| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In DRM/oemcrypto, there is a possible out of bounds write due to an incorrect calculation of buffer size.This could lead to remote escalation of privilege with System execution privileges needed |
| In libimpl-ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed. |
| Out-of-bounds write in some Intel(R) RealSense(TM) ID software for Intel(R) RealSense(TM) 450 FA in version 0.25.0 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| Janino 3.1.9 and earlier are subject to denial of service (DOS) attacks when using the expression evaluator.guess parameter name method. If the parser runs on user-supplied input, an attacker could supply content that causes the parser to crash due to a stack overflow. NOTE: this is disputed by multiple parties because Janino is not intended for use with untrusted input. |
| Connected IO v2.1.0 and prior has a stack-based buffer overflow vulnerability in its communication protocol, enabling attackers to take control over devices. |
| A stack-based overflow vulnerability [CWE-124] in Fortinet FortiOS version 7.0.0 through 7.0.10 and 7.2.0 through 7.2.3 and FortiProxy version 7.0.0 through 7.0.9 and 7.2.0 through 7.2.2 allows a remote unauthenticated attacker to execute arbitrary code or command via crafted packets reaching proxy policies or firewall policies with proxy mode alongside deep or full packet inspection. |
|
When handling contactless cards, usage of a specific function to get additional information from the card which doesn't
check the boundary on the data received while reading. This allows a stack-based buffer overflow that could lead to a
potential Remote Code Execution on the targeted device
|
|
When reading DesFire keys, the function that reads the card isn't properly checking the boundaries when copying
internally the data received. This allows a heap based buffer overflow that could lead to a potential Remote Code
Execution on the targeted device. This is especially problematic if you use Default DESFire key.
|
|
During the retrofit validation process, the firmware doesn't properly check the boundaries while copying some attributes
to check. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the targeted
device
|
|
The handler of the retrofit validation command doesn't properly check the boundaries when performing certain validation
operations. This allows a stack-based buffer overflow that could lead to a potential Remote Code Execution on the
targeted device
|
|
The Parameter Zone Read and Parameter Zone Write command handlers allow performing a Stack buffer overflow.
This could potentially lead to a Remote Code execution on the targeted device.
|
| Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute. |
| Memory corruption while receiving a message in Bus Socket Transport Server. |
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.0.1.2425 build 20230609 and later
QTS 5.1.0.2444 build 20230629 and later
QTS 4.5.4.2467 build 20230718 and later
QuTS hero h5.0.1.2515 build 20230907 and later
QuTS hero h5.1.0.2424 build 20230609 and later
QuTS hero h4.5.4.2476 build 20230728 and later
QuTScloud c5.1.0.2498 and later
|
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.0.1.2425 build 20230609 and later
QTS 5.1.0.2444 build 20230629 and later
QTS 4.5.4.2467 build 20230718 and later
QuTS hero h5.0.1.2515 build 20230907 and later
QuTS hero h5.1.0.2424 build 20230609 and later
QuTS hero h4.5.4.2476 build 20230728 and later
QuTScloud c5.1.0.2498 and later
|
| A buffer copy without checking size of input vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated administrators to execute code via a network.
We have already fixed the vulnerability in the following versions:
QTS 5.0.1.2425 build 20230609 and later
QTS 5.1.0.2444 build 20230629 and later
QTS 4.5.4.2467 build 20230718 and later
QuTS hero h5.0.1.2515 build 20230907 and later
QuTS hero h5.1.0.2424 build 20230609 and later
QuTS hero h4.5.4.2476 build 20230728 and later
QuTScloud c5.1.0.2498 and later
|
| In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363632; Issue ID: ALPS07363632. |
| In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560793; Issue ID: ALPS07560793. |
| In mmp, there is a possible memory corruption due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07342152; Issue ID: ALPS07342152. |
| In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363456; Issue ID: ALPS07363456. |
