Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-15479

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-07 Aug, 2020 | 20:04
Updated At-04 Aug, 2024 | 13:15
Rejected At-
Credits

An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. The driver's IOCTL request handler attempts to copy the input buffer onto the stack without checking its size and can cause a buffer overflow. This could lead to arbitrary Ring-0 code execution and escalation of privileges. This affects DirectIo32.sys and DirectIo64.sys.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:07 Aug, 2020 | 20:04
Updated At:04 Aug, 2024 | 13:15
Rejected At:
▼CVE Numbering Authority (CNA)

An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. The driver's IOCTL request handler attempts to copy the input buffer onto the stack without checking its size and can cause a buffer overflow. This could lead to arbitrary Ring-0 code execution and escalation of privileges. This affects DirectIo32.sys and DirectIo64.sys.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/eset/vulnerability-disclosures
x_refsource_MISC
https://www.passmark.com/forum/index.php
x_refsource_MISC
https://www.passmark.com/support/index.php
x_refsource_MISC
https://github.com/eset/vulnerability-disclosures/blob/master/CVE-2020-15479/CVE-2020-15479.md
x_refsource_MISC
Hyperlink: https://github.com/eset/vulnerability-disclosures
Resource:
x_refsource_MISC
Hyperlink: https://www.passmark.com/forum/index.php
Resource:
x_refsource_MISC
Hyperlink: https://www.passmark.com/support/index.php
Resource:
x_refsource_MISC
Hyperlink: https://github.com/eset/vulnerability-disclosures/blob/master/CVE-2020-15479/CVE-2020-15479.md
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/eset/vulnerability-disclosures
x_refsource_MISC
x_transferred
https://www.passmark.com/forum/index.php
x_refsource_MISC
x_transferred
https://www.passmark.com/support/index.php
x_refsource_MISC
x_transferred
https://github.com/eset/vulnerability-disclosures/blob/master/CVE-2020-15479/CVE-2020-15479.md
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/eset/vulnerability-disclosures
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.passmark.com/forum/index.php
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://www.passmark.com/support/index.php
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://github.com/eset/vulnerability-disclosures/blob/master/CVE-2020-15479/CVE-2020-15479.md
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:07 Aug, 2020 | 21:15
Updated At:12 Aug, 2020 | 16:07

An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. The driver's IOCTL request handler attempts to copy the input buffer onto the stack without checking its size and can cause a buffer overflow. This could lead to arbitrary Ring-0 code execution and escalation of privileges. This affects DirectIo32.sys and DirectIo64.sys.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.18.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 8.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
passmark
passmark
>>burnintest>>Versions up to 9.1(inclusive)
cpe:2.3:a:passmark:burnintest:*:*:*:*:*:*:*:*
passmark
passmark
>>osforensics>>Versions up to 7.1(inclusive)
cpe:2.3:a:passmark:osforensics:*:*:*:*:*:*:*:*
passmark
passmark
>>performancetest>>Versions up to 10.0(inclusive)
cpe:2.3:a:passmark:performancetest:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Primarynvd@nist.gov
CWE ID: CWE-120
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/eset/vulnerability-disclosurescve@mitre.org
Third Party Advisory
https://github.com/eset/vulnerability-disclosures/blob/master/CVE-2020-15479/CVE-2020-15479.mdcve@mitre.org
Exploit
Third Party Advisory
https://www.passmark.com/forum/index.phpcve@mitre.org
Vendor Advisory
https://www.passmark.com/support/index.phpcve@mitre.org
Vendor Advisory
Hyperlink: https://github.com/eset/vulnerability-disclosures
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://github.com/eset/vulnerability-disclosures/blob/master/CVE-2020-15479/CVE-2020-15479.md
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
Hyperlink: https://www.passmark.com/forum/index.php
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://www.passmark.com/support/index.php
Source: cve@mitre.org
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

133Records found
CVE-2020-15481
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.17% / 39.12%
||
7 Day CHG~0.00%
Published-13 Nov, 2020 | 20:59
Updated-04 Aug, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in PassMark BurnInTest v9.1 Build 1008, OSForensics v7.1 Build 1012, and PerformanceTest v10.0 Build 1008. The kernel driver exposes IOCTL functionality that allows low-privilege users to map arbitrary physical memory into the address space of the calling process. This could lead to arbitrary Ring-0 code execution and escalation of privileges. This affects DirectIo32.sys and DirectIo64.sys drivers. This issue is fixed in BurnInTest v9.2, PerformanceTest v10.0 Build 1009, OSForensics v8.0.

Action-Not Available
Vendor-passmarkn/a
Product-burnintestosforensicsperformancetestn/a
CVE-2020-15480
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.07% / 22.99%
||
7 Day CHG~0.00%
Published-07 Aug, 2020 | 20:06
Updated-04 Aug, 2024 | 13:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. The kernel driver exposes IOCTL functionality that allows low-privilege users to read and write to arbitrary Model Specific Registers (MSRs). This could lead to arbitrary Ring-0 code execution and escalation of privileges. This affects DirectIo32.sys and DirectIo64.sys.

Action-Not Available
Vendor-passmarkn/a
Product-burnintestosforensicsperformancetestn/a
CVE-2011-0712
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.2||HIGH
EPSS-0.06% / 17.39%
||
7 Day CHG~0.00%
Published-18 Feb, 2011 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple buffer overflows in the caiaq Native Instruments USB audio functionality in the Linux kernel before 2.6.38-rc4-next-20110215 might allow attackers to cause a denial of service or possibly have unspecified other impact via a long USB device name, related to (1) the snd_usb_caiaq_audio_init function in sound/usb/caiaq/audio.c and (2) the snd_usb_caiaq_midi_init function in sound/usb/caiaq/midi.c.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncCanonical Ltd.
Product-linux_kernelubuntu_linuxn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-23428
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-8.4||HIGH
EPSS-0.01% / 1.72%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 17:40
Updated-03 Aug, 2024 | 03:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper boundary check in eden_runtime hal service prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.

Action-Not Available
Vendor-Google LLCSamsungSamsung Electronics
Product-androidexynosSamsung Mobile Devices with Exynos chipsets
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-22082
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.12% / 32.22%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:40
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption due to possible buffer overflow while parsing DSF header with corrupted channel count in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm6250p_firmwareqcs610sdx65wcn3950_firmwareqcs2290qca6595au_firmwaresa6155qca6335msm8917csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwaresd632wcn3998wcd9371_firmwarewcn3950sm4125mdm9628sd720gmdm9206_firmwaresd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmwareqca4020sm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaresa6155_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwaresm7450_firmwaresd680_firmwareqca9367_firmwarewcn3999sa8155_firmwaresd662_firmwareqcs405qca6430wcd9340qualcomm215_firmwaresd765gsw5100qca4020_firmwareqca6436sd680sa6155pwcn6851qcs603_firmwarewcn7851_firmwaremsm8937mdm9250_firmwarewcn3660_firmwarewcd9341pm8937_firmwareqca6696_firmwarewcd9371sd750gsd870_firmwarewcn3910_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaresm8475wcn6750_firmwaresd450wcn3610wcn3991wcd9380_firmwaresdm429wmsm8996au_firmwaresw5100pwcd9330qca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwareqca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwareqca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320msm8937_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835wcn3980_firmwaresd730wcd9330_firmwaresdx55msm8475_firmwarewcn6740_firmwaremsm8953sd678_firmwarear8031_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd_636_firmwaresd670qca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855wsa8832sw5100p_firmwareqcs610_firmwaresa6145psdxr1apq8096auar8031qcs405_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053sa8155pcsra6640sd675sd439wcn3660sm8475p_firmwareqca9379qcm2290wcn3991_firmwarewsa8830sd678qcs2290_firmwaremdm9628_firmwaremdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426wcn3990_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662sa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwareqca6595auwcn3615wcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqca6564au_firmwaresd778gsa6155p_firmwareqca6310pm8937wcn7851qcs6490sd429sdxr2_5gqca9367sdm630mdm9607_firmwarewcn3988_firmwaresa6145p_firmwaresd429_firmwaresm6250sd778g_firmwaresa8195papq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwaremsm8953_firmwaremsm8917_firmwarewcn3620_firmwaresd820qcm6490sd888_5g_firmwarewsa8835_firmwaresdx20_firmwarewcn3620wcn6850_firmwarewsa8815_firmwaresm7450apq8017qca6564aqcm2290_firmwarewcn3990sd_675sd780gsd865_5gsd888msm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750qca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd765qca6574a_firmwaresd768g_firmwaresm7315apq8009qca6391sd460sdxr1_firmwareaqt1000_firmwaresdx65_firmwaremdm9626qcm4290qcm6490_firmwaresdx50mwsa8832_firmwaresdx20sd480_firmwaremdm9626_firmwareqca6574ausa8155p_firmwaresd710mdm9607wcd9341_firmwarewsa8810wcn6856wcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaresdw2500apq8096au_firmwaresd845sm7250psd720g_firmwaresw5100_firmwareqcs410_firmwaresm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2010-2492
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.16%
||
7 Day CHG~0.00%
Published-08 Sep, 2010 | 19:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors.

Action-Not Available
Vendor-n/aVMware (Broadcom Inc.)Linux Kernel Organization, IncAvaya LLC
Product-linux_kernelaura_presence_servicesaura_voice_portalaura_system_manageraura_communication_manageriqaura_session_manageresxaura_system_platformn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2009-4067
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.8||MEDIUM
EPSS-0.61% / 68.77%
||
7 Day CHG~0.00%
Published-11 Feb, 2020 | 18:01
Updated-07 Aug, 2024 | 06:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linuxlinux_kerneln/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-12137
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.10% / 28.09%
||
7 Day CHG~0.00%
Published-24 Aug, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.

Action-Not Available
Vendor-n/aXen ProjectDebian GNU/LinuxCitrix (Cloud Software Group, Inc.)
Product-xendebian_linuxxenservern/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-1100
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.19% / 40.87%
||
7 Day CHG~0.00%
Published-11 Apr, 2018 | 19:00
Updated-05 Aug, 2024 | 03:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.

Action-Not Available
Vendor-zshzshCanonical Ltd.Red Hat, Inc.
Product-enterprise_linux_serverubuntu_linuxenterprise_linux_workstationzshenterprise_linux_desktopzsh
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33288
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.3||CRITICAL
EPSS-0.05% / 15.42%
||
7 Day CHG~0.00%
Published-04 Apr, 2023 | 04:46
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer copy without checking the size of input in Core

Memory corruption due to buffer copy without checking the size of input in Core while sending SCM command to get write protection information.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresd_8cx_gen3_firmwaresm7325-ae_firmware315_5g_iot_modem_firmwareqca8337qca6431_firmwarewcd9360_firmwarewcn3950_firmwaresc8180x\+sdx55sa8150p_firmwareqca6595au_firmwaresa6155snapdragon_x70_modem-rf_systemqca6335sm8350sdm670qcs605_firmwaresd_675_firmwarewcn685x-1sm7350-ab_firmwarewcn3998qam8295psd_8cx_gen2_firmwareqcn6024_firmwarewcn3950sd_8_gen1_5g_firmwareqsm8350_firmwareqsm8350sm7315_firmwaresm7325-aeqca6574au_firmwarewcd9375_firmwarewcn3998_firmwareqca8081_firmwaresa6155_firmwareqca6420snapdragon_xr2\+_gen_1_platformwcd9360snapdragon_auto_5g_modem-rf_firmwaresd_8cx_gen2qrb5165m_firmwareqrb5165_firmwareqca6698aqsa8155_firmwaresm7250-ab_firmwareqca6430wcd9340qca6436sa6155pqcs603_firmwareqca6698aq_firmwarewcn685x-1_firmwaresm8150_firmwarewcd9341qca6431qca6696_firmwaresd_8cxsa8150psm8250-ac_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwaresm7225_firmwaresdm850wcn3988wcn6750_firmwaresa8295p_firmwareqca8337_firmwarewcd9380_firmwaressg2125pqca6564ausd670_firmwareqca6574wcd9380sxr1230pqcn9012_firmwareqca6430_firmwarewcn3980qca6335_firmwaresm7225qcs605wcd9340_firmwarewsa8815sm6150-ac_firmwareqca6426_firmwareqcn9024wcn3980_firmwaresnapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresa8295pqca6421_firmwaresm6350wcn6740_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemsm8350_firmwareqrb5165qcs603sm6350_firmwarewcn785x-1_firmwaresd670qca6564a_firmwareqcn9024_firmwaresdx57msnapdragon_x24_lte_modemwsa8832sa8540pqsm8250sa6145pqca6595_firmwareqca6391_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155psd675sm8250ssg2115p_firmwarear8035_firmwareqsm8250_firmwaresdm845_firmwarewsa8830sxr2230p_firmwaresnapdragon_x24_lte_modem_firmwarewcn785x-5flight_rb5_5g_platformflight_rb5_5g_platform_firmwaresm7250-ac_firmwareqca6420_firmwareqca6390_firmwarewcd9370sd675_firmwaressg2115pqca6426wcn3990_firmwareqrb5165n_firmwaresm8450qca9377sm8250-absd_8cx_firmwarewcd9385_firmwarewcd9326_firmwareqam8295p_firmwaresm7325-afqcn9011_firmwaresa8155sa9000p_firmwaresnapdragon_x55_5g_modem-rf_systemsdx55_firmwaresda\/sdm845_firmwareqca6595ausm7325-af_firmwaresm7250p_firmwareqca6436_firmwareqrb5165nqca6564au_firmwaresd778gsa6155p_firmwareqca6310snapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_x70_modem-rf_system_firmwareqcs6490sm8250_firmwaresm8250-acwcn3988_firmware315_5g_iot_modemsa6145p_firmwareqca6421sd778g_firmwaresm7250-aawsa8810_firmwaresm8450_firmwaresnapdragon_ar2_gen_1_platform_firmwarewcd9326qca8081qca6174a_firmwarewcd9385sxr2130_firmwareqcs6490_firmwaresd_8cx_gen3qca6390ar8035sda\/sdm845aqt1000wcd9375sc8180x\+sdx55_firmwaresm6150_firmwaresm8150qcm6490wsa8815_firmwarewsa8835_firmwaresm7350-abqca6564awcn785x-1wcn3990sd_675sdm845sd865_5gqca6595sm8350-ac_firmwaresm8150-acqcn9012sd888sm6150wsa8835sxr1230p_firmwaresa8540p_firmwaresnapdragon_auto_5g_modem-rfsd_8_gen1_5gssg2125p_firmwaresxr2130qca6574awcn685x-5_firmwareqca6174asm7325psdm670_firmwareqca6310_firmwaresm7325wcn6750sa9000pqca6574_firmwaresm7250-absd855sm7325p_firmwaresxr2230psdx57m_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwareqrb5165mwcn785x-5_firmwaresm7315sm8250-ab_firmwareqca6391snapdragon_x55_5g_modem-rf_system_firmwareaqt1000_firmwaresdm850_firmwareqcm6490_firmwarewsa8832_firmwarewcn685x-5qcn9011qca6574ausa8155p_firmwarewcd9341_firmwarewsa8810sm7250-aa_firmwaresm7250-acsm8150-ac_firmwaresnapdragon_ar2_gen_1_platformsm8350-acwcn6740qca6696sm6150-acsnapdragon_x50_5g_modem-rf_systemqcn6024sm7250psm7325_firmwareSnapdragonqca9377_firmwaresd_8cx_gen3_firmwaresnapdragon_850_mobile_compute_platform_firmwareqca8337_firmwarewcd9380_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresxr2230p_firmware315_5g_iot_modem_firmwaresnapdragon_x24_lte_modem_firmwareqca6431_firmwarewcd9360_firmwaresnapdragon_670_mobile_platform_firmwareflight_rb5_5g_platform_firmwaresd670_firmwaresxr1230p_firmwarewcn3950_firmwaresa8540p_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwaressg2125p_firmwaresd_675_firmwaresd675_firmwarewcn3990_firmwareqrb5165n_firmwareqca6310_firmwareqca6430_firmwareqcn9012_firmwaresd_8cx_firmwarewcd9385_firmwareqca6335_firmwaresd_8cx_gen2_firmwareqcn6024_firmwarewcd9326_firmwareqca6574_firmwaresd_8_gen1_5g_firmwarewcd9340_firmwaresm7325p_firmwareqsm8350_firmwaresdx57m_firmwareqam8295p_firmwaresnapdragon_xr2_5g_platform_firmwareqcn9011_firmwareqca6426_firmwarequalcomm_robotics_rb3_platform_firmwaresa9000p_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwareqca6574a_firmwarefastconnect_6200_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwarewcn3980_firmwaresm7250p_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6436_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwareaqt1000_firmwareqca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa6155p_firmwarewcn6740_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwaresnapdragon_x70_modem-rf_system_firmwareqrb5165m_firmwareqcm6490_firmwarewsa8832_firmwaresa8155_firmwarefastconnect_6900_firmwarevision_intelligence_300_platform_firmwarewcn3988_firmwaresa6145p_firmwaresa8155p_firmwaresd778g_firmwarefastconnect_6700_firmwareqca6564a_firmwareqcn9024_firmwarewsa8810_firmwarewcd9341_firmwarefastconnect_7800_firmwaresnapdragon_ar2_gen_1_platform_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqca6698aq_firmwareqca6174a_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwareqca6595_firmwareqca6391_firmwaresnapdragon_855_mobile_platform_firmwarewcd9370_firmwaresd888_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewsa8815_firmwarewsa8835_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_865_5g_mobile_platform_firmwaressg2115p_firmwarefastconnect_6800_firmwaresa8295p_firmwarear8035_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqsm8250_firmwaresnapdragon_675_mobile_platform_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-43637
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.17% / 38.92%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 19:59
Updated-04 Aug, 2024 | 04:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Amazon WorkSpaces agent is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.

Action-Not Available
Vendor-amazonn/a
Product-workspacesn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-42990
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.07% / 23.13%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 19:47
Updated-04 Aug, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

FlexiHub For Windows is affected by Buffer Overflow. IOCTL Handler 0x22001B in the FlexiHub For Windows above 2.0.4340 below 5.3.14268 allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.

Action-Not Available
Vendor-flexihubn/aMicrosoft Corporation
Product-flexihubwindowsn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-42683
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.07% / 23.13%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 20:05
Updated-04 Aug, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Buffer Overflow vulnerability exists in Accops HyWorks Windows Client prior to v 3.2.8.200. The IOCTL Handler 0x22001B allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.

Action-Not Available
Vendor-accopsn/a
Product-hyworks_windows_clientn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-42994
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.07% / 23.13%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 19:51
Updated-04 Aug, 2024 | 03:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Donglify is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Donglify above 1.0.12309 below 1.7.14110 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.

Action-Not Available
Vendor-donglifyn/a
Product-donglifyn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2016-0099
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-91.17% / 99.63%
||
7 Day CHG~0.00%
Published-09 Mar, 2016 | 11:00
Updated-30 Jul, 2025 | 01:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-03-24||Apply updates per vendor instructions.

The Secondary Logon Service in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, and Windows 10 Gold and 1511 does not properly process request handles, which allows local users to gain privileges via a crafted application, aka "Secondary Logon Elevation of Privilege Vulnerability."

Action-Not Available
Vendor-n/aMicrosoft Corporation
Product-windows_10_1507windows_7windows_server_2008windows_10_1511windows_vistawindows_server_2012windows_8.1n/aWindows
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-42681
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-0.07% / 23.13%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 20:03
Updated-04 Aug, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A Buffer Overflow vulnerability exists in Accops HyWorks DVM Tools prior to v3.3.1.105. The IOCTL Handler 0x22001B allows local attackers to execute arbitrary code in kernel mode or cause a denial of service (memory corruption and OS crash) via specially crafted I/O Request Packet.

Action-Not Available
Vendor-accopsn/a
Product-hyworks_dvm_toolsn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-14374
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-0.19% / 40.73%
||
7 Day CHG~0.00%
Published-30 Sep, 2020 | 19:10
Updated-04 Aug, 2024 | 12:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing an attacker in a virtual machine to write arbitrary data to any address in the vhost_crypto application. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Action-Not Available
Vendor-dpdkn/aCanonical Ltd.openSUSE
Product-ubuntu_linuxdata_plane_development_kitleapdpdk
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2004-0455
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.14% / 33.97%
||
7 Day CHG~0.00%
Published-30 Jun, 2004 | 04:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql.

Action-Not Available
Vendor-www-sql_projectn/aDebian GNU/Linux
Product-www-sqldebian_linuxn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-35114
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 8.43%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper buffer initialization on the backend driver can lead to buffer overflow in Snapdragon Auto

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa8540psa9000psa8540p_firmwaresa9000p_firmwareSnapdragon Auto
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-35129
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 30.16%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:11
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in BT controller due to improper length check while processing vendor specific commands in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-ipq5018_firmwaresd_8cx_gen3_firmwareqca2066wsa8830qcn9070qca8337_firmwarewcd9380_firmwareqcn9000qca8337wcn6856_firmwareqcn9012sd888sdx65qcn9072qcn6122_firmwarewsa8835wcd9380ipq5028_firmwaresd888_5gqca2064_firmwareqca2062wcd9370wcn6855_firmwareqcn6132_firmwareqcn9000_firmwareqcn9012_firmwareipq5018wcn6750wcd9385_firmwareqcn6024_firmwaresd_8_gen1_5g_firmwarewcn6850qca2065qcn6112qcn6100_firmwareqcn6102_firmwareqcn9024wcd9375_firmwareqca8081_firmwareqcn6023_firmwareqca6391ipq5010qca2062_firmwareqcn6102qcn9100sdx65_firmwareqcs6490qcm6490_firmwareipq5028qcn9070_firmwarewcn6851_firmwareqcn6112_firmwareqcn9074qcn9024_firmwareqcn6132wcn6855wcn6851qca8081wcn6856qcn6023wcd9385qcn6122qcc710qca2066_firmwareqca2065_firmwareqcs6490_firmwaresd_8cx_gen3qca6391_firmwarear8035wcd9375qca2064wcd9370_firmwaresd888_firmwareqcc710_firmwareqcn9100_firmwareqcn9022_firmwarewsa8830_firmwareqcn6024qcn9022ipq5010_firmwareqcm6490sd888_5g_firmwarewcn6850_firmwarewsa8835_firmwareqcn6100qcn9072_firmwareqcn9074_firmwaresm8475wcn6750_firmwarear8035_firmwareSnapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-5184
Matching Score-4
Assigner-Zephyr Project
ShareView Details
Matching Score-4
Assigner-Zephyr Project
CVSS Score-7||HIGH
EPSS-0.29% / 52.31%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 17:26
Updated-18 Jun, 2025 | 14:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Potential signed to unsigned conversion errors and buffer overflow vulnerabilities in the Zephyr IPM driver

Two potential signed to unsigned conversion errors and buffer overflow vulnerabilities at the following locations in the Zephyr IPM drivers.

Action-Not Available
Vendor-Zephyr Project
Product-zephyrZephyr
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-195
Signed to Unsigned Conversion Error
CWE ID-CWE-681
Incorrect Conversion between Numeric Types
CVE-2021-35089
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.10% / 27.87%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of input IB amount validation while processing the user command in Snapdragon Auto

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6574ausa8155psa8155p_firmwareqca6696_firmwareqca6574au_firmwareqca6696Snapdragon Auto
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-0296
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.27% / 50.40%
||
7 Day CHG~0.00%
Published-15 Jun, 2017 | 01:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to elevate privilege when tdx.sys fails to check the length of a buffer prior to copying memory to it, aka "Windows TDX Elevation of Privilege Vulnerability".

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_7windows_server_2012windows_server_2016windows_8.1windows_10Microsoft Windows
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-30295
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 8.43%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:36
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible heap overflow due to improper validation of local variable while storing current task information locally in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwaremdm9150_firmwarewcn3991_firmwaresd678sa6150p_firmwaresm7250sa8145p_firmwareqcs610wsa8830qcs2290_firmwarefsm10056sm7250_firmwarecsrb31024wcd9360_firmwarecsra6620fsm10055_firmwareqcs4290wcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqcs2290qca6390_firmwaresa6155msm8917sd690_5gsd730_firmwarewcd9370csra6620_firmwareqcs605_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqca6426qca6584au_firmwaresd632wcn3990_firmwareqca9377sa415mwcn3998wcd9385_firmwarewcn3950sm4125sd720gwcd9326_firmwarewcn3615_firmwarewcn3660bsd662sd710_firmwaresd460_firmwaresa8155qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595ausa6155_firmwaresdx12_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3610_firmwareqca6420apq8053_firmwarewcd9360qca6564au_firmwareqca6584ausa6155p_firmwaresd778gsa515m_firmwareqcs6490qrb5165_firmwaresd429sa8155_firmwaresd662_firmwaresa415m_firmwareqcs405qca6430wcn3988_firmwaresa6145p_firmwaresd205sd429_firmwaresd778g_firmwaresm6250wcd9340sa8195papq8017_firmwarewsa8810_firmwarequalcomm215_firmwaresd765gsd765_firmwarefsm10056_firmwarewcd9326wcd9335sa6155pwcn6851qcs603_firmwareqca6174a_firmwareqcs4290_firmwarewcd9385wcd9341qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwareqca6390wcd9375sd750g_firmwareaqt1000sa8150pwcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaresda429wmsm8917_firmwaresd210sd660sd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3620_firmwaresd660_firmwarewcn3620wcn3988sa8195p_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwareapq8017qcx315wcn6750_firmwarewcn3610qcm2290_firmwarewcn3991sda429w_firmwarewcd9380_firmwarewcn3990sd_675sdm429wsd780gsd865_5gqca6595qca6564ausdx55m_firmwarewcn6856_firmwaresd888sd670_firmwareqca6574qcx315_firmwaresd632_firmwaresdm429w_firmwaresd665_firmwarewsa8835wcd9380sd888_5gqualcomm215qcs410qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqca6174asm7325qca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwarewcn6750sa515mqca6574_firmwareqcs605wcd9340_firmwaresd855sm4125_firmwarewcn6850sd665wcn3910wsa8815sd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwarewcn3980_firmwaresd460qca6391sd730sdx55maqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwarear8031_firmwarecsrb31024_firmwareqcm4290qcm6490_firmwaresdx50mwcn3680_firmwareqrb5165sd480_firmwareqcs603wcn6851_firmwareqca6574ausa8155p_firmwaresd710sd205_firmwaresd670wcd9341_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8810sd210_firmwareqcs610_firmwaremdm9150wcn6856sa6145pwcn3680bsd768gar8031qca6595_firmwareqcs405_firmwaresa8145pwcn6740qca6696qca6391_firmwaresd845_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwaresdx55apq8053sa8155pcsra6640sd675sd845sd439sd720g_firmwaresdx12qcs410_firmwareqcm2290sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-30323
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 25.36%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 10:40
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper validation of maximum size of data write to EFS file can lead to memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewcn3991_firmwaremdm9150_firmwaresd678mdm9640_firmwaresa6150p_firmwaresa8145p_firmwareqcs610sm6250p_firmwareqcs2290_firmwaresd7c_firmwarecsrb31024mdm9628_firmwaremdm9650qcs4290wcn3950_firmwaremdm9250sa8150p_firmwareqca6420_firmwareqca6595au_firmwareqcs2290sd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqcs6125_firmwareqca6584au_firmwarewcn3990_firmwareqca9377sa415mwcn3998sdw2500_firmwaresd_8cx_gen2_firmwarewcd9326_firmwaremdm9628sd720gmdm9206_firmwareqsw8573_firmwarewcn3615_firmwarewcn3950wcn3660bqca6574au_firmwarewcn3680b_firmwareqca6595ausdx12_firmwarewcd9375_firmwarewcn3615msm8909wwcn3998_firmwareapq8009w_firmwareqca6420apq8053_firmwarewcn3610_firmwaremdm9207qca6564au_firmwareqca6584ausa6155p_firmwareqca9367_firmwarewcd9306mdm8207sd_8cx_gen2sd429qca9367qcs6125qca4004_firmwaremdm9607_firmwaremdm9655_firmwaresa415m_firmwarewcn3988_firmwareqca6430sa6145p_firmwaresd205sd429_firmwaresm6250wcd9306_firmwarewcd9340sa8195papq8017_firmwarewsa8810_firmwarequalcomm215_firmwarewcd9326wcd9335sa6155pqca6174a_firmwaremdm9250_firmwareqcs4290_firmwarewcd9341mdm9655qca6696_firmwarewcn3910_firmwarewcd9375aqt1000sa8150psm6250_firmwaremdm9207_firmwaremsm8953_firmwareqca4004sda429wsd210sd855_firmwaresd660wcn3620_firmwaresdx20_firmwarewcn3988wsa8815_firmwaresd660_firmwarewcn3620sa8195p_firmwareapq8017qca6564awcn3610qcm6125_firmwaremdm9640qcm2290_firmwarewcn3991sda429w_firmwarewcd9380_firmwarewcn3990sd_675sdm429wmsm8996au_firmwarewcd9330qca6564ausdx24qet4101_firmwaremsm8909w_firmwareqca6574msm8996ausdm429w_firmwaresd665_firmwarewcd9380sd850sm6250pqualcomm215qcs410qca6574amdm9206qca6174asdx24_firmwareqca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwareqsw8573mdm9205qca6574_firmwarewcd9340_firmwaresd855wsa8815sd665sd7cwcn3910mdm9650_firmwarewcn3660b_firmwareqca6574a_firmwaresd850_firmwarewcn3980_firmwaresd730sdxr1_firmwarewcd9330_firmwareaqt1000_firmwaremsm8953sd678_firmwareqcm4290csrb31024_firmwaresdx20qca6574ausa8155p_firmwaremdm9607sd205_firmwareqca6564a_firmwareapq8009wwcd9341_firmwareqcm6125qcm4290_firmwarewsa8810sd210_firmwareqcs610_firmwaremdm9150sa6145pwcn3680bsdxr1apq8096ausa8145pmdm8207_firmwareqca6696mdm9205_firmwaresd845_firmwarewcd9370_firmwaresa6150psdw2500apq8053apq8096au_firmwaresa8155psd675sd845sd439qet4101sd720g_firmwaresdx12qcs410_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-28972
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 16.67%
||
7 Day CHG~0.00%
Published-22 Mar, 2021 | 16:53
Updated-03 Aug, 2024 | 21:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination, aka CID-cc7a0bb058b8.

Action-Not Available
Vendor-n/aNetApp, Inc.Fedora ProjectLinux Kernel Organization, Inc
Product-linux_kernelfas\/aff_baseboard_management_controllercloud_backupfedorasolidfire_baseboard_management_controller_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-35102
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.12% / 32.54%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of validation for the length of NAI string read from EFS in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sm6250p_firmwareqca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwaresd765g_firmwareqca6595au_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6426wcn3990_firmwarewcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sd720gsd_8_gen1_5g_firmwaresm7315_firmwareqca6574au_firmwaresdx55_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwarewcd9360qca6436_firmwaresm7450_firmwaresd778gsa515m_firmwarewcn7851sdxr2_5gwcn3988_firmwareqca6421sd778g_firmwaresm6250wsa8810_firmwaresd765gsd765_firmwareqca6436wcn6851qca8081wcn7851_firmwarewcd9385wcd9341qca6431qca6696_firmwaresd750gsd870_firmwareqca6390ar8035sd750g_firmwarewcd9375sm6250_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwaresm7450sm8475wcn6750_firmwarewcn3991qca8337_firmwarewcd9380_firmwarewcn3990sd_675sd780gsd865_5gsdx55m_firmwarewcn6856_firmwaresd888wcd9380sd888_5gsm6250pqca6574asd690_5g_firmwarewcn6855_firmwarewcn3980wcn6750sa515msd855wsa8815wcn6850sd765qca6426_firmwareqca6574a_firmwaresd695sd768g_firmwarewcn3980_firmwaresm7315sd730qca6391sdx55mqca6421_firmwaresm8475_firmwarewcn6740_firmwaresdx65_firmwaresd678_firmwarewsa8832_firmwaresd480_firmwarewcn6851_firmwareqca6574auwcd9341_firmwaresd480sd870wsa8810wcn6855wsa8832wcn6856sd695_firmwaresd768gwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwaresd675sm7250psd720g_firmwaresm8475p_firmwarear8035_firmwaresm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Mobile
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-30327
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.03% / 8.26%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:10
Updated-03 Aug, 2024 | 22:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in sahara protocol while processing commands leads to overwrite of secure configuration data in Snapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm7250sm6250p_firmwaresm6125sdm712_firmwaresdm640sm7250_firmwareqcs404_firmwaresa615xp_firmwareqcs407_firmwaresa4250p_firmwaresa8150p_firmwareqca6595au_firmwaresdm712qcn7605w_firmwareipq6000sc7180psdm670sa6125_firmwaresa6115p_firmwaresm7150psda845_firmwaresda830_firmwaresa415msdm658apq8098qcn7605sm4250sc8180xpapq8097_firmwaresa615xpqcs402sa8155sda660sdx55_firmwareqca6595ausm7250p_firmwaresxr2130psda845sxr2130p_firmwareqcs401qcn7606wsa515m_firmwareapq8098_firmwaresdx24m_firmwaresa2145p_firmwaresa4155p_firmwaremsm8998_firmwaresa8155_firmwaremsm8997ipq6010sm8250_firmwaresa415m_firmwareqcs405sa6145p_firmwaresc7180_firmwaresm4250_firmwaresm6250sa8195psdm830_firmwaresdm710_firmwaresm8150_firmwaresxr2130_firmwaresm7150p_firmwaresc7180sa6145_firmwareqcs403_firmwaresc8180xp_firmwaresa8150psdx24msm6250_firmwaresm6150_firmwaresda658_firmwaremsm8998qcn7606w_firmwaresm8150sdm850sa8195p_firmwaresdm640_firmwareqcn7606_firmwaresm6125_firmwaresa4150psm8150psdm845qca6595sdx24sm6150psa6125psm7150_firmwaresm6150sm7150sm6250psxr2130sc8180xipq6005_firmwaresa615xsdm670_firmwareqcs404sdx24_firmwaremsm8997_firmwareqcn7605wqcs403sda670sa6145sda830ipq6018_firmwaremdm9205sa515msdpx55msa2150p_firmwaresa6115_firmwareipq6028apq8097sm6150p_firmwaresdm658_firmwareipq6005sm7125sdm850_firmwaresa615x_firmwaresa6125sdm660ipq6028_firmwaresc8180x_firmwaresa8155p_firmwaresdm710sa6115sda670_firmwaresa4250pqcn7605_firmwaresa2145psdpx55m_firmwareipq6018sa6145pqcs402_firmwareqcs401_firmwareipq6010_firmwareqca6595_firmwareqcs405_firmwaremdm9205_firmwaresa2150psda660_firmwareqcs407sa4150p_firmwaresa6125p_firmwaresm7125_firmwaresda658sdx55sa8155psm8250sm8150p_firmwaresm7250psdm830ipq6000_firmwaresc7180p_firmwaresa6115psa4155psdm660_firmwareqcn7606sdm845_firmwareSnapdragon Mobile, Snapdragon Compute, Snapdragon Auto, Snapdragon IOT, Snapdragon Connectivity, Snapdragon Voice & Music
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25467
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-5.3||MEDIUM
EPSS-0.02% / 2.69%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:07
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library.

Action-Not Available
Vendor-Google LLCSamsungSamsung Electronics
Product-androidexynos_9830exynos_980exynos_2100Samsung Mobile Devices
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-26570
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.12% / 32.33%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 18:47
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webifc_setadconfig function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-26572
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.43%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 18:50
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgetactivexcfg function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-26573
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.43%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 19:05
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgeneratesslcfg function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25135
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.75%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:45
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsmtp_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25131
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.75%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:36
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setfwimagelocation_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25168
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.43%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 18:01
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webupdatecomponent function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25133
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.75%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:38
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setradiusconfig_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25130
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.75%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:40
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setactdir_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25171
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.43%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 18:39
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so websetlicensecfg function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25134
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.75%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:43
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setremoteimageinfo_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25170
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.43%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 18:04
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so websetremoteimageinfo function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25169
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.43%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 18:06
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so websetservicecfg function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25127
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.15%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:33
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice generatesslcertificate_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2002-0062
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.2||HIGH
EPSS-0.20% / 42.59%
||
7 Day CHG~0.00%
Published-02 Apr, 2003 | 05:00
Updated-03 Apr, 2025 | 01:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."

Action-Not Available
Vendor-n/aSUSEDebian GNU/LinuxRed Hat, Inc.FreeBSD FoundationGNU
Product-suse_linuxdebian_linuxncursesfreebsdlinuxn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-12465
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.17% / 38.60%
||
7 Day CHG~0.00%
Published-29 Apr, 2020 | 18:52
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.

Action-Not Available
Vendor-n/aNetApp, Inc.Linux Kernel Organization, Inc
Product-linux_kernelcloud_backupsolidfire_\&_hci_management_nodeactive_iq_unified_managerhci_baseboard_management_controllerhci_compute_nodesolidfire_baseboard_management_controlleraff_baseboard_management_controllersteelstore_cloud_integrated_storagen/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-10882
Matching Score-4
Assigner-Airbus
ShareView Details
Matching Score-4
Assigner-Airbus
CVSS Score-5.5||MEDIUM
EPSS-0.05% / 13.92%
||
7 Day CHG~0.00%
Published-26 Sep, 2019 | 15:16
Updated-16 Sep, 2024 | 23:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Netskope client buffer overflow vulnerability

The Netskope client service, v57 before 57.2.0.219 and v60 before 60.2.0.214, running with NT\SYSTEM privilege, accepts network connections from localhost. The connection handling function in this service suffers from a stack based buffer overflow in "doHandshakefromServer" function. Local users can use this vulnerability to trigger a crash of the service and potentially cause additional impact on the system.

Action-Not Available
Vendor-netskopeNetskope
Product-netskopeNetskope client
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-10605
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.09% / 27.23%
||
7 Day CHG~0.00%
Published-18 Dec, 2019 | 05:25
Updated-04 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overwrite can occur in IEEE80211 header filling function due to lack of range check of array index received from firmware in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, IPQ8074, MDM9607, MDM9650, MSM8909, MSM8939, QCN7605, SDA660, SDM630, SDM636, SDM660, SDX20, SDX24

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8909sdx24_firmwaresdm636_firmwareipq8074sdm636sdm630_firmwaresda660_firmwaresdx20qcn7605sdm660sdx24sdm630mdm9607_firmwaremsm8939mdm9650apq8053ipq8074_firmwaremdm9607mdm9650_firmwaresdx20_firmwaresda660msm8939_firmwareapq8009_firmwareqcn7605_firmwareapq8009msm8909_firmwareapq8053_firmwaresdm660_firmwareSnapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11223
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.73%
||
7 Day CHG~0.00%
Published-22 Feb, 2021 | 06:25
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out of bound in camera driver due to lack of check of validation of array index before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwareqcs610qdm5579qdm2307qfs2608_firmwareqfs2530qpm8870_firmwareqpa8802qpm6585_firmwareqat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpa5581_firmwarepm7150lqpa8821smr546_firmwareqdm5671qpm4650_firmwareqat3518pm456_firmwareqpa5580_firmwarewcn3998smr526_firmwarewcn3950sd720gwcn3660bqdm2305_firmwareqpm5670_firmwareqdm5652sd6905gqpa4360_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000pm855pqca6420pm6150aqpm6670_firmwarepmx50_firmwaresdr735gpm660_firmwarepm8150bqdm3301_firmwareqsm7250qca6430qat3522pmr735asd765grsw8577_firmwareqdm2308_firmwaresdr660wcn6851qpa6560qfs2630_firmwaresdr675_firmwaresdr865qdm5620_firmwarewcd9341sm7350_firmwaresmr545qdm4643_firmwareqca6696_firmwareqln5020qet4100_firmwaresd750gqdm3302pm6350qdm5621qtc800sqpm5875_firmwareqat3514_firmwarewsa8830_firmwaresd855_firmwaresd660qdm5650wcn3988sd660_firmwaresdr052smb1390qat5516_firmwarepm6150lsd8885gpm855l_firmwareqet4100wcn3610qpa8686_firmwareqpm6585wcn3991sda429w_firmwarewcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwarepm8350bhs_firmwareqat5568qet5100qdm5671_firmwareqpa8801_firmwarepm8150l_firmwareqat5533_firmwaresdx55m_firmwareqtm527_firmwarewcn6856_firmwareqpa8673_firmwarepm6150qet4101_firmwarepm7250bqln4642_firmwareqfs2630qpa8842sdr052_firmwarewcd9380smb1355_firmwarepm7250b_firmwaresmb1351_firmwareqcs410pmk8350_firmwaresmb1381pm855p_firmwaresdx50m_firmwaresdr735pm7250smb1395pm660lqpa8803smr526qca6430_firmwarepmk8003qtc801s_firmwarewcd9335_firmwareqat3522_firmwarewcn3980pm7350c_firmwareqdm2301wsa8815wcn6850qdm5621_firmwareqdm2301_firmwaresmb1394pm8350_firmwarewcn3660b_firmwarepm8009wcn3980_firmwaresd730sdr051_firmwarepm660l_firmwaresdx55mpm6250_firmwarewcn6740_firmwarepm8008pm8350b_firmwareqtm525_firmwareqat3518_firmwaresd6905g_firmwareqpm5621_firmwarepm855lwcn6851_firmwarersw8577qdm5670_firmwareqpa6560_firmwaresd8655gqpa8802_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582smr545_firmwarepm8009_firmwareqdm2310_firmwareqfs2580_firmwaresd8885g_firmwarepm8150lqcs610_firmwareqdm5677pm855_firmwarepm660a_firmwarepm855b_firmwareqpm6582_firmwareqca6391_firmwarewcd9370_firmwareqln4650_firmwareqat3516_firmwareqpm5875sdx55qet5100msd675pm8350bhsqet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bqpm5658_firmwareqpm5870wcn3991_firmwareqdm5652_firmwarewsa8830sdr051pm660qet6110_firmwareqdm5579_firmwareqln5030qbt1500qpa5581pmi632qpa2625_firmwarepm456pm8350bh_firmwarepmr735b_firmwareqbt1500_firmwareqet5100_firmwareqpm5870_firmwareqpm4621qet6100_firmwareqet6100sd765g_firmwareqpa8686qca6420_firmwaresmb1394_firmwareqca6390_firmwaresmb1396sd730_firmwarepm7150awcd9370sd675_firmwarepm8350qpa5461_firmwarepm8350c_firmwareqca6584au_firmwarewcn3990_firmwareqpm5641pmi632_firmwarewcd9385_firmwareqdm5650_firmwareqpa4340_firmwareqat5516pm7250_firmwareqdm5620qpa8821_firmwarepm8350bhpmk8002_firmwarepm3003aqdm4650_firmwaresdx55_firmwareqat5533qca6595ausm7250p_firmwarewcn3610_firmwaresm7350qsm7250_firmwareqpm6670pm7150l_firmwareqca6584auqdm2305qpm8820qpm4641qat5515_firmwareqln5020_firmwarepm855qpm8830_firmwarepm8250smb1398qdm4643qfs2530_firmwarewcn3988_firmwarepmx55qpm4641_firmwaresdr675pm8150c_firmwareqpa8842_firmwareqdm3301sdr735_firmwareqat3519_firmwaresm6250wsa8810_firmwareqpm5677qat5515sd765_firmwareqat3514wcd9335qdm5677_firmwarepm6350_firmwarepm8004_firmwaresdr8150_firmwarewcd9385pmk7350_firmwareqat3550_firmwareqln5040_firmwareqpm4630qca6390wcd9375sd750g_firmwareaqt1000qpa8673sm6250_firmwareqdm2310qln5030_firmwareqln4642sda429wqpm5677_firmwarewcn3620_firmwarewsa8815_firmwaresmb1396_firmwaresmr525_firmwarewcn6850_firmwarepmk7350wcn3620qpm8820_firmwarewsa8835_firmwareqpm6621_firmwaresmr546qet6110qln5040qpm8895qpm5670wcn3990pmx55_firmwareqtm527pmk8350smb1398_firmwareqpm8830qdm3302_firmwarepm8350bqat5522qdm2307_firmwarewsa8835pm8150cpmr735bqpa4360pmk8003_firmwaresdr660_firmwareqca6574aqpm4640_firmwaresmb1390_firmwareqdm5679_firmwarepm8350csmr525qpm4640pm6150l_firmwarepm7350cpm8150a_firmwareqet5100m_firmwareqpm4650qtm525sd855pm6150a_firmwarepm6150_firmwaresd765qca6574a_firmwareqpm4630_firmwaresd768g_firmwaresdr865_firmwareqat3555pm8250_firmwaresmb1351qca6391qpa5461aqt1000_firmwareqpm8895_firmwarepm660aqpa4340sdx50msdr8150qfs2608qtc801ssmb1395_firmwareqdm4650qpm5641_firmwarepm8008_firmwaresd8655g_firmwarewcd9341_firmwareqpm6621wsa8810pmr735a_firmwareqat5568_firmwareqdm2308pmx50qat3550wcn6856qdm5679sd768gpm3003a_firmwarewcn6740qca6696qtc800s_firmwaresmb1381_firmwarepm8004pmk8002qpa2625sm7250psd720g_firmwareqpm4621_firmwareqcs410_firmwarepm6250qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11292
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.23%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 06:20
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresm6250p_firmwareqcs610qca6431_firmwarewcd9360_firmwaremdm9645wcn3950_firmwaresc8180x\+sdx55qca6595au_firmwareqca6335msm8917mdm8215sd_455_firmwareqcs605_firmwaresd_675_firmwareqcs6125_firmwaremdm8615m_firmwaresd632msm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950sd720gmdm9628mdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwaresd710_firmwaremdm9230_firmwaremdm8215mqca6574au_firmwaremdm9630wcd9375_firmwarewcn3998_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwarewcd9360qca9367_firmwarewhs9410_firmwaremdm8207qcs6125sa8155_firmwareqca4004_firmwaremdm9615mqca6430wcd9306_firmwarewcd9340mdm9625_firmwaresd765gqca1990_firmwarequalcomm215_firmwareqca6436wcn6851qcs603_firmwaremsm8937msm8209_firmwaremdm9250_firmwarewcn3660_firmwarewcd9341mdm9655qca6696_firmwareqca6431wcd9371sd870_firmwaresd750gmdm8215_firmwarewcn3910_firmwaresd_8cxmdm9207_firmwareqca4004wsa8830_firmwaremdm9330_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwaremsm8208_firmwaresd450wcn3610mdm9640msm8608wcn3991sda429w_firmwarewcd9380_firmwaresdm429wwcd9330msm8996au_firmwarecsr6030qca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwareqet4101_firmwaremsm8976_firmwareqca6574sd632_firmwaresd670_firmwarewcd9380qualcomm215mdm9230qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6174qca6430_firmwarewcd9335_firmwaresd439_firmwarewcn3980qca6335_firmwareqsw8573qcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320qca6584_firmwaremsm8937_firmwaremdm9650_firmwaresd_8c_firmwaremdm9215_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835qca1990wcn3980_firmwaresd730wcd9330_firmwaresdx55mqca6421_firmwarear6003_firmwaremsm8953sd821_firmwaresd678_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareapq8009wqca6694au_firmwaremsm8976sg_firmwareqcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwareapq8084_firmwaresdxr1apq8096aumdm8207_firmwaresdm630_firmwaremdm9205_firmwareqca6391_firmwaresd820_firmwarewcd9370_firmwaresdx55apq8053sa8155psd675sd439qet4101wcn3660qca9379wcn3991_firmwaremdm9150_firmwarewsa8830sd678csrb31024mdm9628_firmwaremdm9650sd_636qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gqca6174_firmwaresd730_firmwaremdm9310_firmwarewcd9370sd675_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377sdw2500_firmwaresd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewhs9410wcd9326_firmwaremdm9615m_firmwarewcn3615_firmwareapq8037sa8155qca6320_firmwareqca6584wcn3680b_firmwaresdx55_firmwarewcn3615qca6595ausm7250p_firmwarewcn3610_firmwareqca6436_firmwaremdm9207wcd9306qca6584auqca6564au_firmwareqca6310msm8208sa515m_firmwaresd429sdxr2_5gqca9367apq8084sdm630mdm9607_firmwaresd821mdm9655_firmwaremsm8976sgsa415m_firmwarewcn3988_firmwaresd205sd429_firmwareqca6421sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwareqca6694sd765_firmwarewcd9326wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385mdm8615mmdm9625qca6390wcd9375sd750g_firmwareaqt1000msm8976qca6694_firmwaresm6250_firmwaresc8180x\+sdx55_firmwaremsm8953_firmwareqca6694ausda429wmsm8917_firmwaresd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwaresd820wcn6850_firmwarewsa8835_firmwarewcn3620apq8017ar6003csr6030_firmwareqca6564amdm9630_firmwareqcm6125_firmwaremdm9635m_firmwarewcn3990sd_675sd865_5gsdx24msm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174aqca6310_firmwaremdm9635mmdm9615mdm9205sa515mqca6574_firmwaresd855sd665sd765qca6574a_firmwaresd768g_firmwaremsm8209sd850_firmwareapq8009qca6391sdxr1_firmwaremdm9310aqt1000_firmwaremsm8920qcm4290csrb31024_firmwaresdx50msdx20sd480_firmwaremsm8920_firmwaremdm9215sd_455qca6574ausd710mdm8215m_firmwaremdm9607sa8155p_firmwaresd205_firmwaremdm9645_firmwarewcd9341_firmwareqcm6125wsa8810mdm9150wcn6856sd_8cwcn3680bsd835_firmwaresd768gqca6696sd845_firmwaremsm8608_firmwaresdw2500msm8940apq8096au_firmwaresd845mdm9615_firmwareapq8037_firmwaresm7250psd720g_firmwareqcs410_firmwaremdm9330sd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11207
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.54% / 66.52%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in LibFastCV library due to improper size checks with respect to buffer length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8052, APQ8056, APQ8076, APQ8096, APQ8096SG, APQ8098, MDM9655, MSM8952, MSM8956, MSM8976, MSM8976SG, MSM8996, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm6115_firmwaresm7250sa6150p_firmwaresm6250p_firmwareapq8096_firmwareqcs610sm6125sdm640sdm845sm7250_firmwareapq8096sdx55m_firmwaresm6115p_firmwaresm7150_firmwaremsm8952_firmwaresm6150msm8976_firmwareqcs4290sa8150p_firmwaresm7150sm6250psa6155qcs410sda640_firmwaresxr2130apq8076sdx50m_firmwareqcs6125_firmwaresm6115sm7150papq8076_firmwaresdm660_firmwaresda845_firmwareapq8052_firmwareapq8098sm4250sm7225sda855sm6115pmsm8956_firmwaresa8155sda660sdx55_firmwaresa6155_firmwaresda855_firmwaresm7250p_firmwaresxr2130psdx55msm6150p_firmwaresda845sm6350sm7125sdm850_firmwaresm4250p_firmwaresa6155p_firmwaresxr2130p_firmwareqsm8250_firmwaresda640qcm4290apq8098_firmwaresdx50mmsm8996sgqcs6125msm8998_firmwareapq8056_firmwaresa8155_firmwaresdm660sm8250_firmwaremdm9655_firmwaremsm8976sgsm6350_firmwaremsm8996sg_firmwaresa6145p_firmwaresc7180_firmwaresm4250_firmwaresm6250sa8155p_firmwaresa8195psdm830_firmwaremsm8976sg_firmwareqcm6125qcm4290_firmwaresa6155pqcs610_firmwareapq8052msm8996_firmwareqsm8250sa6145pqcs4290_firmwaresm8150_firmwaresxr2130_firmwaresm7150p_firmwaresm4250pmdm9655sc7180sda660_firmwaremsm8976msm8956sa8150psm6250_firmwaresm7125_firmwaresa6150psm6150_firmwaremsm8952apq8056sdx55sa8155pmsm8998sm7225_firmwaresm8150sdm850sm8250sm8150p_firmwaresm7250psdm830sa8195p_firmwaresdm640_firmwaremsm8996qcs410_firmwaresm6125_firmwaresm8150psm6150pqcm6125_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11183
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 10.16%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A process can potentially cause a buffer overflow in the display service allowing privilege escalation by executing code as that service in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100pm8909qfe2550qfe4465fcsdr051pm660pmi8996qbt1500pmi632qln1030mdm9650qpa5373pmk8001pmm855aumdm9250qtc800hmsm8917wtr3905qca9377qpa5460wtr2955wcn3660bqln1021aqqfe4320smb1380qfe4308apq8037qca6595auwcn3615msm8909wqtc800tpm8940sdx20mqca6310pm8937qfe2081fcpm8996qca9367sd821sdm630qcc1110qfe2101smb1360qat3522qfe4455fcwcd9340pm8953smb231qfe3440fcqat3514sdr660wcd9326wcd9335qet4200aqmsm8937smb1358wcd9341pm439pmi8952mdm9655smb1350wtr3950qtc800ssd660sd820sd712wtr3925pmi8937pm8998qfe2080fcsdr052sdw3100wcn3620apq8017qca6564asd450qet4100wcn3990smb1355wcd9330wgr7640sd636qet5100qca6595qca6564aumsm8996aupmi8940pmm8996aurgr7640auqualcomm215qln1035bdqpa4360pm855aqca6574amdm9206qca6174apm660lwtr4905ar8151wtr5975wcn3980qsw8573wsa8815qbt1000qfe4305qca6320wcn3680pmx20pmd9607qfe4309sd835apq8009smb1351qfe4373fcqfe2082fcmsm8920msm8953pmi8998pm660aqpa4340sdx50msdx20pm8916qln1036aqqtc801srsw8577pmd9655qfe4302qca6574ausd710apq8009wqfe4303wsa8810qat3550pm8005wcn3680bpm215apq8096auwtr2965qfe4301pm8004sdw2500msm8940apq8053sd439qet4101pmi8994sdm830smb1357qca9379qln1031Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found