Export limit exceeded: 21632 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (21632 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-49838 | 1 Qualcomm | 338 Ar8035, Ar8035 Firmware, Fastconnect 6200 and 335 more | 2025-02-05 | 8.2 High |
| Information disclosure while parsing the OCI IE with invalid length. | ||||
| CVE-2024-49843 | 1 Qualcomm | 104 Fastconnect 6200, Fastconnect 6200 Firmware, Fastconnect 7800 and 101 more | 2025-02-05 | 7.8 High |
| Memory corruption while processing IOCTL from user space to handle GPU AHB bus error. | ||||
| CVE-2024-49834 | 1 Qualcomm | 254 Csra6620, Csra6620 Firmware, Csra6640 and 251 more | 2025-02-05 | 7.8 High |
| Memory corruption while power-up or power-down sequence of the camera sensor. | ||||
| CVE-2024-45582 | 1 Qualcomm | 68 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 65 more | 2025-02-05 | 7.8 High |
| Memory corruption while validating number of devices in Camera kernel . | ||||
| CVE-2024-49832 | 1 Qualcomm | 50 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 47 more | 2025-02-05 | 7.8 High |
| Memory corruption in Camera due to unusually high number of nodes passed to AXI port. | ||||
| CVE-2024-49833 | 1 Qualcomm | 160 Fastconnect 6700, Fastconnect 6700 Firmware, Fastconnect 6900 and 157 more | 2025-02-05 | 7.8 High |
| Memory corruption can occur in the camera when an invalid CID is used. | ||||
| CVE-2024-55192 | 1 Openimageio | 1 Openimageio | 2025-02-05 | 9.8 Critical |
| OpenImageIO v3.1.0.0dev was discovered to contain a heap overflow via the component OpenImageIO_v3_1_0::farmhash::inlined::Fetch64(char const*). | ||||
| CVE-2023-27353 | 1 Sonos | 4 One, One Firmware, S1 and 1 more | 2025-02-05 | 6.5 Medium |
| This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msprox endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-19846. | ||||
| CVE-2023-27355 | 1 Sonos | 4 One, One Firmware, S1 and 1 more | 2025-02-05 | 8.8 High |
| This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MPEG-TS parser. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19773. | ||||
| CVE-2024-38404 | 1 Qualcomm | 80 Ar8035, Ar8035 Firmware, Fastconnect 7800 and 77 more | 2025-02-05 | 7.5 High |
| Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem. | ||||
| CVE-2024-38414 | 1 Qualcomm | 58 Fastconnect 6900, Fastconnect 6900 Firmware, Fastconnect 7800 and 55 more | 2025-02-05 | 6.1 Medium |
| Information disclosure while processing information on firmware image during core initialization. | ||||
| CVE-2024-38416 | 1 Qualcomm | 144 Ar8035, Ar8035 Firmware, C-v2x 9150 and 141 more | 2025-02-05 | 6.1 Medium |
| Information disclosure during audio playback. | ||||
| CVE-2024-38417 | 1 Qualcomm | 112 Ar8035, Ar8035 Firmware, C-v2x 9150 and 109 more | 2025-02-05 | 6.1 Medium |
| Information disclosure while processing IO control commands. | ||||
| CVE-2023-46401 | 1 Kwhotel | 1 Kwhotel | 2025-02-04 | 8.8 High |
| KWHotel 0.47 is vulnerable to CSV Formula Injection in the invoice adding function. | ||||
| CVE-2023-2226 | 1 Rapid7 | 1 Velociraptor | 2025-02-04 | 3.3 Low |
| Due to insufficient validation in the PE and OLE parsers in Rapid7's Velociraptor versions earlier than 0.6.8 allows attacker to crash Velociraptor during parsing of maliciously malformed files. For this attack to succeed, the attacker needs to be able to introduce malicious files to the system at the same time that Velociraptor attempts to collect any artifacts that attempt to parse PE files, Authenticode signatures, or OLE files. After crashing, the Velociraptor service will restart and it will still be possible to collect other artifacts. | ||||
| CVE-2023-0205 | 1 Nvidia | 4 Connectx-5, Connectx-6, Connectx-6-dx and 1 more | 2025-02-04 | 5 Medium |
| NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can exploit insufficient granularity of access control, which may lead to denial of service. | ||||
| CVE-2023-0203 | 1 Nvidia | 4 Connectx-5, Connectx-6, Connectx-6-dx and 1 more | 2025-02-04 | 5 Medium |
| NVIDIA ConnectX-5, ConnectX-6, and ConnectX6-DX contain a vulnerability in the NIC firmware, where an unprivileged user can exploit insufficient granularity of access control, which may lead to denial of service. | ||||
| CVE-2023-25505 | 1 Nvidia | 2 Bmc, Dgx-1 | 2025-02-04 | 7.8 High |
| NVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler of the AMI MegaRAC BMC , where an attacker with the appropriate level of authorization can cause a buffer overflow, which may lead to denial of service, information disclosure, or arbitrary code execution. | ||||
| CVE-2023-20870 | 1 Vmware | 2 Fusion, Workstation | 2025-02-04 | 6 Medium |
| VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. | ||||
| CVE-2023-25512 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2025-02-04 | 5.3 Medium |
| NVIDIA CUDA toolkit for Linux and Windows contains a vulnerability in cuobjdump, where an attacker may cause an out-of-bounds memory read by running cuobjdump on a malformed input file. A successful exploit of this vulnerability may lead to limited denial of service, code execution, and limited information disclosure. | ||||