Total
12887 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-44253 | 1 Totolink | 2 Lr350, Lr350 Firmware | 2025-04-25 | 8.8 High |
| TOTOLINK LR350 V9.3.5u.6369_B20220309 contains a post-authentication buffer overflow via parameter ip in the setDiagnosisCfg function. | ||||
| CVE-2022-34667 | 3 Linux, Microsoft, Nvidia | 3 Linux Kernel, Windows, Cuda Toolkit | 2025-04-25 | 4.4 Medium |
| NVIDIA CUDA Toolkit SDK contains a stack-based buffer overflow vulnerability in cuobjdump, where an unprivileged remote attacker could exploit this buffer overflow condition by persuading a local user to download a specially crafted corrupted file and execute cuobjdump against it locally, which may lead to a limited denial of service and some loss of data integrity for the local user. | ||||
| CVE-2022-0137 | 1 Htmldoc Project | 1 Htmldoc | 2025-04-25 | 7.5 High |
| A heap buffer overflow in image_set_mask function of HTMLDOC before 1.9.15 allows an attacker to write outside the buffer boundaries. | ||||
| CVE-2023-50246 | 1 Jqlang | 1 Jq | 2025-04-25 | 6.2 Medium |
| jq is a command-line JSON processor. Version 1.7 is vulnerable to heap-based buffer overflow. Version 1.7.1 contains a patch for this issue. | ||||
| CVE-2021-45985 | 1 Lua | 1 Lua | 2025-04-25 | 7.5 High |
| In Lua 5.4.3, an erroneous finalizer called during a tail call leads to a heap-based buffer over-read. | ||||
| CVE-2024-20067 | 1 Mediatek | 12 Mt6813, Mt6815, Mt6835 and 9 more | 2025-04-25 | 9.8 Critical |
| In modem, there is a possible out of bounds write due to improper input invalidation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01267285; Issue ID: MSV-1462. | ||||
| CVE-2024-20068 | 1 Mediatek | 27 Mt6298, Mt6813, Mt6815 and 24 more | 2025-04-25 | 5.9 Medium |
| In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01270721; Issue ID: MSV-1479. | ||||
| CVE-2024-20072 | 2 Mediatek, Openwrt | 5 Mt6890, Mt6990, Mt7622 and 2 more | 2025-04-25 | 6.6 Medium |
| In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00364732; Issue ID: MSV-1332. | ||||
| CVE-2024-20073 | 2 Mediatek, Openwrt | 4 Mt6890, Mt7622, Software Development Kit and 1 more | 2025-04-25 | 6.6 Medium |
| In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00367704; Issue ID: MSV-1411. | ||||
| CVE-2024-20074 | 2 Google, Mediatek | 31 Android, Mt6580, Mt6739 and 28 more | 2025-04-25 | 6.6 Medium |
| In dmc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08668110; Issue ID: MSV-1333. | ||||
| CVE-2024-20090 | 2 Google, Mediatek | 17 Android, Mt6761, Mt6765 and 14 more | 2025-04-25 | 6.7 Medium |
| In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1703. | ||||
| CVE-2024-20092 | 2 Google, Mediatek | 17 Android, Mt6761, Mt6765 and 14 more | 2025-04-25 | 7.8 High |
| In vdec, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09028313; Issue ID: MSV-1700. | ||||
| CVE-2024-20098 | 3 Google, Linuxfoundation, Mediatek | 20 Android, Yocto, Mt6768 and 17 more | 2025-04-25 | 6.7 Medium |
| In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08996886; Issue ID: MSV-1626. | ||||
| CVE-2024-20099 | 3 Google, Linuxfoundation, Mediatek | 8 Android, Yocto, Mt6768 and 5 more | 2025-04-25 | 6.7 Medium |
| In power, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08997492; Issue ID: MSV-1625. | ||||
| CVE-2024-20100 | 2 Google, Mediatek | 19 Android, Iot Yocto, Mt3605 and 16 more | 2025-04-25 | 9.8 Critical |
| In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998449; Issue ID: MSV-1603. | ||||
| CVE-2020-29367 | 1 Blosc | 1 C-blosc2 | 2025-04-25 | 7.8 High |
| blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data. | ||||
| CVE-2023-32837 | 2 Google, Mediatek | 7 Android, Mt6883, Mt6885 and 4 more | 2025-04-25 | 7.8 High |
| In video, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08235273; Issue ID: ALPS08250357. | ||||
| CVE-2023-32836 | 2 Google, Mediatek | 7 Android, Mt6893, Mt6895 and 4 more | 2025-04-25 | 6.7 Medium |
| In display, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08126725; Issue ID: ALPS08126725. | ||||
| CVE-2023-32832 | 2 Google, Mediatek | 10 Android, Mt6883, Mt6885 and 7 more | 2025-04-25 | 7 High |
| In video, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08235273; Issue ID: ALPS08235273. | ||||
| CVE-2022-45202 | 1 Gpac | 1 Gpac | 2025-04-25 | 7.8 High |
| GPAC v2.1-DEV-rev428-gcb8ae46c8-master was discovered to contain a stack overflow via the function dimC_box_read at isomedia/box_code_3gpp.c. | ||||