ByteOS

Matching Score-8

Assigner-Fortinet, Inc.

CVSS Score-5.8||MEDIUM

EPSS-0.05% / 16.13%

||

7 Day CHG~0.00%

Published-11 Feb, 2025 | 16:09

Updated-16 Jul, 2025 | 15:15

An improper authentication in Fortinet FortiClientMac 7.0.11 through 7.2.4 allows attacker to gain improper access to MacOS via empty password.

Vendor-Fortinet, Inc.

Product-forticlient FortiClientMac

CWE ID-CWE-287

Improper Authentication

CVE-2024-31496

Matching Score-8

Assigner-Fortinet, Inc.

Matching Score-8

Assigner-Fortinet, Inc.

CVSS Score-6.3||MEDIUM

EPSS-0.03% / 8.07%

||

7 Day CHG~0.00%

Published-12 Nov, 2024 | 18:53

Updated-21 Jan, 2025 | 22:11

A stack-based buffer overflow vulnerability [CWE-121] in Fortinet FortiManager version 7.4.0 through 7.4.2 and before 7.2.5, FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData 7.4.0 and before 7.2.7 allows a privileged attacker to execute unauthorized code or commands via crafted CLI requests.

Vendor-Fortinet, Inc.

Product-fortianalyzer_big_data fortimanager fortianalyzer FortiManager FortiAnalyzer

CWE ID-CWE-121

Stack-based Buffer Overflow

CWE ID-CWE-787

Out-of-bounds Write

CVE-2021-22129

Matching Score-6

Assigner-Fortinet, Inc.

Matching Score-6

Assigner-Fortinet, Inc.

CVSS Score-8.8||HIGH

EPSS-0.45% / 62.79%

||

7 Day CHG~0.00%

Published-09 Jul, 2021 | 18:26

Updated-25 Oct, 2024 | 13:56

Multiple instances of incorrect calculation of buffer size in the Webmail and Administrative interface of FortiMail before 6.4.5 may allow an authenticated attacker with regular webmail access to trigger a buffer overflow and to possibly execute unauthorized code or commands via specifically crafted HTTP requests.

Vendor-Fortinet, Inc.

Product-fortimail Fortinet FortiMail

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-33302

Matching Score-6

Assigner-Fortinet, Inc.

Matching Score-6

Assigner-Fortinet, Inc.

CVSS Score-4.5||MEDIUM

EPSS-0.10% / 27.29%

||

7 Day CHG-0.01%

Published-31 Mar, 2025 | 14:58

Updated-23 Jul, 2025 | 15:53

A buffer copy without checking size of input ('classic buffer overflow') in Fortinet FortiMail webmail and administrative interface version 6.4.0 through 6.4.4 and before 6.2.6 and FortiNDR administrative interface version 7.2.0 and before 7.1.0 allows an authenticated attacker with regular webmail access to trigger a buffer overflow and to possibly execute unauthorized code or commands via specifically crafted HTTP requests.

Vendor-Fortinet, Inc.

Product-fortimail fortindr FortiNDR FortiMail

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2022-23431

Matching Score-4

Assigner-Samsung Mobile

Matching Score-4

Assigner-Samsung Mobile

CVSS Score-6.4||MEDIUM

EPSS-0.02% / 3.06%

||

7 Day CHG~0.00%

Published-11 Feb, 2022 | 17:40

Updated-03 Aug, 2024 | 03:43

An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.

Vendor-Google LLC Samsung Samsung Electronics

Product-android exynos Samsung Mobile Devices with Exynos chipsets

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-28736

Matching Score-4

Assigner-Intel Corporation

Matching Score-4

Assigner-Intel Corporation

CVSS Score-5.7||MEDIUM

EPSS-0.03% / 6.20%

||

7 Day CHG~0.00%

Published-11 Aug, 2023 | 02:36

Updated-01 Oct, 2024 | 20:31

Buffer overflow in some Intel(R) SSD Tools software before version mdadm-4.2-rc2 may allow a privileged user to potentially enable escalation of privilege via local access.

Vendor-mdadm_project n/a

Product-mdadm Intel(R) SSD Tools software

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-28772

Matching Score-4

Assigner-MITRE Corporation

Matching Score-4

Assigner-MITRE Corporation

CVSS Score-6.7||MEDIUM

EPSS-0.14% / 33.95%

||

7 Day CHG~0.00%

Published-23 Mar, 2023 | 00:00

Updated-05 May, 2025 | 16:15

An issue was discovered in the Linux kernel before 5.13.3. lib/seq_buf.c has a seq_buf_putmem_hex buffer overflow.

Vendor-n/a Linux Kernel Organization, Inc

Product-linux_kernel n/a

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-28580

Matching Score-4

Assigner-Qualcomm, Inc.

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 11.91%

||

7 Day CHG~0.00%

Published-05 Dec, 2023 | 03:03

Updated-11 Aug, 2025 | 15:06

Buffer Copy Without Checking Size of Input in WLAN Host

Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache.

Product-sw5100p qcs410_firmware sa6150p_firmware sa6155p_firmware qam8295p_firmware qcs610_firmware wcd9370 qca8081_firmware ar8035_firmware qca6696 wsa8830_firmware wcd9340_firmware qfw7124_firmware wcd9341_firmware qcc710_firmware wsa8815_firmware sa8195p_firmware wcd9370_firmware qca8337_firmware qca8337 wcn3660b qca6574au_firmware sa8195p qca6595au wcd9340 qam8295p wcd9341 qca6574au wcn3950 wsa8810_firmware wcn3988 wcn3980_firmware qcn6274 wcn3660b_firmware qfw7124 snapdragon_x75_5g_modem-rf_system wsa8835 qca6595au_firmware qca6391_firmware sw5100p_firmware sa8295p_firmware qca6696_firmware wcd9380_firmware sa6150p qcs410 sa8155p_firmware qca8081 wsa8815 video_collaboration_vc1_platform_firmware sa8155p wcn3680b_firmware wsa8830 qcn6274_firmware sa6145p qcc710 sw5100_firmware ar8035 qfw7114_firmware fastconnect_6900 fastconnect_7800_firmware qca6391 video_collaboration_vc1_platform qcn6224 qfw7114 wcn3950_firmware fastconnect_6900_firmware sa8295p snapdragon_8_gen_1_mobile_platform wcd9380 sa6145p_firmware fastconnect_7800 sa8145p_firmware wcn3680b sa8150p snapdragon_8_gen_1_mobile_platform_firmware sa8150p_firmware wcn3988_firmware sa6155p video_collaboration_vc3_platform_firmware sa8145p wsa8835_firmware wsa8810 snapdragon_x75_5g_modem-rf_system_firmware wcn3980 sw5100 video_collaboration_vc3_platform qcn6224_firmware qcs610 Snapdragon

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-26319

Matching Score-4

Matching Score-4

CVSS Score-6.7||MEDIUM

EPSS-0.72% / 71.48%

||

7 Day CHG~0.00%

Published-11 Oct, 2023 | 06:45

Updated-08 Oct, 2024 | 10:15

Xiaomi Router administration interface vulnerability leads command injection and stack overflow

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Xiaomi Xiaomi Router allows Command Injection.

Vendor-Xiaomi

Product-xiaomi_router_ax3200_firmware xiaomi_router_ax3200 Xiaomi Router xiaomi_router

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE ID-CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

CVE-2023-26318

Matching Score-4

Matching Score-4

CVSS Score-6.7||MEDIUM

EPSS-0.89% / 74.59%

||

7 Day CHG~0.00%

Published-11 Oct, 2023 | 06:42

Updated-18 Sep, 2024 | 18:07

Xiaomi router web interface post-authorization stack overflow

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in Xiaomi Xiaomi Router allows Overflow Buffers.

Vendor-Xiaomi

Product-xiaomi_router_ax3200_firmware xiaomi_router_ax3200 Xiaomi Router xiaomi_router

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2024-33030

Matching Score-4

Assigner-Qualcomm, Inc.

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 6.10%

||

7 Day CHG~0.00%

Published-04 Nov, 2024 | 10:04

Updated-08 Nov, 2024 | 04:55

Buffer Copy without Checking Size of Input (`Classic Buffer Overflow`) in Performance

Memory corruption while parsing IPC frequency table parameters for LPLH that has size greater than expected size.

Product-fastconnect_7800 qca9377_firmware snapdragon_8_gen_1_mobile_platform qca6584au wcd9380_firmware wsa8830 qca9367_firmware qca8337_firmware snapdragon_x72_5g_modem-rf_system qcn6274_firmware qca8337 qca6698aq snapdragon_x75_5g_modem-rf_system_firmware qfw7124 qca9367 fastconnect_6900_firmware fastconnect_6900 qcn6224_firmware wsa8835 wcd9340 wcd9380 qcn6274 qcn6224 fastconnect_7800_firmware snapdragon_x72_5g_modem-rf_system_firmware snapdragon_x75_5g_modem-rf_system snapdragon_8_gen_1_mobile_platform_firmware qca8081 snapdragon_auto_5g_modem-rf_gen_2 qca6698aq_firmware snapdragon_auto_5g_modem-rf_gen_2_firmware qcc710 qca6584au_firmware qca9377 qfw7114_firmware ar8035 wcd9340_firmware qcc710_firmware wsa8830_firmware wsa8835_firmware qca8081_firmware qfw7124_firmware qfw7114 ar8035_firmware Snapdragon qca9377_firmware qca8337_firmware qca9367_firmware wcd9380_firmware snapdragon_auto_5g_modem-rf_gen_2_firmware qca6584au_firmware qcn6274_firmware qfw7114_firmware snapdragon_x75_5g_modem-rf_system_firmware fastconnect_6900_firmware wcd9340_firmware qcc710_firmware qcn6224_firmware wsa8830_firmware wsa8835_firmware fastconnect_7800_firmware snapdragon_x72_5g_modem-rf_system_firmware qca8081_firmware qfw7124_firmware snapdragon_8_gen_1_mobile_platform_firmware ar8035_firmware qca6698aq_firmware

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-22384

Matching Score-4

Assigner-Qualcomm, Inc.

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.02% / 3.59%

||

7 Day CHG~0.00%

Published-03 Oct, 2023 | 05:00

Updated-27 Feb, 2025 | 20:48

Buffer Copy Without Checking Size of Input in VR Service

Memory Corruption in VR Service while sending data using Fast Message Queue (FMQ).

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-21649

Matching Score-4

Assigner-Qualcomm, Inc.

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 8.23%

||

7 Day CHG~0.00%

Published-08 Aug, 2023 | 09:14

Updated-02 Aug, 2024 | 09:44

Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN

Memory corruption in WLAN while running doDriverCmd for an unspecific command.

Product-wcn3991_firmware wsa8830 sa6150p_firmware sa8145p_firmware qcs610 qca8337 qca6431_firmware mdm9628_firmware mdm9650 wcn3950_firmware sa8150p_firmware qca6420_firmware qca6595au_firmware qca6390_firmware wcd9370 qca6426 qca6584au_firmware sm4375 wcn3998 qca6554a_firmware wcd9385_firmware sdxr2_5g_firmware wcn3950 mdm9628 wcn3660b qca6574au_firmware sdx55_firmware wcn3680b_firmware qca6595au wcd9375_firmware wcn3998_firmware wcn3610_firmware qca6420 qca6436_firmware qca6564au_firmware qca6584au sa6155p_firmware sdxr2_5g wcn3988_firmware qca6430 qcn9074 sa6145p_firmware qca6421 sa8195p wsa8810_firmware sm4375_firmware sw5100 qca6436 wcn6851 sa6155p wcd9385 wcd9341 qca6431 qca6696_firmware sd870_firmware qca6390 wcd9375 aqt1000 sa8150p wsa8830_firmware sda429w sd855_firmware sd865_5g_firmware wcn3988 wcn6850_firmware wsa8815_firmware wsa8835_firmware sa8195p_firmware qca6564a wcn3610 wcn3991 qca8337_firmware sda429w_firmware wcd9380_firmware sw5100p qca6554a sd865_5g qca6595 qca6564au qcc5100 sdx55m_firmware wsa8835 qca6574 wcd9380 qcs410 qca6574a qca6430_firmware wcn3980 qca6574_firmware sd855 wsa8815 wcn6850 mdm9650_firmware qca6426_firmware wcn3660b_firmware qca6574a_firmware sd695 wcn3980_firmware qca6391 sdx55m qcc5100_firmware qca6421_firmware aqt1000_firmware sd480_firmware wcn6851_firmware qca6574au sa8155p_firmware qca6564a_firmware wcd9341_firmware sd480 sd870 wsa8810 sw5100p_firmware qcs610_firmware sa6145p wcn3680b sd695_firmware apq8096au qca6595_firmware sa8145p qca6696 qca6391_firmware wcd9370_firmware sa6150p sdx55 apq8096au_firmware sa8155p sw5100_firmware qcn9074_firmware qcs410_firmware Snapdragon wcn3991_firmware qca8337_firmware sda429w_firmware sa6150p_firmware wcd9380_firmware sa8145p_firmware qca6431_firmware sdx55m_firmware mdm9628_firmware wcn3950_firmware sa8150p_firmware qca6420_firmware qca6595au_firmware qca6390_firmware qca6584au_firmware qca6430_firmware qca6554a_firmware wcd9385_firmware sdxr2_5g_firmware qca6574_firmware mdm9650_firmware qca6426_firmware wcn3660b_firmware qca6574a_firmware qca6574au_firmware sdx55_firmware wcn3680b_firmware wcd9375_firmware wcn3998_firmware wcn3980_firmware wcn3610_firmware qca6436_firmware qcc5100_firmware qca6421_firmware aqt1000_firmware qca6564au_firmware sa6155p_firmware sd480_firmware wcn6851_firmware wcn3988_firmware sa6145p_firmware sa8155p_firmware qca6564a_firmware wsa8810_firmware wcd9341_firmware sm4375_firmware sw5100p_firmware qcs610_firmware sd695_firmware qca6696_firmware qca6595_firmware sd870_firmware qca6391_firmware wcd9370_firmware apq8096au_firmware wsa8830_firmware sd855_firmware sd865_5g_firmware wsa8815_firmware wcn6850_firmware wsa8835_firmware sa8195p_firmware sw5100_firmware qcn9074_firmware qcs410_firmware

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-21639

Matching Score-4

Assigner-Qualcomm, Inc.

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 6.50%

||

7 Day CHG~0.00%

Published-04 Jul, 2023 | 04:46

Updated-02 Aug, 2024 | 09:44

Buffer Copy Without Checking the Size of Input in Audio

Memory corruption in Audio while processing sva_model_serializer using memory size passed by HIDL client.

Product-aqt1000_firmware snapdragon_w5\+_gen_1 sa6155p_firmware wsa8830 sw5100p sa4155p_firmware snapdragon_855\+\/860_firmware wcn3988_firmware qca6430 snapdragon_855 sa8155p_firmware wsa8835 sa8195p wsa8810_firmware wcd9341_firmware qca6420_firmware sw5100 wsa8810 sa6155p sw5100p_firmware snapdragon_855_firmware wcd9341 snapdragon_855\+\/860 qca6430_firmware wcn3980 sa4150p_firmware fastconnect_6200 aqt1000 sd855 wsa8815 sa8155p wsa8830_firmware sd855_firmware wcn3988 wsa8815_firmware wsa8835_firmware fastconnect_6200_firmware sa8195p_firmware sw5100_firmware wcn3980_firmware sa4155p qca6420 sa4150p snapdragon_w5\+_gen_1_firmware Snapdragon aqt1000_firmware sa6155p_firmware qca6430_firmware sa4155p_firmware sa4150p_firmware snapdragon_855_mobile_platform_firmware wcn3988_firmware wsa8830_firmware sa8155p_firmware sd855_firmware wsa8815_firmware wsa8835_firmware wsa8810_firmware fastconnect_6200_firmware wcd9341_firmware sa8195p_firmware qca6420_firmware sw5100_firmware wcn3980_firmware sw5100p_firmware

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-21640

Matching Score-4

Assigner-Qualcomm, Inc.

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 6.50%

||

7 Day CHG~0.00%

Published-04 Jul, 2023 | 04:46

Updated-26 Nov, 2024 | 18:56

Buffer Copy Without Checking Size of Input in Linux

Memory corruption in Linux when the file upload API is called with parameters having large buffer.

Product-fastconnect_7800 wsa8830_firmware wcd9380_firmware wsa8830 wsa8835 snapdragon_8_gen_1 wsa8835_firmware wcd9380 fastconnect_7800_firmware fastconnect_6900 fastconnect_6900_firmware snapdragon_8_gen_1_firmware Snapdragon snapdragon

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-21635

Matching Score-4

Assigner-Qualcomm, Inc.

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 6.50%

||

7 Day CHG~0.00%

Published-04 Jul, 2023 | 04:46

Updated-02 Aug, 2024 | 09:44

Buffer Copy without Checking Size of Input in Data Network Stack & Connectivity

Memory Corruption in Data Network Stack & Connectivity when sim gets detected on telephony.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE ID-CWE-787

Out-of-bounds Write

CVE-2023-20624

Matching Score-4

Assigner-MediaTek, Inc.

Product-mt6853 android mt6855 mt8781 mt6983 mt6833 mt6873 mt6883 mt8797 mt6885 mt6789 mt8791 mt6875 mt6877 mt6879 mt8791t MT6789, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6983, MT8781, MT8791, MT8791T, MT8797

Matching Score-4

Assigner-MediaTek, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.02% / 3.64%

||

7 Day CHG~0.00%

Published-07 Mar, 2023 | 00:00

Updated-06 Mar, 2025 | 17:15

In vow, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628530; Issue ID: ALPS07628530.

Vendor-Google LLC MediaTek Inc.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-0977

Matching Score-4

Assigner-Trellix

Vendor-Microsoft Corporation Musarubra US LLC (Trellix)Linux Kernel Organization, Inc

Matching Score-4

Assigner-Trellix

CVSS Score-6.7||MEDIUM

EPSS-0.18% / 40.38%

||

7 Day CHG~0.00%

Published-03 Apr, 2023 | 15:39

Updated-11 Feb, 2025 | 14:38

A heap-based overflow vulnerability in Trellix Agent (Windows and Linux) version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable.

Product-windows linux_kernel agent Trellix Agent

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CWE ID-CWE-787

Out-of-bounds Write

CVE-2017-13308

Matching Score-4

Assigner-Android (associated with Google Inc. or Open Handset Alliance)

Matching Score-4

Assigner-Android (associated with Google Inc. or Open Handset Alliance)

CVSS Score-6.7||MEDIUM

EPSS-0.01% / 0.76%

||

7 Day CHG~0.00%

Published-05 Dec, 2024 | 22:05

Updated-19 Dec, 2024 | 16:54

In tscpu_write_GPIO_out and mtkts_Abts_write of mtk_ts_Abts.c, there is a possible buffer overflow in an sscanf due to improper input validation. This could lead to a local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Vendor-Google LLC

Product-android Android android

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2024-27878

Matching Score-4

Assigner-Apple Inc.

Matching Score-4

Assigner-Apple Inc.

CVSS Score-6.5||MEDIUM

EPSS-0.02% / 4.12%

||

7 Day CHG~0.00%

Published-29 Jul, 2024 | 22:16

Updated-13 Mar, 2025 | 20:15

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.6. An app with root privileges may be able to execute arbitrary code with kernel privileges.

Vendor-Apple Inc.

Product-macos macOS macos

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2022-1892

Matching Score-4

Assigner-Lenovo Group Ltd.

Matching Score-4

Assigner-Lenovo Group Ltd.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 9.65%

||

7 Day CHG~0.00%

Published-23 Jan, 2023 | 15:31

Updated-02 Apr, 2025 | 14:37

A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.

CWE ID-CWE-122

Heap-based Buffer Overflow

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2022-40137

Matching Score-4

Assigner-Lenovo Group Ltd.

Matching Score-4

Assigner-Lenovo Group Ltd.

CVSS Score-6.7||MEDIUM

EPSS-0.05% / 13.30%

||

7 Day CHG~0.00%

Published-30 Jan, 2023 | 21:26

Updated-27 Mar, 2025 | 15:20

A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2024-23375

Matching Score-4

Assigner-Qualcomm, Inc.

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 6.59%

||

7 Day CHG~0.00%

Published-07 Oct, 2024 | 12:58

Updated-16 Oct, 2024 | 20:26

Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in RIL

Memory corruption during the network scan request.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2022-33226

Matching Score-4

Assigner-Qualcomm, Inc.

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 8.81%

||

7 Day CHG~0.00%

Published-06 Jun, 2023 | 07:38

Updated-03 Aug, 2024 | 08:01

Buffer copy without checking the size of input in Core

Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications.

Product-wcn3991_firmware qam8255p_firmware wcn3991 wcd9380_firmware wsa8830 wcn785x-5 sm8350-ac_firmware sm8150-ac wsa8835 wcd9380 qca6420_firmware qca6595au_firmware snapdragon_wear_4100\+_platform_firmware sm8350 snapdragon_wear_4100\+_platform wcn685x-5_firmware wcn685x-1 qca6430_firmware sm8450 wcn3980 wcn3998 wcd9385_firmware sd855 wcn3660b wsa8815 wcn3660b_firmware qca6574au_firmware wcn3680b_firmware qca6595au wcn3998_firmware wcn785x-5_firmware wcn3980_firmware wcn3610_firmware qca6420 aqt1000_firmware qca6698aq sm8350_firmware wcn685x-5 qca6797aq_firmware qca6430 wcn785x-1_firmware qca6574au wsa8810_firmware wcd9341_firmware sm8450_firmware wsa8810 sa8255p_firmware sm8150-ac_firmware qca6698aq_firmware wcn3680b sm8350-ac wcn685x-1_firmware wcd9385 sm8150_firmware sa8255p wcd9341 qca6797aq aqt1000 wsa8830_firmware sd855_firmware sm8150 wcn785x-1 wsa8815_firmware wsa8835_firmware qam8255p wcn3610 Snapdragon

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2022-33230

Matching Score-4

Assigner-Qualcomm, Inc.

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 8.23%

||

7 Day CHG~0.00%

Published-06 Jun, 2023 | 07:38

Updated-03 Aug, 2024 | 08:01

Buffer copy without checking the size of input in FM Host

Memory corruption in FM Host due to buffer copy without checking the size of input in FM Host

Product-wcn3991_firmware sm6375 wcn3991 wsa8830 sa6150p_firmware sa8145p_firmware sw5100p qca6554a snapdragon_w5\+_gen_1_wearable_platform qca6595 qca6564au wsa8835 qca6574 sa8150p_firmware qca6420_firmware qca6595au_firmware snapdragon_wear_4100\+_platform_firmware wcd9370 qca6574a snapdragon_wear_4100\+_platform qca6584au_firmware qca6430_firmware wcn3980 sm4375 wcn3998 qca6554a_firmware wcd9385_firmware qca6574_firmware sm6375_firmware wcn3660b sd855 wsa8815 wcn3660b_firmware qca6574a_firmware qca6574au_firmware wcn3680b_firmware qca6595au wcn3998_firmware wcd9375_firmware wcn3980_firmware wcn3610_firmware qca6420 sm4350-ac snapdragon_w5\+_gen_1_wearable_platform_firmware aqt1000_firmware qca6564au_firmware qca6584au sa6155p_firmware wcn3988_firmware qca6430 qca6574au sa6145p_firmware sa8155p_firmware sa8195p wsa8810_firmware wcd9341_firmware sm4375_firmware sw5100 wsa8810 sa6155p sw5100p_firmware sa6145p wcn3680b wcd9385 sm8150_firmware wcd9341 qca6696_firmware qca6595_firmware sa8145p qca6696 sm4350 wcd9375 sm4350_firmware aqt1000 sa8150p wcd9370_firmware sm4350-ac_firmware sa6150p sa8155p wsa8830_firmware sd855_firmware sm8150 wcn3988 wsa8815_firmware wsa8835_firmware sa8195p_firmware sw5100_firmware wcn3610 Snapdragon aqt1000_firmware qca6564au_firmware sa6155p_firmware sa6150p_firmware sa8145p_firmware wcn3988_firmware sa6145p_firmware sa8155p_firmware wsa8810_firmware sa8150p_firmware wcd9341_firmware qca6420_firmware qca6595au_firmware sw5100p_firmware snapdragon_4_gen_1_mobile_platform_firmware snapdragon_480_5g_mobile_platform_firmware qca6584au_firmware qca6696_firmware qca6430_firmware qca6595_firmware qca6554a_firmware wcd9385_firmware snapdragon_855_mobile_platform_firmware qca6574_firmware wcd9370_firmware wsa8830_firmware sd855_firmware wsa8815_firmware wcn3660b_firmware wsa8835_firmware qca6574a_firmware fastconnect_6200_firmware qca6574au_firmware sa8195p_firmware snapdragon_695_5g_mobile_platform_firmware wcn3680b_firmware sw5100_firmware wcd9375_firmware wcn3980_firmware wcn3610_firmware

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2022-33224

Matching Score-4

Assigner-Qualcomm, Inc.

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 8.81%

||

7 Day CHG~0.00%

Published-06 Jun, 2023 | 07:38

Updated-03 Aug, 2024 | 08:01

Buffer copy without checking the size of input in Core

Memory corruption in core due to buffer copy without check9ing the size of input while processing ioctl queries.

Product-wcn3991_firmware qam8255p_firmware wcn3991 wsa8830 wcd9380_firmware sa6150p_firmware sa8145p_firmware sw5100p snapdragon_w5\+_gen_1_wearable_platform wcn785x-5 sm8350-ac_firmware sm8150-ac wsa8835 wcd9380 sa8150p_firmware qca6420_firmware qca6595au_firmware snapdragon_wear_4100\+_platform_firmware sm8350 snapdragon_wear_4100\+_platform wcn685x-5_firmware wcn685x-1 sm8450 qca6430_firmware wcn3980 wcn3998 wcd9385_firmware wcn3660b sd855 wsa8815 wcn3660b_firmware qca6574au_firmware wcn3680b_firmware qca6595au wcn3998_firmware wcn785x-5_firmware wcn3980_firmware wcn3610_firmware qca6420 snapdragon_w5\+_gen_1_wearable_platform_firmware aqt1000_firmware sa6155p_firmware qcs8155 qca6698aq sm8350_firmware wcn685x-5 wcn3988_firmware qca6430 qca6797aq_firmware wcn785x-1_firmware sa6145p_firmware qca6574au sa8155p_firmware sa8195p wsa8810_firmware wcd9341_firmware sm8450_firmware sw5100 wsa8810 sa8255p_firmware sa6155p sw5100p_firmware sm8150-ac_firmware qca6698aq_firmware sa6145p wcn3680b sm8350-ac wcn685x-1_firmware wcd9385 sm8150_firmware sa8255p wcd9341 qca6696_firmware sa8145p qca6696 qca6797aq aqt1000 sa8150p sa6150p sa8155p wsa8830_firmware sd855_firmware sm8150 wcn785x-1 wcn3988 wsa8815_firmware wsa8835_firmware sa8195p_firmware qcs8155_firmware sw5100_firmware qam8255p wcn3610 Snapdragon

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-6238

Matching Score-4

Assigner-Red Hat, Inc.

Matching Score-4

Assigner-Red Hat, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.01% / 1.94%

||

7 Day CHG~0.00%

Published-21 Nov, 2023 | 20:21

Updated-17 Oct, 2024 | 18:01

Kernel: nvme: memory corruption via unprivileged user passthrough

A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory Access (DMA) into the same buffer, overwriting unrelated kernel memory, causing random kernel crashes and memory corruption.

Vendor-n/a Fedora Project Linux Kernel Organization, Inc Red Hat, Inc.

Product-fedora linux_kernel Red Hat Enterprise Linux 9 kernel Red Hat Enterprise Linux 6 Red Hat Enterprise Linux 8 Red Hat Enterprise Linux 7 Fedora

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-5075

Matching Score-4

Assigner-Lenovo Group Ltd.

Matching Score-4

Assigner-Lenovo Group Ltd.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 9.81%

||

7 Day CHG~0.00%

Published-08 Nov, 2023 | 22:01

Updated-03 Sep, 2024 | 20:09

A buffer overflow was reported in the FmpSipoCapsuleDriver driver in the IdeaPad Duet 3-10IGL5 that may allow a local attacker with elevated privileges to execute arbitrary code.

Product-ideapad_duet_3_10igl5_firmware ideapad_duet_3_10igl5 IdeaPad Duet 3-10IGL5 ideapad_duet_3_10igl5

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2021-30324

Matching Score-4

Assigner-Qualcomm, Inc.

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.05% / 13.72%

||

7 Day CHG~0.00%

Published-11 Feb, 2022 | 10:40

Updated-03 Aug, 2024 | 22:32

Possible out of bound write due to lack of boundary check for the maximum size of buffer when sending a DCI packet to remote process in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Product-sa6150p_firmware qcs610 ipq4028_firmware qcn5550 qca8337 ar9380 ipq8173_firmware qcn5124 qca4024_firmware wcn3950_firmware ipq8078a ipq5028_firmware sa8150p_firmware qca6595au_firmware sa6155 qcn5064 csra6620_firmware qcs605_firmware csra6640_firmware wcn3998 wcn3950 ipq8076a qcn6024_firmware wcn3660b sd460_firmware qca6428 qca6574au_firmware qcn5164_firmware ipq8071 wcd9375_firmware qca8081_firmware sa6155_firmware wcn3998_firmware qca6438_firmware ipq8070_firmware ipq8065 ipq8078a_firmware wcn3999 qrb5165_firmware ipq5028 qca7500 ipq4029_firmware ipq8072_firmware qrb5165m_firmware sa8155_firmware ipq6010 sd662_firmware ipq8068 qcs405 wcd9340 qcn6132 qualcomm215_firmware sd765g qca6436 wcn6851 sa6155p qcs603_firmware qca9888_firmware qcn6122 ipq8068_firmware wcd9341 qca6696_firmware sd750g sd870_firmware qcn5154_firmware sa8150p wsa8830_firmware qca9992_firmware sd865_5g_firmware wcn3988 qca6438 sa8195p_firmware qca9898 qcn5022_firmware ipq4028 wcn3610 qca6428_firmware ipq5018_firmware qca9985_firmware wcn3991 ipq4018_firmware qca8337_firmware sda429w_firmware wcd9380_firmware ipq8072a qca7500_firmware qca9980_firmware ipq8076a_firmware ipq8078 qca6564au sdx55m_firmware ipq8173 qcn5164 qca6574 csr8811_firmware wcd9380 qcn5054_firmware qualcomm215 qcs410 ipq4019_firmware qcn5024 sd690_5g_firmware qca8072_firmware qca9985 qcn9012_firmware qcn5052_firmware wcd9335_firmware wcn3980 ipq6018_firmware qcs605 wcd9340_firmware wsa8815 wcn6850 pmp8074_firmware qca6426_firmware wcn3660b_firmware qca9984 ipq6028 ipq8064 qcn9024 pmp8074 wcn3980_firmware qcn5550_firmware sdx55m ipq8064_firmware qcn5064_firmware ar8031_firmware ipq8078_firmware qcn5054 qrb5165 wcn6851_firmware qcs603 ipq8070 qca9994 qca9980 qca6564a_firmware ipq8174_firmware qcn9024_firmware qca9880 sd870 sd210_firmware qcs610_firmware ipq6018 sa6145p qca9886_firmware apq8096au ar8031 qcs405_firmware sa8145p qca6391_firmware qca4024 wcd9370_firmware sdx55 qcn5021_firmware sa8155p csra6640 ar8035_firmware qcn5024_firmware wcn3991_firmware mdm9150_firmware wsa8830 qcn9070 sa8145p_firmware csra6620 qcn9072 qca9880_firmware qca9992 sd765g_firmware qca6390_firmware ipq6000 sd690_5g wcd9370 ipq8072 qcn5152_firmware qca6564 qca6426 wcn3990_firmware qrb5165n_firmware qcn9000_firmware qca9984_firmware ipq5018 wcd9385_firmware sdxr2_5g_firmware ipq8074a sd662 qcn5124_firmware sa8155 qcn5122_firmware sdx55_firmware qca6595au qcn6023_firmware wcn3999_firmware sm7250p_firmware wcn3610_firmware qca6436_firmware qrb5165n ipq5010 qca6564au_firmware sa6155p_firmware sm6225 ipq8174 qca9990 sdxr2_5g qcn5052 wcn3988_firmware qcn9074 sa6145p_firmware sd205 sa8195p wsa8810_firmware sd765_firmware wcd9335 qca8081 ipq8071a qcn6023 ipq8071a_firmware wcd9385 ar8035 csr8811 qca6390 qca9898_firmware ipq4019 sd750g_firmware wcd9375 qcn9100_firmware sda429w sd210 wcn3620_firmware ipq5010_firmware ipq8074a_firmware wcn6850_firmware wsa8815_firmware wcn3620 wsa8835_firmware qca6564a qca8072 wcn3990 qcn9000 sd865_5g ar9380_firmware qcn9012 qcn6122_firmware ipq8065_firmware wsa8835 sd665_firmware qcn5154 qca8075_firmware ipq4018 qca6574a qca9889 qcn6132_firmware ipq8074 qca9888 qca9994_firmware ipq8070a_firmware ipq8076_firmware qca6574_firmware qca9886 sd665 ipq8076 sd765 qca6574a_firmware qcn5021 qcn5152 sd768g_firmware qrb5165m sd460 qca6391 qcn9100 qcn9070_firmware ipq6028_firmware ipq8072a_firmware sm6225_firmware ipq8074_firmware qca6574au qca9889_firmware sa8155p_firmware qcn5122 sd205_firmware wcd9341_firmware wsa8810 mdm9150 qcn5022 qca6564_firmware ipq6010_firmware sd768g qca6696 sa6150p qca8075 qcn9022_firmware apq8096au_firmware qcn6024 qcn9022 qca9990_firmware ipq8070a qcn9072_firmware sm7250p ipq6000_firmware ipq8071_firmware qcn9074_firmware qcs410_firmware ipq4029 Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2021-28972

Matching Score-4

Assigner-MITRE Corporation

Product-linux_kernel fas\/aff_baseboard_management_controller cloud_backup fedora solidfire_baseboard_management_controller_firmware n/a

Matching Score-4

Assigner-MITRE Corporation

CVSS Score-6.7||MEDIUM

EPSS-0.05% / 16.67%

||

7 Day CHG~0.00%

Published-22 Mar, 2021 | 16:53

Updated-03 Aug, 2024 | 21:55

In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination, aka CID-cc7a0bb058b8.

Vendor-n/a NetApp, Inc.Fedora Project Linux Kernel Organization, Inc

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2021-25467

Matching Score-4

Assigner-Samsung Mobile

Matching Score-4

Assigner-Samsung Mobile

CVSS Score-5.3||MEDIUM

EPSS-0.02% / 2.69%

||

7 Day CHG~0.00%

Published-06 Oct, 2021 | 17:07

Updated-03 Aug, 2024 | 20:03

Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library.

Vendor-Google LLC Samsung Samsung Electronics

Product-android exynos_9830 exynos_980 exynos_2100 Samsung Mobile Devices

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2020-12374

Matching Score-4

Assigner-Intel Corporation

Matching Score-4

Assigner-Intel Corporation

CVSS Score-6.7||MEDIUM

EPSS-0.08% / 24.22%

||

7 Day CHG~0.00%

Published-19 Feb, 2021 | 15:17

Updated-04 Aug, 2024 | 11:56

Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow a privileged user to potentially enable escalation of privilege via local access.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2020-12465

Matching Score-4

Assigner-MITRE Corporation

Product-linux_kernel cloud_backup solidfire_\&_hci_management_node active_iq_unified_manager hci_baseboard_management_controller hci_compute_node solidfire_baseboard_management_controller aff_baseboard_management_controller steelstore_cloud_integrated_storage n/a

Matching Score-4

Assigner-MITRE Corporation

CVSS Score-6.7||MEDIUM

EPSS-0.17% / 38.60%

||

7 Day CHG~0.00%

Published-29 Apr, 2020 | 18:52

Updated-04 Aug, 2024 | 11:56

An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.

Vendor-n/a NetApp, Inc.Linux Kernel Organization, Inc

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2021-22301

Matching Score-4

Assigner-Huawei Technologies

Matching Score-4

Assigner-Huawei Technologies

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 7.67%

||

7 Day CHG~0.00%

Published-05 Feb, 2021 | 23:56

Updated-03 Aug, 2024 | 18:37

Mate 30 10.0.0.203(C00E201R7P2) have a buffer overflow vulnerability. After obtaining the root permission, an attacker can exploit the vulnerability to cause buffer overflow.

Vendor-n/a Huawei Technologies Co., Ltd.

Product-mate_30 mate_30_firmware HUAWEI Mate 30

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-32860

Matching Score-4

Assigner-MediaTek, Inc.

Matching Score-4

Assigner-MediaTek, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 10.40%

||

7 Day CHG~0.00%

Published-04 Dec, 2023 | 03:46

Updated-02 Aug, 2024 | 15:32

In display, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929788; Issue ID: ALPS07929788.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2020-11183

Matching Score-4

Assigner-Qualcomm, Inc.

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 10.16%

||

7 Day CHG~0.00%

Published-21 Jan, 2021 | 09:41

Updated-04 Aug, 2024 | 11:28

A process can potentially cause a buffer overflow in the display service allowing privilege escalation by executing code as that service in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Product-qfe3100 pm8909 qfe2550 qfe4465fc sdr051 pm660 pmi8996 qbt1500 pmi632 qln1030 mdm9650 qpa5373 pmk8001 pmm855au mdm9250 qtc800h msm8917 wtr3905 qca9377 qpa5460 wtr2955 wcn3660b qln1021aq qfe4320 smb1380 qfe4308 apq8037 qca6595au wcn3615 msm8909w qtc800t pm8940 sdx20m qca6310 pm8937 qfe2081fc pm8996 qca9367 sd821 sdm630 qcc1110 qfe2101 smb1360 qat3522 qfe4455fc wcd9340 pm8953 smb231 qfe3440fc qat3514 sdr660 wcd9326 wcd9335 qet4200aq msm8937 smb1358 wcd9341 pm439 pmi8952 mdm9655 smb1350 wtr3950 qtc800s sd660 sd820 sd712 wtr3925 pmi8937 pm8998 qfe2080fc sdr052 sdw3100 wcn3620 apq8017 qca6564a sd450 qet4100 wcn3990 smb1355 wcd9330 wgr7640 sd636 qet5100 qca6595 qca6564au msm8996au pmi8940 pmm8996au rgr7640au qualcomm215 qln1035bd qpa4360 pm855a qca6574a mdm9206 qca6174a pm660l wtr4905 ar8151 wtr5975 wcn3980 qsw8573 wsa8815 qbt1000 qfe4305 qca6320 wcn3680 pmx20 pmd9607 qfe4309 sd835 apq8009 smb1351 qfe4373fc qfe2082fc msm8920 msm8953 pmi8998 pm660a qpa4340 sdx50m sdx20 pm8916 qln1036aq qtc801s rsw8577 pmd9655 qfe4302 qca6574au sd710 apq8009w qfe4303 wsa8810 qat3550 pm8005 wcn3680b pm215 apq8096au wtr2965 qfe4301 pm8004 sdw2500 msm8940 apq8053 sd439 qet4101 pmi8994 sdm830 smb1357 qca9379 qln1031 Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-43571

Matching Score-4

Assigner-Lenovo Group Ltd.

Matching Score-4

Assigner-Lenovo Group Ltd.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 9.81%

||

7 Day CHG~0.00%

Published-08 Nov, 2023 | 22:18

Updated-04 Sep, 2024 | 19:13

A buffer overflow was reported in the BiosExtensionLoader module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-43567

Matching Score-4

Assigner-Lenovo Group Ltd.

Matching Score-4

Assigner-Lenovo Group Ltd.

CVSS Score-6.7||MEDIUM

EPSS-0.07% / 20.84%

||

7 Day CHG~0.00%

Published-08 Nov, 2023 | 22:04

Updated-12 Sep, 2024 | 13:27

A buffer overflow was reported in the LemSecureBootForceKey module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-43580

Matching Score-4

Assigner-Lenovo Group Ltd.

Matching Score-4

Assigner-Lenovo Group Ltd.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 9.81%

||

7 Day CHG~0.00%

Published-08 Nov, 2023 | 22:24

Updated-04 Sep, 2024 | 18:54

A buffer overflow was reported in the SmuV11DxeVMR module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2021-1931

Matching Score-4

Assigner-Qualcomm, Inc.

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.02% / 4.12%

||

7 Day CHG~0.00%

Published-13 Jul, 2021 | 05:30

Updated-03 Aug, 2024 | 16:25

Possible buffer overflow due to improper validation of buffer length while processing fast boot commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Product-fsm10055 qca9377_firmware wcn3991_firmware wsa8830 sd678 sa6150p_firmware sm6250p_firmware sa8145p_firmware qcs610 qcs2290_firmware fsm10056 qca8337 qca6431_firmware csrb31024 sd_636 csra6620 fsm10055_firmware qcs4290 wcn3950_firmware sa8150p_firmware sd765g_firmware qca6420_firmware qca6595au_firmware qcs2290 qca6390_firmware sa6155 qca6335 sd690_5g sd730_firmware wcd9370 csra6620_firmware qcs605_firmware sd_675_firmware sd675_firmware csra6640_firmware qca6564 qcs6125_firmware qca6426 qca6584au_firmware wcn3990_firmware qca9377 sa415m wcn3998 sd_8cx_firmware wcd9371_firmware sdxr2_5g_firmware wcd9385_firmware sm4125 sd720g wcd9326_firmware wcn3950 sd662 sd710_firmware sd460_firmware sa8155 qca6320_firmware sm7315_firmware qca6574au_firmware sdx55_firmware qca6595au sa6155_firmware wcd9375_firmware wcn3998_firmware sm7250p_firmware wcn3999_firmware qca6420 qca6436_firmware qca6564au_firmware qca6584au sa6155p_firmware qca6310 sd778g wcn3999 sdxr2_5g qcs6125 sa8155_firmware sd662_firmware sdm630 sa415m_firmware qcs405 qca6430 wcn3988_firmware sa6145p_firmware qca6421 sd778g_firmware sm6250 wcd9340 sa8195p sdm830_firmware wsa8810_firmware sd765g sd765_firmware fsm10056_firmware qca6436 wcd9326 wcd9335 sa6155p wcn6851 qcs603_firmware qca6174a_firmware qcs4290_firmware wcd9385 wcd9341 qca6431 qca6696_firmware wcd9371 sd750g sd870_firmware ar8035 qca6390 sd_8cx aqt1000 sa8150p sd750g_firmware sm6250_firmware wcd9375 wcn3910_firmware wsa8830_firmware sd855_firmware sd660 sd865_5g_firmware wcn3988 sd888_5g_firmware wcn6850_firmware sd660_firmware wsa8815_firmware wsa8835_firmware sa8195p_firmware qca6564a wcn6750_firmware qcm6125_firmware qcm2290_firmware wcn3991 qca8337_firmware wcd9380_firmware wcn3990 sd_675 sd780g sd865_5g qca6564au sdx24 sdx55m_firmware wcn6856_firmware sd888 sd670_firmware qca6574 wsa8835 sd665_firmware wcd9380 sd888_5g sm6250p qcs410 qca6574a sd690_5g_firmware sdx50m_firmware qca6174a sm7325p sdx24_firmware qca6310_firmware qca6430_firmware wcd9335_firmware wcn3980 wcn6750 qca6335_firmware qca6574_firmware qcs605 wcd9340_firmware sd855 sm4125_firmware sm7325p_firmware sd665 wcn3910 qca6320 wcn6850 wsa8815 sd_8c_firmware sd765 qca6426_firmware qca6574a_firmware sd768g_firmware sd835 wcn3980_firmware sm7315 sd460 qca6391 sd730 sdx55m sdxr1_firmware qca6421_firmware aqt1000_firmware wcn6740_firmware sd678_firmware ar8031_firmware csrb31024_firmware qcm4290 sdx50m sd480_firmware qcs603 wcn6851_firmware qca6574au sa8155p_firmware sd710 sd_636_firmware sd670 qca6564a_firmware wcd9341_firmware qcm6125 qcm4290_firmware sd480 sd870 wsa8810 qcs610_firmware wcn6856 sd_8c sa6145p sd835_firmware qca6564_firmware sdxr1 sd768g ar8031 qcs405_firmware sa8145p wcn6740 qca6696 sdm630_firmware qca6391_firmware sd845_firmware sd780g_firmware wcd9370_firmware sa6150p sd888_firmware sdx55 sa8155p csra6640 sd675 sd845 sm7250p sdm830 sd720g_firmware qcs410_firmware ar8035_firmware qcm2290 Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-43578

Matching Score-4

Assigner-Lenovo Group Ltd.

Matching Score-4

Assigner-Lenovo Group Ltd.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 9.81%

||

7 Day CHG~0.00%

Published-08 Nov, 2023 | 22:21

Updated-04 Sep, 2024 | 19:08

A buffer overflow was reported in the SmiFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-43525

Matching Score-4

Assigner-Qualcomm, Inc.

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 6.97%

||

7 Day CHG~0.00%

Published-06 May, 2024 | 14:32

Updated-15 Jan, 2025 | 16:52

Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio

Memory corruption while copying the sound model data from user to kernel buffer during sound model register.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-43581

Matching Score-4

Assigner-Lenovo Group Ltd.

Matching Score-4

Assigner-Lenovo Group Ltd.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 9.81%

||

7 Day CHG~0.00%

Published-08 Nov, 2023 | 22:25

Updated-04 Sep, 2024 | 18:02

A buffer overflow was reported in the Update_WMI module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2021-1961

Matching Score-4

Assigner-Qualcomm, Inc.

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-1.15% / 77.59%

||

7 Day CHG~0.00%

Published-09 Sep, 2021 | 07:36

Updated-03 Aug, 2024 | 16:25

Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Product-fsm10055 qca9377_firmware mdm9150_firmware wcn3991_firmware sm7250 mdm9640_firmware sa6150p_firmware sa8145p_firmware qcs610 wsa8830 fsm10056 qca8337 sm7250_firmware qca6431_firmware mdm9650 csra6620 fsm10055_firmware wcn3950_firmware sa8150p_firmware sd765g_firmware qca6420_firmware qca6595au_firmware qca6390_firmware apq8009_firmware sa6155 sd690_5g wcd9370 csra6620_firmware qcs605_firmware csra6640_firmware qcs6125_firmware qca6426 qca6584au_firmware wcn3990_firmware qca9377 wcn3998 sd_8cx_firmware wcd9385_firmware sdxr2_5g_firmware wcn3950 wcd9326_firmware wcn3615_firmware mdm9206_firmware wcn3660b sd662 sd460_firmware sa8155 qca6574au_firmware sdx55_firmware wcn3680b_firmware qca6595au sa6155_firmware sdx12_firmware wcd9375_firmware wcn3615 wcn3998_firmware wcn3610_firmware qca6420 qca6436_firmware apq8053_firmware qca6564au_firmware qca6584au sa6155p_firmware qca9367_firmware sd778g wcn3999 qrb5165_firmware sdxr2_5g qca9367 qcs6125 sa8155_firmware sd662_firmware qcs405 qca6430 wcn3988_firmware sa6145p_firmware sd205 qca6421 sd778g_firmware wcd9340 sa8195p wsa8810_firmware qualcomm215_firmware sd765g sd765_firmware fsm10056_firmware qca6436 wcd9326 wcd9335 sa6155p wcn6851 qca6174a_firmware wcd9385 wcd9341 qca6431 qca6696_firmware sd750g sd870_firmware ar8035 qca6390 sd_8cx aqt1000 sa8150p sd750g_firmware wcd9375 msm8953_firmware wsa8830_firmware sda429w sd210 sd855_firmware sd865_5g_firmware wcn3620_firmware wcn3988 sd888_5g_firmware wcn6850_firmware wcn3620 wsa8815_firmware wsa8835_firmware sa8195p_firmware qca6564a wcn6750_firmware wcn3610 qcm6125_firmware mdm9640 wcn3991 qca8337_firmware sda429w_firmware wcd9380_firmware wcn3990 wcd9330 msm8996au_firmware sd780g sd865_5g qca6595 qca6564au sdx55m_firmware wcn6856_firmware wsa8835 qca6574 msm8996au sd665_firmware wcd9380 sd888_5g wcn3999_firmware qualcomm215 qcs410 qca6574a sd690_5g_firmware mdm9206 wcn6855_firmware qca6174a sm7325 qca6430_firmware wcd9335_firmware wcn3980 wcn6750 qca6574_firmware qcs605 wcd9340_firmware sd855 wsa8815 wcn6850 sd665 mdm9650_firmware sd_8c_firmware sd765 qca6426_firmware wcn3660b_firmware wcn3680 qca6574a_firmware sd768g_firmware wcn3980_firmware apq8009 qca6391 sd460 sdx55m wcd9330_firmware qca6421_firmware aqt1000_firmware wcn6740_firmware msm8953 ar8031_firmware wcn3680_firmware qrb5165 sd480_firmware wcn6851_firmware qca6574au sa8155p_firmware sd205_firmware qca6564a_firmware wcd9341_firmware qcm6125 sd480 sd870 wsa8810 wcn6855 sd210_firmware qcs610_firmware mdm9150 wcn6856 qsm8250 sd_8c sa6145p wcn3680b sd768g apq8096au ar8031 qca6595_firmware qcs405_firmware sa8145p wcn6740 qca6696 qca6391_firmware sd780g_firmware wcd9370_firmware sa6150p sdx55 apq8053 apq8096au_firmware csra6640 sa8155p sdx12 qcs410_firmware ar8035_firmware qsm8250_firmware sm7325_firmware Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-43576

Matching Score-4

Assigner-Lenovo Group Ltd.

Matching Score-4

Assigner-Lenovo Group Ltd.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 9.81%

||

7 Day CHG~0.00%

Published-08 Nov, 2023 | 22:37

Updated-02 Aug, 2024 | 19:44

A buffer overflow was reported in the WMISwSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-43569

Matching Score-4

Assigner-Lenovo Group Ltd.

Matching Score-4

Assigner-Lenovo Group Ltd.

CVSS Score-6.7||MEDIUM

EPSS-0.07% / 20.84%

||

7 Day CHG~0.00%

Published-08 Nov, 2023 | 22:06

Updated-12 Sep, 2024 | 13:19

A buffer overflow was reported in the OemSmi module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2021-1962

Matching Score-4

Assigner-Qualcomm, Inc.

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.06% / 18.55%

||

7 Day CHG~0.00%

Published-09 Sep, 2021 | 07:36

Updated-03 Aug, 2024 | 16:25

Buffer Overflow while processing IOCTL for getting peripheral endpoint information there is no proper validation for input maximum endpoint pair and its size in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Product-fsm10055 wcn3991_firmware mdm9150_firmware sd678 qca9561 sa6150p_firmware sa8145p_firmware qcs610 fsm10056 ar9380 qca9563_firmware qca9561_firmware fsm10055_firmware qca9880_firmware qca9992 wcn3950_firmware sa8150p_firmware qca6420_firmware qca6595au_firmware ipq8069_firmware sa6155 sd730_firmware wcd9370 qcs605_firmware sd_675_firmware sd675_firmware qca6584au_firmware wcn3990_firmware qca9984_firmware wcn3998 wcn3950 wcd9326_firmware sd720g wcn3615_firmware qca9563 wcn3660b qca9982 sa8155 qca6574au_firmware sdx55_firmware qca6595au sa6155_firmware wcd9375_firmware wcn3615 wcn3998_firmware wcn3610_firmware qca6420 qca6584au sa6155p_firmware ipq8065 qca9990 sa8155_firmware ipq8068 wcn3988_firmware qca6430 sa6145p_firmware sd205 sm6250 wcd9340 sa8195p wsa8810_firmware qualcomm215_firmware fsm10056_firmware wcd9326 wcd9335 sa6155p qca9982_firmware qca9888_firmware wcd9341 ipq8068_firmware qca6696_firmware qca9898_firmware wcd9375 aqt1000 sa8150p sm6250_firmware sda429w sd210 qca9992_firmware sd855_firmware wcn3620_firmware wcn3988 wsa8815_firmware wcn3620 sa8195p_firmware qca9898 wcn3610 qca9882 wcn3991 sda429w_firmware wcd9380_firmware wcn3990 sd_675 qca9980_firmware qca6595 ar9380_firmware sdx55m_firmware qca9558 qca9558_firmware qca9896_firmware ipq8065_firmware qca6574 sd665_firmware wcd9380 qualcomm215 qcs410 qca6574a sdx50m_firmware qca9889 qca9888 qca6430_firmware qca9994_firmware wcd9335_firmware wcn3980 qca6574_firmware qca9886 qcs605 sd855 wcd9340_firmware wsa8815 sd665 qca9887 wcn3660b_firmware wcn3680 qca6574a_firmware qca9984 ipq8064 ipq8069 wcn3980_firmware sd730 qca6391 sdx55m ipq8064_firmware aqt1000_firmware sd678_firmware wcn3680_firmware sdx50m qca9882_firmware qca9994 qca9887_firmware qca9531 qca6574au qca9889_firmware sa8155p_firmware qca9980 sd205_firmware qca9880 wcd9341_firmware wsa8810 sd210_firmware qcs610_firmware mdm9150 sa6145p qca9886_firmware qca6595_firmware sa8145p qca6696 qca6391_firmware wcd9370_firmware sa6150p sdx55 sa8155p sd675 qca9990_firmware qca9531_firmware sd720g_firmware qcs410_firmware qca9896 Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-43524

Matching Score-4

Assigner-Qualcomm, Inc.

Matching Score-4

Assigner-Qualcomm, Inc.

CVSS Score-6.7||MEDIUM

EPSS-0.03% / 6.97%

||

7 Day CHG~0.00%

Published-06 May, 2024 | 14:32

Updated-15 Jan, 2025 | 16:51

Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio

Memory corruption when the bandpass filter order received from AHAL is not within the expected range.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-43577

Matching Score-4

Assigner-Lenovo Group Ltd.

Matching Score-4

Assigner-Lenovo Group Ltd.

CVSS Score-6.7||MEDIUM

EPSS-0.04% / 9.81%

||

7 Day CHG~0.00%

Published-08 Nov, 2023 | 22:38

Updated-02 Aug, 2024 | 19:44

A buffer overflow was reported in the ReFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

CWE ID-CWE-120

Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

CVE-2023-43526

Matching Score-4

Assigner-Qualcomm, Inc.