Filtered by CWE-126
Total 340 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-21701 1 Microsoft 13 Windows 10, Windows 10 1607, Windows 10 1809 and 10 more 2025-01-01 7.5 High
Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability
CVE-2024-43475 1 Microsoft 1 Windows Server 2008 2024-12-31 7.3 High
Microsoft Windows Admin Center Information Disclosure Vulnerability
CVE-2024-38250 1 Microsoft 16 Office, Office Long Term Servicing Channel, Windows 10 1507 and 13 more 2024-12-31 7.8 High
Windows Graphics Component Elevation of Privilege Vulnerability
CVE-2024-33043 1 Qualcomm 406 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 403 more 2024-12-20 5.5 Medium
Transient DOS while handling PS event when Program Service name length offset value is set to 255.
CVE-2024-33056 1 Qualcomm 662 205 Mobile Platform, 205 Mobile Platform Firmware, 315 5g Iot Modem and 659 more 2024-12-12 8.4 High
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
CVE-2024-33037 1 Qualcomm 104 C-v2x 9150, C-v2x 9150 Firmware, Fastconnect 6800 and 101 more 2024-12-11 6.1 Medium
Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.
CVE-2024-31082 1 Redhat 1 Enterprise Linux 2024-11-28 7.3 High
A heap-based buffer over-read vulnerability was found in the X.org server's ProcAppleDRICreatePixmap() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.
CVE-2024-42333 2024-11-27 2.7 Low
The researcher is showing that it is possible to leak a small amount of Zabbix Server memory using an out of bounds read in src/libs/zbxmedia/email.c
CVE-2024-33012 1 Qualcomm 501 Ar8035, Ar8035 Firmware, Ar9380 and 498 more 2024-11-26 7.5 High
Transient DOS while parsing the multiple MBSSID IEs from the beacon, when the tag length is non-zero value but with end of beacon.
CVE-2024-33013 1 Qualcomm 342 Ar8035, Ar8035 Firmware, Csr8811 and 339 more 2024-11-26 7.5 High
Transient DOS when driver accesses the ML IE memory and offset value is incremented beyond ML IE length.
CVE-2024-33011 1 Qualcomm 501 Ar8035, Ar8035 Firmware, Ar9380 and 498 more 2024-11-26 7.5 High
Transient DOS while parsing the MBSSID IE from the beacons, when the MBSSID IE length is zero.
CVE-2024-21479 1 Qualcomm 192 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 189 more 2024-11-26 7.5 High
Transient DOS during music playback of ALAC content.
CVE-2024-21467 1 Qualcomm 258 Csr8811, Csr8811 Firmware, Fastconnect 6800 and 255 more 2024-11-26 6.5 Medium
Information disclosure while handling beacon probe frame during scan entry generation in client side.
CVE-2024-23353 1 Qualcomm 502 205 Mobile Platform, 205 Mobile Platform Firmware, 215 Mobile Platform and 499 more 2024-11-26 7.5 High
Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.
CVE-2024-21459 1 Qualcomm 352 Ar8035, Ar8035 Firmware, Ar9380 and 349 more 2024-11-26 6.5 Medium
Information disclosure while handling beacon or probe response frame in STA.
CVE-2024-31081 1 Redhat 5 Enterprise Linux, Rhel Aus, Rhel E4s and 2 more 2024-11-24 7.3 High
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIPassiveGrabDevice() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.
CVE-2024-31080 1 Redhat 5 Enterprise Linux, Rhel Aus, Rhel E4s and 2 more 2024-11-24 7.3 High
A heap-based buffer over-read vulnerability was found in the X.org server's ProcXIGetSelectedEvents() function. This issue occurs when byte-swapped length values are used in replies, potentially leading to memory leakage and segmentation faults, particularly when triggered by a client with a different endianness. This vulnerability could be exploited by an attacker to cause the X server to read heap memory values and then transmit them back to the client until encountering an unmapped page, resulting in a crash. Despite the attacker's inability to control the specific memory copied into the replies, the small length values typically stored in a 32-bit integer can result in significant attempted out-of-bounds reads.
CVE-2024-4853 2024-11-21 3.6 Low
Memory handling issue in editcap could cause denial of service via crafted capture file
CVE-2024-38373 1 Amazon 1 Freertos-plus-tcp 2024-11-21 9.6 Critical
FreeRTOS-Plus-TCP is a lightweight TCP/IP stack for FreeRTOS. FreeRTOS-Plus-TCP versions 4.0.0 through 4.1.0 contain a buffer over-read issue in the DNS Response Parser when parsing domain names in a DNS response. A carefully crafted DNS response with domain name length value greater than the actual domain name length, could cause the parser to read beyond the DNS response buffer. This issue affects applications using DNS functionality of the FreeRTOS-Plus-TCP stack. Applications that do not use DNS functionality are not affected, even when the DNS functionality is enabled. This vulnerability has been patched in version 4.1.1.
CVE-2024-34459 2024-11-21 7.5 High
An issue was discovered in xmllint (from libxml2) before 2.11.8 and 2.12.x before 2.12.7. Formatting error messages with xmllint --htmlout can result in a buffer over-read in xmlHTMLPrintFileContext in xmllint.c.