Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2017-14075

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-11 Sep, 2017 | 17:00
Updated At-05 Aug, 2024 | 19:13
Rejected At-
Credits

This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x953824a7 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in an out-of-bounds write condition. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:11 Sep, 2017 | 17:00
Updated At:05 Aug, 2024 | 19:13
Rejected At:
▼CVE Numbering Authority (CNA)

This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x953824a7 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in an out-of-bounds write condition. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://packetstormsecurity.com/files/144045/Jungo-DriverWizard-WinDrive-OOB-Write-Privilege-Escalation.html
x_refsource_MISC
https://www.exploit-db.com/exploits/42625/
exploit
x_refsource_EXPLOIT-DB
Hyperlink: http://packetstormsecurity.com/files/144045/Jungo-DriverWizard-WinDrive-OOB-Write-Privilege-Escalation.html
Resource:
x_refsource_MISC
Hyperlink: https://www.exploit-db.com/exploits/42625/
Resource:
exploit
x_refsource_EXPLOIT-DB
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://packetstormsecurity.com/files/144045/Jungo-DriverWizard-WinDrive-OOB-Write-Privilege-Escalation.html
x_refsource_MISC
x_transferred
https://www.exploit-db.com/exploits/42625/
exploit
x_refsource_EXPLOIT-DB
x_transferred
Hyperlink: http://packetstormsecurity.com/files/144045/Jungo-DriverWizard-WinDrive-OOB-Write-Privilege-Escalation.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.exploit-db.com/exploits/42625/
Resource:
exploit
x_refsource_EXPLOIT-DB
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:11 Sep, 2017 | 17:29
Updated At:20 Apr, 2025 | 01:37

This vulnerability allows local attackers to escalate privileges on Jungo WinDriver 12.4.0 and earlier. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x953824a7 by the windrvr1240 kernel driver. The issue lies in the failure to properly validate user-supplied data which can result in an out-of-bounds write condition. An attacker can leverage this vulnerability to execute arbitrary code under the context of kernel.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.8HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.0
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
jungo
jungo
>>windriver>>Versions up to 12.5.1(inclusive)
cpe:2.3:a:jungo:windriver:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Primarynvd@nist.gov
CWE ID: CWE-787
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://packetstormsecurity.com/files/144045/Jungo-DriverWizard-WinDrive-OOB-Write-Privilege-Escalation.htmlcve@mitre.org
Exploit
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/42625/cve@mitre.org
Exploit
Third Party Advisory
VDB Entry
http://packetstormsecurity.com/files/144045/Jungo-DriverWizard-WinDrive-OOB-Write-Privilege-Escalation.htmlaf854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
VDB Entry
https://www.exploit-db.com/exploits/42625/af854a3a-2127-422b-91ae-364da2661108
Exploit
Third Party Advisory
VDB Entry
Hyperlink: http://packetstormsecurity.com/files/144045/Jungo-DriverWizard-WinDrive-OOB-Write-Privilege-Escalation.html
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
VDB Entry
Hyperlink: https://www.exploit-db.com/exploits/42625/
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
VDB Entry
Hyperlink: http://packetstormsecurity.com/files/144045/Jungo-DriverWizard-WinDrive-OOB-Write-Privilege-Escalation.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Third Party Advisory
VDB Entry
Hyperlink: https://www.exploit-db.com/exploits/42625/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Third Party Advisory
VDB Entry

Change History

0
Information is not available yet

Similar CVEs

392Records found
CVE-2019-2202
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.63%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 17:36
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-137283376

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2207
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.24%
||
7 Day CHG~0.00%
Published-13 Nov, 2019 | 17:42
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In nfa_hci_handle_admin_gate_rsp of nfa_hci_act.cc, there is a possible out of bound write due to missing bounds checks. This could lead to local escalation of privilege with system execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-124524315

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2032
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 2.02%
||
7 Day CHG~0.00%
Published-19 Apr, 2019 | 19:45
Updated-04 Aug, 2024 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In SetScanResponseData of ble_advertiser_hci_interface.cc, there is a possible out-of-bound write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android-8.0 Android-8.1 Android-9. Android ID: A-121145627.

Action-Not Available
Vendor-AndroidGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2049
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.92%
||
7 Day CHG~0.00%
Published-08 May, 2019 | 16:27
Updated-04 Aug, 2024 | 18:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In SendMediaUpdate and SendFolderUpdate of avrcp_service.cc, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-9 Android ID: A-120445479

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-14331
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.03% / 6.03%
||
7 Day CHG-0.01%
Published-15 Sep, 2020 | 18:51
Updated-04 Aug, 2024 | 12:39
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local user with access to the VGA console to crash the system, potentially escalating their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linuxlinux_kernelLinux Kernel
CWE ID-CWE-787
Out-of-bounds Write
CVE-2017-1000111
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.08%
||
7 Day CHG~0.00%
Published-04 Oct, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Linux kernel: heap out-of-bounds in AF_PACKET sockets. This new issue is analogous to previously disclosed CVE-2016-8655. In both cases, a socket option that changes socket state may race with safety checks in packet_set_ring. Previously with PACKET_VERSION. This time with PACKET_RESERVE. The solution is similar: lock the socket for the update. This issue may be exploitable, we did not investigate further. As this issue affects PF_PACKET sockets, it requires CAP_NET_RAW in the process namespace. But note that with user namespaces enabled, any process can create a namespace in which it has CAP_NET_RAW.

Action-Not Available
Vendor-n/aDebian GNU/LinuxLinux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linux_desktopenterprise_linux_server_tusenterprise_linux_workstationlinux_kernelenterprise_linuxenterprise_linux_server_eusenterprise_linux_serverdebian_linuxenterprise_linux_server_ausn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2251
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.89%
||
7 Day CHG~0.00%
Published-21 Nov, 2019 | 14:38
Updated-04 Aug, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

If a bitmap file is loaded from any un-authenticated source, there is a possibility that the bitmap can potentially cause stack buffer overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8016, APQ8096AU, APQ8098, MDM9205, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm850_firmwaresa6155p_firmwaresdm636_firmwaremsm8996au_firmwareapq8098_firmwaresdm845msm8998_firmwaresdm660apq8016_firmwaresdm630sdx24sm8250_firmwaresc8180x_firmwareqcs405sm7150_firmwaresdm710sm6150msm8996ausdm710_firmwaresm7150sa6155psdm670sxr2130qcs605_firmwaresc8180xsdm670_firmwaresm8150_firmwaresdx24_firmwaresxr2130_firmwareapq8096ausdm636qcs405_firmwaresda845_firmwaresdm630_firmwareapq8098mdm9205_firmwaresda660_firmwaremdm9205apq8016qcs605apq8096au_firmwaresm6150_firmwaresm8250msm8998sm8150sdm850sda660sxr1130_firmwarenicobar_firmwaresxr1130sdm660_firmwaresda845nicobarsdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-9755
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.32%
||
7 Day CHG~0.00%
Published-28 Dec, 2016 | 07:42
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The netfilter subsystem in the Linux kernel before 4.9 mishandles IPv6 reassembly, which allows local users to cause a denial of service (integer overflow, out-of-bounds write, and GPF) or possibly have unspecified other impact via a crafted application that makes socket, connect, and writev system calls, related to net/ipv6/netfilter/nf_conntrack_reasm.c and net/ipv6/netfilter/nf_defrag_ipv6_hooks.c.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-20636
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 20.73%
||
7 Day CHG~0.00%
Published-08 Apr, 2020 | 13:58
Updated-05 Aug, 2024 | 02:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7.

Action-Not Available
Vendor-n/aNetApp, Inc.Linux Kernel Organization, Inc
Product-h500scloud_backupfas_8700fas_8300h410sfas_baseboard_management_controller_a800h300ssolidfiresteelstore_cloud_integrated_storageh610slinux_kernelfas_baseboard_management_controller_a320fas_a400fas_baseboard_management_controller_c190fas_baseboard_management_controller_a220h615ch700sh610cn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-3612
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 26.04%
||
7 Day CHG~0.00%
Published-09 Jul, 2021 | 10:33
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

Action-Not Available
Vendor-n/aFedora ProjectRed Hat, Inc.Linux Kernel Organization, IncNetApp, Inc.Debian GNU/LinuxOracle Corporation
Product-h300eh500scloud_backupenterprise_linuxh300s_firmwareh410c_firmwarecommunications_cloud_native_core_network_exposure_functionh410sh300scommunications_cloud_native_core_policysolidfire_baseboard_management_controllerh300e_firmwaredebian_linuxlinux_kernelh500eh410s_firmwarefedorah500s_firmwareh500e_firmwareh700s_firmwarecommunications_cloud_native_core_binding_support_functionh700eh410ch700e_firmwaresolidfire_baseboard_management_controller_firmwareh700skernel
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-35103
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.55%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound write due to improper validation of number of timer values received from firmware while syncing timers in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6150p_firmwareipq4028_firmwareqca8337ar9380ipq8173_firmwarewcd9360_firmwaresdx65qcn5124qca4024_firmwarewcn3950_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresa6155qcs6125_firmwaresa415mwcn3998qca6554a_firmwarewcn3950ipq8076aqcn6024_firmwaresd_8_gen1_5g_firmwaresm6375_firmwaresd460_firmwaresm7315_firmwareqca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwarewcn3998_firmwarewcd9360ipq8070_firmwareipq8065ipq8078a_firmwareqrb5165_firmwareipq5028qca7500ipq4029_firmwareqcs6125qrb5165m_firmwaresa4155p_firmwaresa8155_firmwareipq6010sd662_firmwareipq8068qcn6132sd765gsw5100qca6436wcn6851sa6155pqca9888_firmwareqcn6122ipq8068_firmwareqca6696_firmwaresd870_firmwareqcn5154_firmwaresa8150pwsa8830_firmwareqca9992_firmwaresd865_5g_firmwarewcn3988sa8195p_firmwaresm8475qca9898qcn5022_firmwarewcn6750_firmwareipq4028ipq5018_firmwaresm6375qca9985_firmwarewcn3991ipq4018_firmwareqca8337_firmwarewcd9380_firmwareipq8072aqca7500_firmwareqca9980_firmwaresw5100pipq8076a_firmwareipq8078qca6564ausdx55m_firmwareipq8173wcn6856_firmwareqcn5164qca6574csr8811_firmwarewcd9380qcn5054_firmwareipq4019_firmwareqcn5024qca8072_firmwareqca9985qcn9012_firmwareqcn5052_firmwarewcn3980ipq6018_firmwarewsa8815wcn6850pmp8074_firmwareqcn6112qca6426_firmwareqca9984ipq6028ipq8064qcn9024pmp8074wcn3980_firmwaresdx55mipq8064_firmwarewcn6740_firmwareipq8078_firmwareqcn5054qrb5165wcn6851_firmwareipq8070qca9994qca9980qcn9024_firmwareipq8174_firmwareqca9880sd480sd870wcn6855sw5100p_firmwareipq6018sa6145pqca9886_firmwareqca6595_firmwaresa8145pqca6391_firmwaresa4150p_firmwareqca4024sd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareqcn5021_firmwaresa8155psa4155par8035_firmwareqcn5024_firmwarewcn3991_firmwarewsa8830qcn9070sa8145p_firmwarecsrb31024qcn9072qca9880_firmwareqca9992sd765g_firmwareqca6390_firmwarewcd9370qcn5152_firmwareqca6426qca6584au_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwareipq5018wcd9385_firmwaresdxr2_5g_firmwareipq8074asd662qcn5124_firmwareqcn6100_firmwareqcn6102_firmwareqcn9011_firmwaresa8155qcn5122_firmwaresdx55_firmwareqca6595auqcn6023_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nipq5010qca6564au_firmwareqca6584ausa6155p_firmwaresd778gsm6225sa515m_firmwareipq8174qca9990sdxr2_5gqcs6490qcn5052qcn6112_firmwaresa415m_firmwarewcn3988_firmwareqcn9074sa6145p_firmwaresd778g_firmwaresa8195pwsa8810_firmwaresd765_firmwareqca8081ipq8071aqcn6023ipq8071a_firmwarewcd9385qcs6490_firmwarear8035csr8811qca6390qca9898_firmwareipq4019wcd9375qcn9100_firmwareipq5010_firmwareipq8074a_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa4150pqcm6125_firmwareqca8072qcn9000sd780gqca6554asd865_5gqca6595ar9380_firmwareqcn9012sd888qcn6122_firmwareipq8065_firmwarewsa8835sd888_5gqcn5154qca8075_firmwareipq4018qca6574awcn6855_firmwareqca9889sm7325pqcn6132_firmwareqca9888qca9994_firmwarewcn6750ipq8070a_firmwareipq8076_firmwaresa515mqca6574_firmwareqca9886sm7325p_firmwareipq8076sd765qca6574a_firmwareqcn5021qcn5152sd768g_firmwareqrb5165msm7315sd460qca6391qcn6102qcn9100sdx65_firmwarecsrb31024_firmwareqcm6490_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwareqcn9011sm6225_firmwareqca6574auqca9889_firmwaresa8155p_firmwareqcn5122qcm6125wsa8810wcn6856qcn5022ipq6010_firmwaresd768gwcn6740qca6696sa6150pqca8075qcn9022_firmwareqcn6024qcn9022qca9990_firmwareipq8070aqcn6100qcn9072_firmwaresm7250psw5100_firmwareqcn9074_firmwareipq4029Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-3490
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-7.8||HIGH
EPSS-3.82% / 87.68%
||
7 Day CHG-0.33%
Published-04 Jun, 2021 | 01:40
Updated-16 Sep, 2024 | 22:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Linux kernel eBPF bitwise ops ALU32 bounds tracking

The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e ("bpf: Fix alu32 const subreg bound tracking on bitwise operations") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. The AND/OR issues were introduced by commit 3f50f132d840 ("bpf: Verifier, do explicit ALU32 bounds tracking") (5.7-rc1) and the XOR variant was introduced by 2921c90d4718 ("bpf:Fix a verifier failure with xor") ( 5.10-rc1).

Action-Not Available
Vendor-Linux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kernelLinux kernel
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-3491
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-7.8||HIGH
EPSS-0.01% / 0.72%
||
7 Day CHG~0.00%
Published-04 Jun, 2021 | 01:40
Updated-16 Sep, 2024 | 22:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Linux kernel io_uring PROVIDE_BUFFERS MAX_RW_COUNT bypass

The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading /proc/<PID>/mem. This could be used to create a heap overflow leading to arbitrary code execution in the kernel. It was addressed via commit d1f82808877b ("io_uring: truncate lengths larger than MAX_RW_COUNT on provide buffers") (v5.13-rc1) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. It was introduced in ddf0322db79c ("io_uring: add IORING_OP_PROVIDE_BUFFERS") (v5.7-rc1).

Action-Not Available
Vendor-Linux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kernelLinux kernel
CWE ID-CWE-131
Incorrect Calculation of Buffer Size
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-2000
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.89% / 74.59%
||
7 Day CHG~0.00%
Published-28 Feb, 2019 | 17:00
Updated-16 Sep, 2024 | 22:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In several functions of binder.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-120025789.

Action-Not Available
Vendor-AndroidGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-3489
Matching Score-4
Assigner-Canonical Ltd.
ShareView Details
Matching Score-4
Assigner-Canonical Ltd.
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.78%
||
7 Day CHG~0.00%
Published-04 Jun, 2021 | 01:40
Updated-16 Sep, 2024 | 20:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Linux kernel eBPF RINGBUF map oversized allocation

The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fixed via commit 4b81ccebaeee ("bpf, ringbuf: Deny reserve of buffers larger than ringbuf") (v5.13-rc4) and backported to the stable kernels in v5.12.4, v5.11.21, and v5.10.37. It was introduced via 457f44363a88 ("bpf: Implement BPF ring buffer and verifier support for it") (v5.8-rc1).

Action-Not Available
Vendor-Linux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kernelLinux kernel
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2020-11261
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.29% / 51.69%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 05:00
Updated-30 Jul, 2025 | 01:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-06-01||Apply updates per vendor instructions.

Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-pmm855auqcm2290_firmwaresd855_firmwarepmk8001_firmwarewcn6850_firmwarepmw3100pm8909_firmwaresd_636_firmwarepm8150c_firmwareqdm2302wcn3990qdm5679qpa8821sa6145pqln5030sd675_firmwareqca6430qpa8842qca9379_firmwareqpa5580_firmwaresmb1380_firmwareqpa8673pm8996_firmwarepm640aqpa8686wcd9340_firmwaresd720gcsrb31024qpm4650_firmwarepm8350b_firmwareqet6110_firmwareqpa8803_firmwarepmx50_firmwareqca6574au_firmwarepmi8952qca6696sd_636sm4125_firmwaresmb1395_firmwaresdr8150_firmwaresmb2351qpm4641apq8009_firmwarepm4125_firmwarecsrb31024_firmwareqcm4290qfs2530_firmwaresa515msmb1381_firmwarepmi8996qtc800tqtm527sdr845pm670l_firmwareqpa6560sm6250_firmwarepm8005_firmwareqdm2301_firmwareqfe4303wtr3905wcn6856_firmwaresd205pm8150qfe4303_firmwarepmk8350qat5522_firmwareqln1030_firmwaresd675qpa8821_firmwaresd662_firmwareqdm5579_firmwareqfe4302qat5533_firmwareqpa8675_firmwarepm6150l_firmwaresmb1396_firmwareqpm8895wcn3910_firmwaresd439_firmwareqca6574auwcn3610_firmwarepm855b_firmwarepmr735asdr735sdr660_firmwareqln1036aq_firmwareaqt1000_firmwaresmb1380sd670_firmwarepmx55pm8009smb1355qca6420_firmwarepm6150aqpm6582qpm6585_firmwaresd_675_firmwarewcd9326sdx50m_firmwaresda429w_firmwaresd205_firmwareqca6431_firmwareqca6421_firmwaresd_455qsw6310apq8096au_firmwaresd820qsm7250_firmwaresdr425qca6564awcn3998sdr735g_firmwareqpm5677qpm5870_firmwareqca4020_firmwaresmr525pm8350bhs_firmwareqat3522wcn3980sm4350qpa5373sd865_5g_firmwaresmb1394_firmwareqln5020_firmwareqpm5875_firmwaresmb1360_firmwarewcn3988pm7250_firmwarepmc1000h_firmwaresd765g_firmwarewcn3660bqtc410sqca6574a_firmwareqpm4630_firmwareapq8017_firmwarewcd9375_firmwaremsm8917_firmwarepmk7350_firmwarepmr525qdm5670_firmwarepm8150bqca6420pme605qat5568_firmwarepmk8350_firmwarepm7150l_firmwareqpa4360_firmwarewcn3998_firmwareqdm4643_firmwarepmw3100_firmwaresd888_5gmdm9650_firmwareqat5522qcs2290_firmwareqca9377sd450_firmwarepm8150_firmwarepmi8994pm6125_firmwareqdm5621sdw2500_firmwaremsm8996au_firmwarepm660l_firmwarecsra6640_firmwareqca6310_firmwareqfe2520qsw8574_firmwarepm8998sdm830_firmwareqpa4340qdm5671_firmwarepmk8003qtc801s_firmwaresa515m_firmwarewgr7640_firmwarepm6150_firmwarepm6250sdm830pmi8996_firmwarepm8998_firmwarepm855qpm5621_firmwaresmb1390_firmwaresdx55qet4101sd210_firmwareqtc410s_firmwareqfe4373fc_firmwaresmb1354wcn6856qpm6325_firmwaresd460_firmwarepm8350c_firmwareqcs610_firmwarewtr4905wcn3610qet5100mwcd9341qfe2550_firmwareqdm2310_firmwarewcn6750_firmwaresd632_firmwareqln1020qcm6125qpa5373_firmwarepmi632_firmwareqfe4305_firmwaresmb1351_firmwaresd_675qdm5652pmx24wcd9385qfs2608_firmwareqca6564aumsm8909wsd888_5g_firmwaresdm429w_firmwarefsm10055wcd9371qpm6325qca6564au_firmwarear8031wtr5975qpm6670qpm5679_firmwareqpm4641_firmwarepm8909qcs605wcn6851sd855qcs6125sa6155pwtr2955sdr425_firmwareqcs2290qcs4290_firmwarepme605_firmwarewtr2965wcn3980_firmwaresm7350sd690_5gwcd9335qpa5461sd820_firmwareapq8037_firmwaresd845qca6310wtr3925qpm8895_firmwarecsra6620_firmwarepm3003awcd9380qpm8830_firmwareqln4642qcs405sdr735gar8031_firmwarepm8940qln5020rgr7640ausdxr1wtr2965_firmwareqat3522_firmwaresd665_firmwaremdm9650sdr660gwcn3615_firmwaresd662msm8917qfs2580pmi8937_firmwareqpm5679qcm4290_firmwareqdm5670qpm5657sdx55mpmk8003_firmwareqdm5677qpm5641_firmwareqtm525_firmwareqpm5579_firmwareqpm5677_firmwareqpm5657_firmwarepm660lsd710qpa2625_firmwarepm8008pm670asd750g_firmwarewcn3991_firmwareqat3550_firmwaresd865_5gsdx55m_firmwareqcs410sa6155_firmwarersw8577sd765wsa8830qpm5577_firmwarepmm6155au_firmwaresd632pmi8994_firmwaresa415mqln4640_firmwaresd429msm8920pmm8155au_firmwareqpm5658_firmwareqca4020qln5040qca6174asa8155_firmwarewsa8835pm456qpm5577pm7250b_firmwarewcn6740_firmwarepmr735b_firmwareqdm2305qpm4630qat3555fsm10056_firmwareqpa8801msm8996ausd665qat5516_firmwarepmm8996ausa8155pmr525_firmwaresm6250qfs2630_firmwarear8035_firmwaresm7350_firmwareqca8337_firmwareqcm2290pm640l_firmwaresdm630_firmwaremsm8920_firmwaresdr660sd670qcm6125_firmwarepm8350_firmwaresdw2500fsm10056qfs2580_firmwareqca6574asmr525_firmwareqdm5579sdx24_firmwaresd845_firmwaresd_8c_firmwarewcd9335_firmwaresd450qpm2630wcn3660_firmwaresmb1395aqt1000pmi632pm7150lsdx20pm670lsd768g_firmwarewtr4905_firmwaremsm8953_firmwareqdm3301qca9377_firmwareqfe2520_firmwarepm6250_firmwareqdm3302_firmwareqfe4309qfe2101pm456_firmwarewtr3950pm855l_firmwarepm8250qet4101_firmwarewcd9370pmi8937pmm8996au_firmwareqdm4650sa415m_firmwarequalcomm215_firmwarear8035qln5030_firmwarewcn3680qcs603_firmwareqfe4373fcpmd9655_firmwareqpm4621_firmwarewcn3620pm6150lwcn3660b_firmwaresd720g_firmwareqtm527_firmwarewcd9385_firmwarepm660_firmwaresd710_firmwareqdm3302pm7150apmx24_firmwareqca6174a_firmwareapq8009wqet5100qpm8820_firmwareqat5568rgr7640au_firmwarewcn3620_firmwareqca6320_firmwareqln4640qpa4340_firmwaresdr052_firmwaresdw3100_firmwaresmb1394qca6436qbt2000sdr675sa6145p_firmwarepm640lqtm525pm8009_firmwarepm8350cpm855lqfe4301_firmwarewcn3990_firmwareqet6100_firmwaresmb231_firmwareqet6110pm3003a_firmwarepmr735bqpm6670_firmwareqtc800hsm7250pqpm5620_firmwaresdx24qpm6621_firmwaremsm8953qat3519_firmwaresd750gsdx55_firmwaresm4350_firmwareqdm5650qat3555_firmwareqsw8573_firmwareqpm4621sd821_firmwarewsa8810sd_8cqca6391qca6436_firmwareqfe2550wcn6750wcd9340sdr8250pm8350bh_firmwareqpm5670_firmwarepm8350qdm5620qpa2625sdr051_firmwareapq8064au_firmwareqbt2000_firmwaresd730sm7250p_firmwarewtr3905_firmwarepm8350bhsqpm5658qca6320sd730_firmwareqca6426_firmwaresmb1350_firmwarepm670_firmwaresdxr2_5g_firmwareqcs410_firmwareqat5515_firmwareqet5100m_firmwarepmx20smb1358pm640a_firmwarear8151_firmwareqpa8686_firmwareqdm5679_firmwaresmb1357_firmwarepm8150l_firmwarepm855pqfe4301sd765gpm8150a_firmwarepm6350sm6250p_firmwareqfe4320_firmwareqpm6582_firmwaresmb1390qca6584au_firmwarepm439_firmwareqpm4640_firmwarecsra6640qca6574qpm6621pm6150a_firmwaresdx20m_firmwareqca9379qsm7250qca6564a_firmwareqcc1110qat3519sdr735_firmwarepmi8952_firmwarepmd9655pm8004wsa8835_firmwarepm8150b_firmwarewgr7640qln1031_firmwaresdr865_firmwareapq8096aupm670a_firmwaresmb1398_firmwarepmk7350wcn6850qca6430_firmwareqdm5650_firmwarewcd9341_firmwarewcn3950qca6421qpa8842_firmwarepm8953qpm5541pm855bsd_8cxqpa8673_firmwareapq8017fsm10055_firmwareqpm5620qln1020_firmwareqca6390qat5515smb1381qpm5870wcd9380_firmwareqfe4309_firmwareqcs610qdm3301_firmwarewtr6955pmk8002_firmwareqat5516apq8064aupm8150lpmm6155aupm8350bhqcc1110_firmwareqpa5581qualcomm215wsa8810_firmwareqpm5621sdw3100sdr052pmx20_firmwarepm855a_firmwaresdr865qpa5580pm8937_firmwaresmb1358_firmwareapq8053_firmwareqtc801ssdxr1_firmwarewcn6851_firmwareqpa8675qdm5677_firmwareqln4650_firmwarepmx55_firmwaresdx50mwcn6740qdm4650_firmwareqfe4308qbt1000qdm4643pm855aqpa8802_firmwareqca6574_firmwareqdm5620_firmwaresd210smb1398qfs2608qca6584auqpa5581_firmwareqtc800s_firmwareqsw8574qpm4650qat3514_firmwarepmr735a_firmwareqln1036aqwsa8815_firmwareqpm5579sd_8cx_firmwarepmc1000hqet5100_firmwarewcn3988_firmwarepmk8002wtr6955_firmwareqdm5671wcn3999_firmwarepm8250_firmwarepm215qat3550csra6620qcs605_firmwaresd765_firmwareqpm6375qpm2630_firmwaresd429_firmwarepm660qpa5461_firmwareqtc800h_firmwareqca6595auqcs6125_firmwarewcd9371_firmwaresdr845_firmwareapq8053sd660_firmwarewtr2955_firmwareqdm2308_firmwarewsa8830_firmwareqln1021aqwsa8815msm8937_firmwareqdm2307_firmwareqet4100_firmwareqet6100qfe2101_firmwaresmb1357pm8940_firmwarepmm8155auapq8009w_firmwareqfe3340smb1350qfe4305qca6391_firmwareqpm5641smb2351_firmwareqbt1500_firmwareqfe4320pmi8998sda429wpm6350_firmwareqsw6310_firmwareqca6564_firmwareqca6390_firmwarepm4125qat3514pm670qfs2530qpa5460qsm8250_firmwarewcn3910pm8937qcs603pm7250wcn3999sd835_firmwareqca6696_firmwareqdm5652_firmwareqat3516_firmwareqpa6560_firmwareqpm6375_firmwaresm6250pmsm8940sdxr2_5gsmb1354_firmwareqln4650qca6595au_firmwarepm855_firmwaresdr051qca6426sm4125qpa4361wcn3950_firmwarepm8916_firmwarewtr5975_firmwaresd439qln1021aq_firmwareqpa4360qpm8820pm660a_firmwarepm8008_firmwaresd_455_firmwarersw8577_firmwareqpa4361_firmwareqtc800spm660asmb1396wcn3680b_firmwareqpa5460_firmwareqln1031wcd9370_firmwareqdm2305_firmwareqpa8802qca6335sd460apq8009sa6155qln1030pmk8001qat3516smb1351sa6155p_firmwarepm7350csd768gsmr526qat3518_firmwarear8151qpm6585qbt1000_firmwareqpm8870pm8150cqdm2302_firmwareqpm8870_firmwarepmm855au_firmwarewtr3950_firmwarewtr3925_firmwarepm439pm8996pm8953_firmwareqpm8830qpa8803wcd9375qca8337msm8940_firmwaresd690_5g_firmwareqdm2308pm6150pmi8998_firmwareqca6335_firmwareqln4642_firmwaresd821wcn3615pm8004_firmwarepm855p_firmwareqln5040_firmwareqdm5621_firmwareqdm2310qfe3340_firmwareqfs2630smb1355_firmwareqcs405_firmwareqsw8573qat3518pm6125smb231msm8937qat5533sdr8150wcn3660pm8150asdr660g_firmwarepm8005qtc800t_firmwarewcn3680bwcn3991qpm5541_firmwaresdx20_firmwaresa8155pqdm2307qsm8250pmx50sdm429wqfe4308_firmwarepm7150a_firmwarepm7350c_firmwareqca6564pm7250bpm8350bpm640pqfe4302_firmwarewcd9326_firmwareqpm5670sa8155p_firmwaresmr526_firmwaresd835pm8916qpm5875sdm630msm8909w_firmwaresdr675_firmwareqpa8801_firmwarewcn3680_firmwareqet4100pm215_firmwareqdm2301qbt1500pm640p_firmwaresdr8250_firmwaresd660smb1360qpm4640qcs4290qca6431sdx20mapq8037Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon WearablesSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-11204
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.46%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible memory corruption and information leakage in sub-system due to lack of check for validity and boundary compliance for parameters that are read from shared MSG RAM in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqpm5679_firmwarepmd9607_firmwareqfs2530qpm8870_firmwareqln1030pm6125mdm9645wcn3950_firmwarepm8150aqdm5670qpm5541_firmwareqpa5581_firmwareqpa8821qcs6125_firmwarepm456_firmwaremsm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950mdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwareqsm8350_firmwareqsm8350smb2351_firmwarepm855pwtr4605_firmwarepm6150aqca9367_firmwareipq8072_firmwaresa8155_firmwareqca4004_firmwareqat3522qfe4455fcpmr735asdm830_firmwaresd765gsdr660qfe1045_firmwareqfe3345qfs2630_firmwaresdr865mdm9250_firmwareqdm5620_firmwaresmr545qca6696_firmwareqln5020pmm855au_firmwaresa8150pqfe3340sd660sd712pm640p_firmwareqcn5121wcn6750_firmwarepm6150lsd450sd8885gpm855l_firmwareqca6428_firmwareqtc410sqfe3335_firmwareqpa8801ipq8078qat5533_firmwareipq8173sdx55m_firmwareqpa8673_firmwaresd670_firmwaresd632_firmwareqfs2630pmm8996auqpm5579_firmwaresmb1380_firmwareqfe4309_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresmb1381pm7250wtr4905sdx24_firmwareqcn9012_firmwaresd439_firmwareqdm2301qfe2101_firmwareqdm5621_firmwareqpm6375msm8937_firmwareipq6028pmp8074qca1990wcn3980_firmwaresd730qfe3320_firmwarepm8008pm8350b_firmwarepme605_firmwarewtr1605l_firmwarepme605apq8064au_firmwareipq8078_firmwareqcn5054qln1021aq_firmwareqcs603qln4640_firmwareqpm6582qcn9024_firmwareqfe4303qcs610_firmwareapq8084_firmwarepm215ar8031wtr2965qca6391_firmwarepmx20_firmwareqca4024pmi8937_firmwareqat3516_firmwareapq8053qcn5021_firmwarewcn3660qca9379pm855bsmb2351qsm8250_firmwaremdm9150_firmwareqpa5581qfe1040_firmwarecsrb31024mdm9628_firmwaremdm9650fsm10055_firmwareqbt1500_firmwareqpm5870_firmwarepmk8001qcs4290qet6100smb1394_firmwareapq8009_firmwaremsm8916_firmwaresd675_firmwareipq8072qca6426qca9984_firmwareqca9377qpm5641qpa5373_firmwarewtr2955rgr7640au_firmwarepm7250_firmwareqdm5620ipq8074aqcn5122_firmwareqat5533qcn6023_firmwaresm7250p_firmwarewcn3610_firmwareqsm7250_firmwaremdm9207qpm6670pm7150l_firmwareqca6584aupm855pm8250qcn5052mdm9607_firmwaremdm9655_firmwareqfs2530_firmwaresa415m_firmwareqat3519_firmwareqpm5677qat5515qcs4290_firmwareqtc800h_firmwarepmk7350_firmwareqpm5620sd750g_firmwareaqt1000sm6250_firmwarepmm8195auqln4642ipq5010_firmwareipq8074a_firmwarewsa8815_firmwarepmi8937smr525_firmwareqpm8820_firmwareqfe4301_firmwareapq8017qpm6621_firmwarewtr2955_firmwareqbt1000_firmwarepm8019qca6595smb1398_firmwarepm8150cpmr735bsd665_firmwareqcn5154qpm5577_firmwareqdm5679_firmwareqca6310_firmwarepm6150l_firmwareqca6574_firmwaresd665pm6150a_firmwarepmd9607sd8c_firmwarewtr2965_firmwarecsrb31024_firmwareqfs2608qcn9070_firmwareqln1036aqipq6028_firmwareipq8072a_firmwarepmi8940_firmwaresc8180x_firmwareqca9889_firmwaresd710mdm9607mdm9645_firmwareqln1035bd_firmwaresdx20m_firmwarepmw3100qca6564_firmwarewcn6740smb1350_firmwarepmk8002apq8096au_firmwareqcn9022sdm830smb1357qpa5580qpm5579fsm10055qfe2550qcn5550qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareipq8078asa8150p_firmwaresdr8250_firmwareqcn5064csra6620_firmwareqln1020csra6640_firmwarepmc1000hqat3518smr526_firmwareipq8076apm640a_firmwarewgr7640_firmwareqca4020qca6428qdm5652qcn5164_firmwareipq8071sa6155_firmwarewcd9360sdx20mqca6438_firmwareqpa8675_firmwareqpa5460_firmwarewcn3999pm8940_firmwareqsm7250pm8996apq8016_firmwareipq6010sd662_firmwareqdm2308_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwarepmc7180wcn3660_firmwarepmi8952mdm9655qca6431qfe4320_firmwarewcn3910_firmwaresd855_firmwareqdm5650qfe2080fcsdr052sa8195p_firmwaresmb1390msm8208_firmwaremsm8608qpa8686_firmwarewcd9380_firmwarepm8350bhs_firmwarewgr7640qat5568qpa8801_firmwareqdm5671_firmwaresd636qtm527_firmwarepm8005_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwarepm8996_firmwarear8151smr526qca8072_firmwareqca6430_firmwarepmk8003qtc801s_firmwarewcn3980qat3522_firmwareqsw8573qcs605qbt1000sd7cwcn3910smb1394qca6426_firmwarepm8350_firmwarepm8009qfe4373fcmsm8953qat3518_firmwarepmi8998qfe2520sd821_firmwarear8031_firmwarepm855lqfe4302pm8150b_firmwaresmr545_firmwareqca6694au_firmwarepm670sd210_firmwarepm8005qdm2302sdxr1apq8096auqcs405_firmwarepmi8996_firmwareqln4650_firmwareqet5100msd439qat3516qpm5658ar8035_firmwareqcm2290qpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwareqfe4465fcqcn9070fsm10056pmi632pm8350bh_firmwarepmr735b_firmwaresmb1360_firmwarepm670l_firmwaresdr660gqfe2340sd455sd730_firmwarewcd9370sdr425qcn9000_firmwareipq5018ar8151_firmwareqpm5541qat5516qfe4308qcn5124_firmwarepm8350bhapq8037qca6320_firmwarewcn3680b_firmwareqca6595auipq5010qdm2305sa6155p_firmwareqca6310pm8937qpm2630smb1398sa6145p_firmwaresdr675ipq8071aipq8071a_firmwarewcd9385qat3550_firmwareqln5040_firmwarepm4125_firmwarear8035pm8019_firmwareapq8064auqca6694_firmwareqdm2310qfe2550_firmwareqcn9100_firmwareqln5030_firmwaresda429wwcn3620_firmwaresd820smb1396_firmwarewcn3620smr546pmx24qln5040qca8072qpm8895sdr845qtm527qfe3440fc_firmwarepmk8350qdm3302_firmwarepmc7180_firmwaremsm8996auqfe1035qpm5657_firmwarepmi8940sm6250pqln1035bdpm855asdr660_firmwarepm8909_firmwareqca6574aqfe4303_firmwareqpm4640qet5100m_firmwareipq8076_firmwaremdm9205qpm4650sa515msd8cxqfe4305ipq8076sdr865_firmwareqfe4465fc_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwarepm215_firmwaremsm8920pm660asdx50mpm640apm8916pmd9655auqdm4650ipq8074_firmwareqca6574ausa8155p_firmwaresd205_firmwareqsw6310qcm6125qpm2630_firmwaresmb231_firmwareqdm2308qat3550wcn6856sd835_firmwareqtc800s_firmwaresa6150pqcn9022_firmwareqpa8688_firmwareapq8037_firmwareipq8070apmm8195au_firmwareqcn9072_firmwaresm7250psd720g_firmwareqpm4621_firmwaresd850qln4640sd636_firmwareqfs2580mdm9640_firmwaresm6250p_firmwareqfe4455fc_firmwareqca8337qdm5579ipq8173_firmwareqfs2608_firmwareqpa8688qcn5124qat5522_firmwareqca6595au_firmwaresa6155pm7150lpm8998_firmwarewtr5975_firmwareqpa5580_firmwareqcn6024_firmwaresd720gsm4125wtr1605qfe4320qcc112qsw8574_firmwaresd460_firmwarepm8953_firmwaresd6905gqpa4360_firmwareqca8081_firmwareqfe2520_firmwarewcn3998_firmwareqca6420apq8053_firmwareqpm6670_firmwareipq8070_firmwareipq8078a_firmwaremdm8207pm660_firmwarepm8150bqfe2101qca6430wcd9306_firmwarewcd9340msm8209_firmwaresmb1358qca9888_firmwarewcd9371smb1350qcn5154_firmwaresm4350_firmwarewtr3950pm6350qdm5621qtc800sqca4004qat3514_firmwaresd660_firmwareqcn5022_firmwareqat5516_firmwarewcn3991sdm429wpm8150l_firmwaresdxr25gpm6150smb1354_firmwareqca6574qpa8842csr8811_firmwaresdr052_firmwarewcd9380qualcomm215qcs410qfe3100_firmwareqca9379_firmwareqpa8803sdxr25g_firmwarepmd9645ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm2301_firmwaresd835pm660l_firmwarepm6250_firmwarewcn6740_firmwareqtm525_firmwareqcn5064_firmwareqpm5621_firmwareqca6234rsw8577qpa6560_firmwareqpa8802_firmwareqfe4308_firmwareqpm5621sd670ipq8174_firmwarepm8009_firmwareqfs2580_firmwareqcm4290_firmwarepm8150lpmi8998_firmwaresa6145ppm660a_firmwaresdr105pm4250qpm5577mdm8207_firmwaresdm630_firmwaremdm9205_firmwaresd820_firmwarepm8150wcd9370_firmwaresdx55csra6640pm8350bhsqat3555_firmwarepmi8994qpa8803_firmwareqca6234_firmwareqln1031qpm5870pm8909qfe1040wsa8830pm660qet6110_firmwareqdm5579_firmwareqpm6325pm6125_firmwareqbt1500qfe2340_firmwarepmx24_firmwarepmm855aumdm9250qca6420_firmwaresmb1396pm7150apm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwarewcn3990_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewhs9410wcn3615_firmwaresdr845_firmwareqln1021aqsmb1380pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqdm4650_firmwaresdx55_firmwarepmm6155au_firmwarewcn3615pm8940wcd9306msm8208qpm4641qat5515_firmwareipq8174qpm8830_firmwaresd429qca9367qfe2082fc_firmwaresdm630qdm4643wcn3988_firmwarepmx55qpm4641_firmwareqcn9074sd205sd429_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwaresa8195psdr735_firmwarepm8953qca6694qat3514wcd9326wcd9335pm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwarepm439qpm4630qca6390wcd9375msm8917_firmwareqpm5677_firmwaresdx20_firmwarewtr3925_firmwarepm8998pmk7350msm8916qcc112_firmwareqln1020_firmwarepm670a_firmwareqcm6125_firmwarepmx55_firmwareqfe4373fc_firmwarepm8150_firmwareqpm8830pmm8996au_firmwareqat5522qpa4360pmk8003_firmwareqca8075_firmwaresc8180xqpa4361ipq6005_firmwaremdm9206qpm4640_firmwarepm8350csmr525qca9888qfe4305_firmwareipq8070a_firmwarepmr525pm8150a_firmwarewtr3950_firmwareqln1036aq_firmwarepm6150_firmwareqca6175asd765pmx20qca6574a_firmwareqpm4630_firmwareqat3555sd850_firmwareapq8009qpa5461qfe2082fcpm670_firmwareqtc801sqpm5641_firmwareqfe3320qcn5122pm8008_firmwareqpm6621pmr735a_firmwarepmx50qfe3345_firmwareqcn5022sdr8250sd768gqln1030_firmwarepmw3100_firmwarepm8004pm640lmsm8940qca8075qcn6024sd845sd455_firmwareipq6000_firmwarepmd9655au_firmwareqcs410_firmwareqca6175a_firmwaresa6150p_firmwareqcs610pmi8996qpm5620_firmwareqfe1045qca4024_firmwarepm855a_firmwareqtc800hqcs2290qca6335msm8917qcs605_firmwaresmr546_firmwarewtr3905qdm5671qpm4650_firmwaresd8csd632sdr425_firmwaremdm9628qpa5460qdm2305_firmwareqpm5670_firmwaresd710_firmwareqca6574au_firmwareqpm8870wcd9375_firmwareqpm5679qbt2000pmx50_firmwarewhs9410_firmwaresdr735gqdm3301_firmwareqcs6125smb1360qcs405qca1990_firmwarequalcomm215_firmwareqfe3440fcrsw8577_firmwarefsm10056_firmwarepm439_firmwareqpa6560msm8937sdr675_firmwarewcd9341sm7350_firmwareqdm4643_firmwarepm8937_firmwareqet4100_firmwaresd750gqdm3302qpm5657wtr1605_firmwaremdm9207_firmwareqpm5875_firmwarewsa8830_firmwarewcn3988qca6438wtr3925qet4100wcn3610mdm9640ipq5018_firmwareqpm6585qca8337_firmwaresda429w_firmwaresmb1355ipq8072aqln4650qtc800t_firmwaremsm8996au_firmwaresdr735g_firmwarewcd9330ipq8076a_firmwareqet5100qca6564auwcn6856_firmwareqcn5164msm8940_firmwareqet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwaresmb1355_firmwareqcn5054_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lwtr5975wcd9335_firmwareqcn5052_firmwarepm7350c_firmwareqca6335_firmwareqca6320mdm9650_firmwarewcn3660b_firmwarewcn3680qca9984qfe4309qcn9024qpa8675qcn5550_firmwaresdr051_firmwaresdx55mwcd9330_firmwarepm670aqca6421_firmwarewtr3905_firmwareqsw8574sd6905g_firmwarewcn3680_firmwarewcn6851_firmwareqdm5670_firmwareipq8070sd8655gpm7150a_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwaresdr105_firmwarepmd9645_firmwareqcn5121_firmwaresd8885g_firmwarewtr1605lqdm5677qsm8250ipq6018pm855_firmwarepmm6155aupm855b_firmwareqca6595_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqpm5875sa8155psd675wtr4605qet4101pm670lpmm8155au_firmwaresdr051qln5030qcs2290_firmwarepm4125qpa2625_firmwarepm456sd7c_firmwareqfe2081fc_firmwarecsra6620qet5100_firmwareqpa5373qpm4621qcn9072qet6100_firmwaresd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwareipq6000qcn5152_firmwarepmr525_firmwareqca6584au_firmwareqfe3340_firmwarepmi632_firmwaresmb358_firmwaresd662qpa8821_firmwaresdr660g_firmwarepm3003awcn3999_firmwareqca6436_firmwareqtc800tsm7350smb1354qca6564au_firmwareqpm8820qfe2081fcqln5020_firmwaresa515m_firmwareapq8084sd821sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231sd765_firmwareqdm5677_firmwareqca8081qet4200aqqca6174a_firmwareqpm6325_firmwareqdm2302_firmwarepmm8155aucsr8811qpa8673msm8953_firmwareqca6694ausd210qfe4302_firmwarewcn6850_firmwarewsa8835_firmwaresmb358qca6564aqet6110pmi8952_firmwareqcm2290_firmwareqpm5670wcn3990qcn9000sdx24qcn9012pmi8994_firmwarepm8350bqdm2307_firmwarewsa8835sdm429w_firmwarergr7640aupm8916_firmwareqca9889qca6174asmb1390_firmwareipq8074wcn6750pm7350cqtm525wtr6955qfe3335sd855sm4125_firmwarewtr6955_firmwarepm640pqcn5021qcn5152sd768g_firmwaremsm8209smb1351smb1357_firmwaresd8cx_firmwareipq6005aqt1000_firmwareqcn9100qpm8895_firmwareqpa4340qfe1035_firmwareqcm4290sdr8150sdx20msm8920_firmwaresmb1395_firmwarepmd9655sd8655g_firmwarewcd9341_firmwarewsa8810qtc410s_firmwareqat5568_firmwarewtr4905_firmwaremdm9150qdm5679wcn3680bipq6010_firmwarepm3003a_firmwareqca6696qfe4301sm4350apq8016msm8608_firmwaresd845_firmwaresmb1381_firmwareqpa2625ipq8071_firmwareqcn9074_firmwarepm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2020-11205
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.46%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Possible integer overflow to heap overflow while processing command due to lack of check of packet length received' in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile in QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155P, SA8195P, SDX55M, SM8250, SM8350, SM8350P, SXR2130, SXR2130P

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6145psm8350p_firmwaresa6155p_firmwaresm8350psxr2130p_firmwaresa6150p_firmwaresxr2130_firmwaresxr2130psm8350_firmwaresdx55m_firmwaresm8250_firmwaresa8150psa6150pqsm8350_firmwaresa8155psm8250sa6145p_firmwaresa8155p_firmwareqsm8350sa8195psa8150p_firmwaresa8195p_firmwaresa6155sm8350sa6155_firmwaresa6155psdx55msxr2130Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-17603
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.22% / 44.60%
||
7 Day CHG~0.00%
Published-02 Jun, 2020 | 14:47
Updated-05 Aug, 2024 | 01:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Ene.sys in Asus Aura Sync through 1.07.71 does not properly validate input to IOCTL 0x80102044, 0x80102050, and 0x80102054, which allows local users to cause a denial of service (system crash) or gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption.

Action-Not Available
Vendor-n/aASUS (ASUSTeK Computer Inc.)
Product-aura_syncn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0792
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-8.8||HIGH
EPSS-0.43% / 61.81%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 21:23
Updated-04 Aug, 2024 | 06:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0715, CVE-2020-0745.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_10Windows 10 Version 1903 for x64-based SystemsWindows 10 Version 1903 for ARM64-based SystemsWindows 10 Version 1909 for ARM64-based SystemsWindows Server, version 1909 (Server Core installation)Windows 10 Version 1903 for 32-bit SystemsWindows Server, version 1903 (Server Core installation)Windows 10 Version 1909 for 32-bit SystemsWindows 10 Version 1909 for x64-based Systems
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0986
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-19.30% / 95.14%
||
7 Day CHG~0.00%
Published-09 Jun, 2020 | 19:43
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_8.1windows_server_1909windows_rt_8.1windows_server_2012windows_server_1803windows_server_2019windows_10_1709windows_10_1607windows_server_2016windows_10_1803windows_10_1909windows_10_1507windows_server_1903windows_10_1809windows_10_1903windows_10_2004windows_server_2004Windows 10 Version 1903 for x64-based SystemsWindows Server, version 1909 (Server Core installation)Windows 10 Version 2004 for 32-bit SystemsWindows Server, version 1903 (Server Core installation)Windows 10 Version 1909 for ARM64-based SystemsWindows 10 Version 1903 for 32-bit SystemsWindows 10 Version 1903 for ARM64-based SystemsWindowsWindows Server, version 2004 (Server Core installation)Windows 10 Version 1909 for x64-based SystemsWindows ServerWindows 10 Version 2004 for x64-based SystemsWindows 10 Version 1909 for 32-bit SystemsWindows 10 Version 2004 for ARM64-based SystemsWindows
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-1054
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-77.00% / 98.92%
||
7 Day CHG~0.00%
Published-21 May, 2020 | 22:52
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1143.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_8.1windows_server_2008windows_server_1909windows_rt_8.1windows_server_2012windows_server_1803windows_server_2019windows_10_1709windows_7windows_10_1607windows_server_2016windows_10_1803windows_10_1909windows_10_1507windows_server_1903windows_10_1809windows_10_1903Windows 10 Version 1903 for x64-based SystemsWindows Server, version 1909 (Server Core installation)Windows Server, version 1903 (Server Core installation)Windows 10 Version 1909 for ARM64-based SystemsWindows 10 Version 1903 for 32-bit SystemsWindows 10 Version 1903 for ARM64-based SystemsWindowsWindows 10 Version 1909 for x64-based SystemsWindows ServerWindows 10 Version 1909 for 32-bit SystemsWin32k
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-6318
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-3.52% / 87.18%
||
7 Day CHG~0.00%
Published-07 Sep, 2016 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack-based buffer overflow in the FascistGecosUser function in lib/fascist.c in cracklib allows local users to cause a denial of service (application crash) or gain privileges via a long GECOS field, involving longbuffer.

Action-Not Available
Vendor-cracklib_projectn/aDebian GNU/LinuxopenSUSE
Product-debian_linuxleapcracklibn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-1027
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-15.01% / 94.30%
||
7 Day CHG~0.00%
Published-15 Apr, 2020 | 15:13
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-06-13||Apply updates per vendor instructions.

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0913, CVE-2020-1000, CVE-2020-1003.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2016windows_server_2008windows_7windows_8.1windows_rt_8.1windows_10windows_server_2012windows_server_2019Windows 10 Version 1903 for x64-based SystemsWindows Server, version 1909 (Server Core installation)Windows Server, version 1903 (Server Core installation)Windows 10 Version 1909 for ARM64-based SystemsWindows 10 Version 1903 for 32-bit SystemsWindows 10 Version 1903 for ARM64-based SystemsWindowsWindows 10 Version 1909 for x64-based SystemsWindows ServerWindows 10 Version 1909 for 32-bit SystemsWindows
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0010
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 7.81%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 19:53
Updated-04 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In fpc_ta_get_build_info of fpc_ta_kpi.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-137014293References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0434
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.92%
||
7 Day CHG~0.00%
Published-17 Sep, 2020 | 18:46
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Pixel's use of the Catpipe library, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150730508

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0465
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.8||MEDIUM
EPSS-0.03% / 6.52%
||
7 Day CHG~0.00%
Published-14 Dec, 2020 | 21:51
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In various methods of hid-multitouch.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-162844689References: Upstream kernel

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0241
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.32%
||
7 Day CHG~0.00%
Published-11 Aug, 2020 | 19:27
Updated-04 Aug, 2024 | 05:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In NuPlayerStreamListener of NuPlayerStreamListener.cpp, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-151456667

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-415
Double Free
CVE-2019-9729
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-2.42% / 84.51%
||
7 Day CHG~0.00%
Published-12 Mar, 2019 | 22:00
Updated-04 Aug, 2024 | 22:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Shanda MapleStory Online V160, the SdoKeyCrypt.sys driver allows privilege escalation to NT AUTHORITY\SYSTEM because of not validating the IOCtl 0x8000c01c input value, leading to an integer signedness error and a heap-based buffer underflow.

Action-Not Available
Vendor-shandan/a
Product-maplestory_onlinen/a
CWE ID-CWE-129
Improper Validation of Array Index
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0026
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.04% / 9.57%
||
7 Day CHG~0.00%
Published-13 Feb, 2020 | 14:22
Updated-04 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Parcel::continueWrite of Parcel.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-140419401

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0005
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 9.92%
||
7 Day CHG~0.00%
Published-13 Feb, 2020 | 14:22
Updated-04 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In btm_read_remote_ext_features_complete of btm_acl.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-141552859

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-1897
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.12% / 31.24%
||
7 Day CHG~0.00%
Published-30 Nov, 2018 | 15:00
Updated-16 Sep, 2024 | 22:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5., and 11.1 db2pdcfg is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 152462.

Action-Not Available
Vendor-IBM CorporationLinux Kernel Organization, IncMicrosoft Corporation
Product-windowsdb2linux_kernelDB2 for Linux, UNIX and Windows
CWE ID-CWE-787
Out-of-bounds Write
CVE-2016-5342
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.61% / 68.93%
||
7 Day CHG~0.00%
Published-30 Aug, 2016 | 17:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the wcnss_wlan_write function in drivers/net/wireless/wcnss/wcnss_wlan.c in the wcnss_wlan device driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service or possibly have unspecified other impact by writing to /dev/wcnss_wlan with an unexpected amount of data.

Action-Not Available
Vendor-n/aGoogle LLCLinux Kernel Organization, Inc
Product-linux_kernelandroidn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0081
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.05% / 13.66%
||
7 Day CHG~0.00%
Published-17 Apr, 2020 | 18:19
Updated-04 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In finalize of AssetManager.java, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-144028297

Action-Not Available
Vendor-n/aGoogle LLCFedora Project
Product-androidfedoraAndroid
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-415
Double Free
CVE-2020-0069
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-1.08% / 76.99%
||
7 Day CHG-0.08%
Published-10 Mar, 2020 | 19:56
Updated-30 Jul, 2025 | 01:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-05-03||Apply updates per vendor instructions.

In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.MediaTek Inc.Google LLC
Product-jakarta-al00acornell-tl10bprinceton-al10b_firmwaremadrid-al00a_firmwareberkeley-l09yale-l21a_firmwarecolumbia-al10bcolumbia-tl00b_firmwarecolumbia-al10b_firmwarehonor_view_20paris-l29b_firmwarey6_2019_firmwaresydney-al00_firmwaresydneym-al00nova_4_firmwarehonor_20_procornell-al00a_firmwaredura-al00ahonor_8a_firmwaretony-tl00bkatyusha-al10acolumbia-tl00dhonor_view_20_firmwarenova_4columbia-tl00d_firmwaretony-al00bcornell-tl10b_firmwareparis-l29bcolumbia-l29dhonor_20_pro_firmwareberkeley-l09_firmwarehonor_8acornell-al00asydney-al00yale-al00a_firmwareprinceton-al10btony-al00b_firmwarenova_3jakarta-al00a_firmwarey6_2019sydneym-al00_firmwareyale-l21adura-al00a_firmwarekatyusha-al00ayalep-al10b_firmwarecolumbia-tl00bkatyusha-al10a_firmwaresydney-tl00_firmwaremadrid-al00asydney-tl00yale-al00acolumbia-l29d_firmwaretony-tl00b_firmwareandroidkatyusha-al00a_firmwarenova_3_firmwareyalep-al10bAndroidMultiple Chipsets
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-9468
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.32%
||
7 Day CHG~0.00%
Published-06 Jan, 2020 | 17:26
Updated-04 Aug, 2024 | 21:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In export_key_der of export_key.cpp, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10 Android ID: A-139683471

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-415
Double Free
CVE-2020-0233
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.92%
||
7 Day CHG~0.00%
Published-11 Jun, 2020 | 14:43
Updated-04 Aug, 2024 | 05:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In main of main.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150225255

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2004-1189
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.09% / 26.13%
||
7 Day CHG~0.00%
Published-31 Dec, 2004 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The add_to_history function in svr_principal.c in libkadm5srv for MIT Kerberos 5 (krb5) up to 1.3.5, when performing a password change, does not properly track the password policy's history count and the maximum number of keys, which can cause an array index out-of-bounds error and may allow authenticated users to execute arbitrary code via a heap-based buffer overflow.

Action-Not Available
Vendor-n/aMIT (Massachusetts Institute of Technology)
Product-kerberos_5n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0027
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.03% / 8.24%
||
7 Day CHG~0.00%
Published-13 Feb, 2020 | 14:22
Updated-04 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In HidRawSensor::batch of HidRawSensor.cpp, there is a possible out of bounds write due to an unexpected switch fallthrough. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-144040966

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0256
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.8||MEDIUM
EPSS-0.04% / 11.94%
||
7 Day CHG~0.00%
Published-11 Aug, 2020 | 19:31
Updated-04 Aug, 2024 | 05:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In LoadPartitionTable of gpt.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege when inserting a malicious USB device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-152874864

Action-Not Available
Vendor-n/aGoogle LLCDebian GNU/Linux
Product-androiddebian_linuxAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-9259
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.76%
||
7 Day CHG~0.00%
Published-27 Sep, 2019 | 18:05
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Bluetooth stack, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-113575306

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8569
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 13.92%
||
7 Day CHG~0.00%
Published-27 Oct, 2020 | 19:25
Updated-04 Aug, 2024 | 21:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An application may be able to execute arbitrary code with system privileges.

Action-Not Available
Vendor-Apple Inc.
Product-mac_os_xmacOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0012
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 10.46%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 19:55
Updated-04 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In fpc_ta_pn_get_unencrypted_image of fpc_ta_pn.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-137648844

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8717
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.73% / 71.71%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 17:33
Updated-04 Aug, 2024 | 21:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, tvOS 13. An application may be able to execute arbitrary code with kernel privileges.

Action-Not Available
Vendor-Apple Inc.
Product-mac_os_xtvostvOSmacOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8956
Matching Score-4
Assigner-Flexera Software LLC
ShareView Details
Matching Score-4
Assigner-Flexera Software LLC
CVSS Score-7.8||HIGH
EPSS-1.16% / 77.77%
||
7 Day CHG~0.00%
Published-01 Apr, 2019 | 18:39
Updated-04 Aug, 2024 | 21:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory.

Action-Not Available
Vendor-UNKNOWNLinux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kernelLinux Kernel
CWE ID-CWE-416
Use After Free
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0011
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 7.81%
||
7 Day CHG~0.00%
Published-10 Mar, 2020 | 19:55
Updated-04 Aug, 2024 | 05:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In get_auth_result of fpc_ta_hw_auth.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-137648045References: N/A

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-9266
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-6.7||MEDIUM
EPSS-0.01% / 1.21%
||
7 Day CHG~0.00%
Published-27 Sep, 2019 | 18:05
Updated-04 Aug, 2024 | 21:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In sensorservice, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-119501435

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-17094
Matching Score-4
Assigner-Bitdefender
ShareView Details
Matching Score-4
Assigner-Bitdefender
CVSS Score-8.3||HIGH
EPSS-0.17% / 38.26%
||
7 Day CHG~0.00%
Published-27 Jan, 2020 | 17:14
Updated-16 Sep, 2024 | 22:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-Based Overflow vulnerability in Belkin WeMo Insights Switch

A Stack-based Buffer Overflow vulnerability in libbelkin_api.so component of Belkin WeMo Insight Switch firmware allows a local attacker to obtain code execution on the device. This issue affects: Belkin WeMo Insight Switch firmware version 2.00.11396 and prior versions.

Action-Not Available
Vendor-Belkin International, Inc.
Product-wemo_insight_switch_firmwarewemo_insight_switchBelkin WeMo Insight Switch
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8616
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.52%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 17:33
Updated-04 Aug, 2024 | 21:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges.

Action-Not Available
Vendor-Apple Inc.
Product-mac_os_xmacOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8635
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.52%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 17:33
Updated-04 Aug, 2024 | 21:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5. An application may be able to execute arbitrary code with system privileges.

Action-Not Available
Vendor-Apple Inc.
Product-mac_os_xmacOS
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-415
Double Free
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • Next
Details not found