02-05 | 10 Critical |
| Buffer Overflow vulnerability in Qihoo 360 Total Security v10.8.0.1060 and v10.8.0.1213 allows attacker to escalate privileges. | ||||
| CVE-2021-33974 | 1 360 | 1 Total Security | 2025-02-05 | 8.8 High |
| Qihoo 360 (https://www.360.cn/) Qihoo 360 Safeguard (https://www.360.cn/) Qihoo 360 Chrome (https://browser.360.cn/ee/) is affected by: Buffer Overflow. The impact is: execute arbitrary code (remote). The component is: This is a set of vulnerabilities affecting popular software, and the installation packages correspond to versions "360 Safeguard(12.1.0.1004,12.1.0.1005,13.1.0.1001)" , "360 Total Security(10.8.0.1060,10.8.0.1213)", "360 Safe Browser & 360 Chrome(12. The attack vector is: On the browser vulnerability, just open a link to complete the vulnerability exploitation remotely; on the client software, you need to locally execute the vulnerability exploitation program, which of course can be achieved with the full chain of browser vulnerability. ¶¶ This is a set of the most serious vulnerabilities that exist on Qihoo 360's PC client multiple popular software, remote vulnerabilities can be accomplished by opening a link to arbitrary code execution on both security browsers, in conjunction with the exploitation of local vulnerabilities that allow spyware to persist without being scanned to permanently reside on the target PC computer (because local vulnerabilities target Qihoo 360 company's antivirus software kernel flaws); this set of remote and local vulnerabilities in perfect coordination, to achieve an information security fallacy, on Qihoo 360's antivirus software vulnerability, not only can not be scanned out of the virus, but will help the virus persistently control the target computer, while Qihoo 360 claims to be a secure browser, which exists in the kernel vulnerability but help the composition of the remote vulnerability.(Security expert "Memory Corruptor" have reported this set of vulnerabilities to the corresponding vendor, all vulnerabilities have been fixed and the vendor rewarded thousands of dollars to this security expert) | ||||
| CVE-2021-33973 | 1 360totalsecurity | 1 360 Total Security | 2025-02-05 | 7.8 High |
| Buffer Overflow vulnerability in Qihoo 360 Safe guard v12.1.0.1004, v12.1.0.1005, v13.1.0.1001 allows attacker to escalate priveleges. | ||||
| CVE-2024-49838 | 1 Qualcomm | 338 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 335 more | 2025-02-05 | 8.2 High |
| Information disclosure while parsing the OCI IE with invalid length. | ||||
| CVE-2024-49840 | 1 Qualcomm | 20 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 17 more | 2025-02-05 | 7.8 High |
| Memory corruption while Invoking IOCTL calls from user-space to validate FIPS encryption or decryption functionality. | ||||
| CVE-2024-49843 | 1 Qualcomm | 104 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 7800 and 101 more | 2025-02-05 | 7.8 High |
| Memory corruption while processing IOCTL from user space to handle GPU AHB bus error. | ||||
| CVE-2024-49834 | 1 Qualcomm | 254 Csra6620, Csra6620 Firmware, Csra6640 and 251 more | 2025-02-05 | 7.8 High |
| Memory corruption while power-up or power-down sequence of the camera sensor. | ||||