| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The HW_KEYMASTER module has a vulnerability of not verifying the data read.Successful exploitation of this vulnerability may cause malicious construction of data, which results in out-of-bounds access. |
| The kernel server has a vulnerability of not verifying the length of the data transferred in the user space.Successful exploitation of this vulnerability may cause out-of-bounds read in the kernel, which affects the device confidentiality and availability. |
| The phones have the heap overflow, out-of-bounds read, and null pointer vulnerabilities in the fingerprint trusted application (TA).Successful exploitation of this vulnerability may affect the fingerprint service. |
| Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability |
| Windows Lightweight Directory Access Protocol (LDAP) Denial of Service Vulnerability |
| Windows Mobile Broadband Driver Elevation of Privilege Vulnerability |
| Windows Mobile Broadband Driver Elevation of Privilege Vulnerability |
| Windows Mobile Broadband Driver Elevation of Privilege Vulnerability |
| Windows Mobile Broadband Driver Elevation of Privilege Vulnerability |
| Microsoft Office Remote Code Execution Vulnerability |
| Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability |
| Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability |
| Wireless Wide Area Network Service (WwanSvc) Elevation of Privilege Vulnerability |
| Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability |
| Windows Wireless Wide Area Network Service (WwanSvc) Information Disclosure Vulnerability |
| Windows Mobile Broadband Driver Elevation of Privilege Vulnerability |
| An issue was discovered in Ollama before 0.1.46. An attacker can use two HTTP requests to upload a malformed GGUF file containing just 4 bytes starting with the GGUF custom magic header. By leveraging a custom Modelfile that includes a FROM statement pointing to the attacker-controlled blob file, the attacker can crash the application through the CreateModel route, leading to a segmentation fault (signal SIGSEGV: segmentation violation). |
| A vulnerability in Ollama versions <=0.3.14 allows a malicious user to create a customized gguf model file that can be uploaded to the public Ollama server. When the server processes this malicious model, it crashes, leading to a Denial of Service (DoS) attack. The root cause of the issue is an out-of-bounds read in the gguf.go file. |
| Horner Automation Cscape version 10.0 (10.0.415.2) SP1 is vulnerable to an out-of-bounds read vulnerability that could allow an attacker to disclose information and execute arbitrary code on affected installations of Cscape. |
| Memory corruption due to improper bounds check while command handling in camera-kernel driver. |
