Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-10397

Summary
Assigner-fedora
Assigner Org ID-92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5
Published At-14 Nov, 2024 | 19:33
Updated At-23 Dec, 2025 | 14:57
Rejected At-
Credits

Preallocated buffer overflows in XDR responses

A malicious server can crash the OpenAFS cache manager and other client utilities, and possibly execute arbitrary code.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:fedora
Assigner Org ID:92fb86c3-55a5-4fb5-9c3f-4757b9e96dc5
Published At:14 Nov, 2024 | 19:33
Updated At:23 Dec, 2025 | 14:57
Rejected At:
▼CVE Numbering Authority (CNA)
Preallocated buffer overflows in XDR responses

A malicious server can crash the OpenAFS cache manager and other client utilities, and possibly execute arbitrary code.

Affected Products
Vendor
The OpenAFS Foundation
Product
OpenAFS
Collection URL
https://github.com/openafs/openafs/
Package Name
openafs
Default Status
unaffected
Versions
Affected
  • From 1.0 before 1.6.24 (semver)
  • From 1.8.0 before 1.8.12.2 (semver)
  • From 1.9.0 before 1.9.1 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-787CWE-787 Out-of-bounds Write
Type: CWE
CWE ID: CWE-787
Description: CWE-787 Out-of-bounds Write
Metrics
VersionBase scoreBase severityVector
4.07.7HIGH
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 7.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.openafs.org/pages/security/OPENAFS-SA-2024-003.txt
N/A
Hyperlink: https://www.openafs.org/pages/security/OPENAFS-SA-2024-003.txt
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://lists.debian.org/debian-lts-announce/2025/05/msg00019.html
N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/05/msg00019.html
Resource: N/A
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:patrick@puiterwijk.org
Published At:14 Nov, 2024 | 20:15
Updated At:23 Dec, 2025 | 15:15

A malicious server can crash the OpenAFS cache manager and other client utilities, and possibly execute arbitrary code.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.07.7HIGH
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 4.0
Base score: 7.7
Base severity: HIGH
Vector:
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
openafs
openafs
>>openafs>>Versions from 1.0(inclusive) to 1.6.25(exclusive)
cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*
openafs
openafs
>>openafs>>Versions from 1.8.0(inclusive) to 1.8.13(exclusive)
cpe:2.3:a:openafs:openafs:*:*:*:*:*:*:*:*
openafs
openafs
>>openafs>>1.9.0
cpe:2.3:a:openafs:openafs:1.9.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Secondarypatrick@puiterwijk.org
CWE ID: CWE-787
Type: Secondary
Source: patrick@puiterwijk.org
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://www.openafs.org/pages/security/OPENAFS-SA-2024-003.txtpatrick@puiterwijk.org
N/A
https://lists.debian.org/debian-lts-announce/2025/05/msg00019.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://www.openafs.org/pages/security/OPENAFS-SA-2024-003.txt
Source: patrick@puiterwijk.org
Resource: N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2025/05/msg00019.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

1350Records found
CVE-2022-3715
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.26%
||
7 Day CHG~0.00%
Published-05 Jan, 2023 | 00:00
Updated-03 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.

Action-Not Available
Vendor-n/aGNURed Hat, Inc.
Product-bashenterprise_linuxbash
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36841
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 4.14%
||
7 Day CHG~0.00%
Published-09 Sep, 2022 | 14:39
Updated-03 Aug, 2024 | 10:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based overflow vulnerability in PrepareRecogLibrary_Part function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37822
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 14:07
Updated-03 Aug, 2024 | 10:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the function fromSetRouteStatic.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ax1803_firmwareax1803n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36842
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-4.4||MEDIUM
EPSS-0.02% / 4.14%
||
7 Day CHG~0.00%
Published-09 Sep, 2022 | 14:39
Updated-03 Aug, 2024 | 10:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based overflow vulnerability in prepareRecogLibrary function in libSDKRecognitionText.spensdk.samsung.so library prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-37819
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 14:06
Updated-03 Aug, 2024 | 10:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the timezone parameter in the function fromSetSysTime.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-ax1803_firmwareax1803n/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36468
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:53
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36495
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:56
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function addactionlist.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36484
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.50%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:55
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the function setDiagnosisCfg.

Action-Not Available
Vendor-n/aTOTOLINK
Product-n350rt_firmwaren350rtn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36471
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:53
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetMacAccessMode.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36470
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:53
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetAP5GWifiById.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36508
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:58
Updated-17 Jun, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetAPInfoById.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plus_firmwaremagic_nx18_plusn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36466
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.16%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:53
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the ip parameter in the function setDiagnosisCfg.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3700ra3700r_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36478
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:54
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Edit_BasicSSID.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36469
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:53
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetAPWifiorLedInfoById.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36498
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:56
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Asp_SetTimingtimeWifiAndLed.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36464
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.50%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:53
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the sPort parameter in the function setIpPortFilterRules.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3700ra3700r_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36480
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.50%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:54
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg.

Action-Not Available
Vendor-n/aTOTOLINK
Product-n350rt_firmwaren350rtn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36482
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.18% / 39.55%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:54
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the lang parameter in the function setLanguageCfg.

Action-Not Available
Vendor-n/aTOTOLINK
Product-n350rt_firmwaren350rtn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36465
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.50%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:53
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the pppoeUser parameter.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3700ra3700r_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36483
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.50%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:54
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the pppoeUser parameter.

Action-Not Available
Vendor-n/aTOTOLINK
Product-n350rt_firmwaren350rtn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36463
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 21.50%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:53
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a3700ra3700r_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36504
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:58
Updated-17 Jun, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Edit_BasicSSID.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plus_firmwaremagic_nx18_plusn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36501
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:56
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateSnat.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-3577
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 7.76%
||
7 Day CHG~0.00%
Published-20 Oct, 2022 | 00:00
Updated-08 May, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to crash or potentially escalate their privileges on the system. It is in bigben_probe of drivers/hid/hid-bigbenff.c. The reason is incorrect assumption - bigben devices all have inputs. However, malicious devices can break this assumption, leaking to out-of-bound write.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kernelKernel
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36473
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:54
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Edit_BasicSSID_5G.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36499
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function DEleteusergroup.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36472
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:53
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function SetMobileAPInfoById.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-b5_minib5_mini_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36490
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:55
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EditMacList.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36506
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function SetMacAccessMode.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36497
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:56
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function Edit_BasicSSID_5G.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36502
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.95%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateWanParams.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2018-3914
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-7.5||HIGH
EPSS-0.16% / 36.96%
||
7 Day CHG~0.00%
Published-21 Sep, 2018 | 15:00
Updated-16 Sep, 2024 | 17:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 2000 bytes. An attacker can send an arbitrarily long "sessionToken" value in order to exploit this vulnerability.

Action-Not Available
Vendor-Samsung
Product-sth-eth-250sth-eth-250_firmwareSmartThings Hub STH-ETH-250
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-35217
Matching Score-4
Assigner-TWCERT/CC
ShareView Details
Matching Score-4
Assigner-TWCERT/CC
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.64%
||
7 Day CHG~0.00%
Published-02 Aug, 2022 | 02:55
Updated-16 Sep, 2024 | 20:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NHI card’s web service component - Stack-based Buffer Overflow-1

The NHI card’s web service component has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. A local area network attacker with general user privilege can exploit this vulnerability to execute arbitrary code, manipulate system command or disrupt service.

Action-Not Available
Vendor-nhiNHIMicrosoft Corporation
Product-windowshealth_insurance_web_service_componentcard’s web service component
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-36507
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.66%
||
7 Day CHG~0.00%
Published-25 Aug, 2022 | 13:58
Updated-03 Aug, 2024 | 10:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function AddWlanMacList.

Action-Not Available
Vendor-n/aNew H3C Technologies Co., Ltd.
Product-magic_nx18_plusmagic_nx18_plus_firmwaren/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-35407
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.16% / 36.76%
||
7 Day CHG~0.00%
Published-22 Nov, 2022 | 00:00
Updated-29 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. A stack buffer overflow leads to arbitrary code execution in the SetupUtility driver on Intel platforms. An attacker can change the values of certain UEFI variables. If the size of the second variable exceeds the size of the first, then the buffer will be overwritten. This issue affects the SetupUtility driver of InsydeH2O.

Action-Not Available
Vendor-n/aInsyde Software Corp. (ISC)
Product-kerneln/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33233
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.14%
||
7 Day CHG+0.02%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Configuration weakness in modem

Memory corruption due to configuration weakness in modem wile sending command to write protected files.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055mdm9640_firmwaresm6250p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwaresdx65wcn3950_firmwareqcs2290qca6595au_firmwareqca6335msm8917sd_455_firmwarecsra6620_firmwareqcs605_firmwareapq8076sd_675_firmwarecsra6640_firmwareqcs6125_firmwaresd632msm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950qcn6024_firmwaresd720gsd_8cx_gen2_firmwaremdm9206_firmwareqsw8573_firmwaremdm9628sd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmwaremdm9230_firmwaresm7315_firmwarewcn7850qca6574au_firmwaremdm9630wcd9375_firmwareqca8081_firmwarewcn3998_firmwaresdx12_firmwaremsm8909wapq8009w_firmwareqca6420wcd9360sd680_firmwareqca9367_firmwaremdm8207sd_8cx_gen2qcs6125apq8056_firmwareqca4004_firmwaresd662_firmwareqcs405qca6430qts110wcd9306_firmwarewcd9340sd626_firmwaresd765gqualcomm215_firmwaresw5100sd680qca6436wcn6851qcs603_firmwarewcn7851_firmwaremsm8937apq8052msm8209_firmwaremdm9250_firmwarewcn3660_firmwarewcd9341qca6431qca6696_firmwarewcd9371sd870_firmwaresd750gwcn3910_firmwaremdm9207_firmwareqca4004wsa8830_firmwaremdm9330_firmwaresd855_firmwaresd660sd865_5g_firmwaresnapdragon_4_gen_1sd712wcn3988sd660_firmwarewcn7850_firmwaresm8475msm8208_firmwarewcn6750_firmwaresd450wcn3610msm8608mdm9640wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wsw5100pmsm8996au_firmwarewcd9330sd625_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwareqet4101_firmwaremsm8976_firmwareqca6574sd632_firmwaresd670_firmwarewcd9380qualcomm215mdm9230qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwaresd626qca6174qca6430_firmwaresd439_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqsw8573qcm4325_firmwareqcs605wcd9340_firmwarewsa8815wcn6850sd7cwcn3910msm8956_firmwareqca6584_firmwareqca6320msm8937_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd695sd835qcn9024wcn3980_firmwaresd730wcd9330_firmwaresdx55mqcc5100_firmwareqca6421_firmwarewcn6740_firmwaresd821_firmwaresd678_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd670sd_636_firmwareqcn9024_firmwareqca6564a_firmwareapq8009wmsm8976sg_firmwaresdx57mqcm4290_firmwaresd480sd870wcn6855sw5100p_firmwaresd210_firmwareqcs610_firmwaresd695_firmwaresdxr1apq8096auqcs405_firmwaremdm8207_firmwaresdm630_firmwaremdm9205_firmwareqca6391_firmwaresd820_firmwarewcd9370_firmwaresd780g_firmwaresdx55sd888_firmwaresd675csra6640sdx70msd439qet4101wcn3660qca9379ar8035_firmwareqcm2290wcn3991_firmwaremdm9150_firmwarewsa8830sd678qcs2290_firmwaresd7c_firmwarecsrb31024mdm9628_firmwaresnapdragon_4_gen_1_firmwaremdm9650sd_636csra6620fsm10055_firmwareqcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gqca6174_firmwaresd730_firmwarewcd9370sd675_firmwaresd625qca6426qca6584au_firmwarewcn3990_firmwareapq8076_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662apq8037qca6320_firmwareqca6584wcn3680b_firmwaresdx55_firmwarewcn3615qca6595ausm7250p_firmwarewcn3610_firmwareqca6436_firmwaremdm9207wcd9306qca6584ausd778gqca6564au_firmwaremsm8208qca6310wcn7851sd429sa515m_firmwareqcs6490sdxr2_5gqca9367sdm630mdm9607_firmwaresd821msm8976sgsa415m_firmwarewcn3988_firmwaresd205sd429_firmwareqca6421sd778g_firmwaresm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335sg4150pqca8081qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwaresdx70m_firmwareqca6390wcd9375sd750g_firmwareaqt1000msm8956msm8976sm6250_firmwarear8035msm8952apq8056msm8917_firmwaresda429wsd210wcn3620_firmwaresdx20_firmwarewsa8815_firmwaresd888_5g_firmwaresd820qcm6490wcn6850_firmwarewsa8835_firmwarewcn3620apq8017qcx315qca6564amdm9630_firmwaresg4150p_firmwareqcm6125_firmwareqcm4325qcm2290_firmwarewcn3990sd_675sd780gsd865_5gqcc5100sdx24sd888msm8952_firmwaremsm8909w_firmwareqcx315_firmwarewsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250psc8180xqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750apq8052_firmwaremdm9205sa515mqca6574_firmwaresd855sm7325p_firmwaresd665sdx57m_firmwaresd765qca6574a_firmwaresd768g_firmwaremsm8209sd850_firmwaresm7315apq8009sd460qca6391sdxr1_firmwareaqt1000_firmwaremsm8920sdx65_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresdx50msdx20sd480_firmwaremsm8920_firmwaresd_455sc8180x_firmwareqca6574ausd710mdm9607sd205_firmwarewcd9341_firmwareqcm6125wsa8810mdm9150wcn6856wcn3680bsd835_firmwaresd768gwcn6740qca6696sd845_firmwaremsm8608_firmwaresdw2500msm8940apq8096au_firmwareqcn6024sd845apq8037_firmwaresm7250psd720g_firmwaresdx12sw5100_firmwareqcs410_firmwaremdm9330sd850qts110_firmwareSnapdragon
CWE ID-CWE-16
Not Available
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33267
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.21%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:38
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper restriction of operations within the bounds of memory buffer in Linux

Memory corruption in Linux while sending DRM request.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewcn3991wcd9380_firmwaresa6150p_firmwaresa8145p_firmwareqcs610sdm429wsd865_5gqca6564ausm8150-acsdm429sdm429w_firmwarewcn3950_firmwarewcd9380sa8150p_firmwareqca6420_firmwaresnapdragon_wear_4100\+_platform_firmwareqca6390_firmwareqcs410wcd9370sxr2130qca6574asnapdragon_wear_4100\+_platformwcn685x-5_firmwareqca6564qca6426wcn685x-1qca6430_firmwarewcn3980sm8250-abwcn3998wcn3950wcn3660bsd855wsa8815sdm429_firmwaresnapdragon_xr2_5g_platform_firmwareqca6426_firmwarewcn3660b_firmwaresa8155snapdragon_x55_5g_modem-rf_systemqca6574a_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwarewcn3998_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresm8250-ab_firmwareqca6391wcn3610_firmwareqca6420qca6436_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareaqt1000_firmwareqca6564au_firmwaresa6155p_firmwaresnapdragon_xr2_5g_platformsa8155_firmwarewcn685x-5sm8250_firmwaresm8250-acqca6430qca6574ausa6145p_firmwaresa8155p_firmwaresa8195pwsa8810_firmwarewcd9341_firmwarewsa8810qca6436sa6155pqcs610_firmwaresm8150-ac_firmwareqsm8250sa6145pwcn3680bwcn685x-1_firmwareqca6564_firmwaresm8150_firmwaresxr2130_firmwarewcd9341qca6696_firmwaresa8145pqca6696qca6391_firmwareqca6390wcd9370_firmwareaqt1000sa8150psa6150psdx55snapdragon_x50_5g_modem-rf_systemsa8155psm8250-ac_firmwaresm8250sd855_firmwaresd865_5g_firmwaresm8150wcn3620_firmwarewsa8815_firmwarewcn3620sa8195p_firmwareqcs410_firmwarewcn3610qsm8250_firmwareSnapdragonaqt1000_firmwareqca6564au_firmwaresa6155p_firmwarewcd9380_firmwaresa6150p_firmwaresa8145p_firmwarefastconnect_6900_firmwaresa8155_firmwaresa6145p_firmwaresa8155p_firmwaresdm429w_firmwarewcn3950_firmwarewsa8810_firmwaresa8150p_firmwarewcd9341_firmwareqca6420_firmwareqcs610_firmwareqca6564_firmwaresxr2130_firmwareqca6696_firmwareqca6430_firmwareqca6391_firmwaresnapdragon_855_mobile_platform_firmwarewcd9370_firmwaresd855_firmwaresd865_5g_firmwaresnapdragon_xr2_5g_platform_firmwarewcn3620_firmwareqca6426_firmwarewcn3660b_firmwarewsa8815_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwaresa8195p_firmwaresdx55_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_865_5g_mobile_platform_firmwarewcn3680b_firmwarefastconnect_6800_firmwareqcs410_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3980_firmwarewcn3610_firmwareqca6436_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqsm8250_firmware
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33184
Matching Score-4
Assigner-Brocade Communications Systems, LLC
ShareView Details
Matching Score-4
Assigner-Brocade Communications Systems, LLC
CVSS Score-7.8||HIGH
EPSS-0.06% / 18.48%
||
7 Day CHG-0.06%
Published-25 Oct, 2022 | 00:00
Updated-07 May, 2025 | 14:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in fab_seg.c.h libraries of all Brocade Fabric OS versions before Brocade Fabric OS v9.1.1, v9.0.1e, v8.2.3c, v8.2.0_cbn5, 7.4.2j could allow local authenticated attackers to exploit stack-based buffer overflows and execute arbitrary code as the root user account.

Action-Not Available
Vendor-n/aBroadcom Inc.
Product-fabric_operating_systemBrocade Fabric OS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33300
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.05% / 15.23%
||
7 Day CHG~0.00%
Published-06 Jan, 2023 | 05:02
Updated-09 Apr, 2025 | 14:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Improper input validation in Automotive Android OS

Memory corruption in Automotive Android OS due to improper input validation.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarewsa8830wcd9380_firmwaresa6150p_firmwarewcn3990sa8145p_firmwaresw5100psd865_5gqcc5100sdx55m_firmwarewcn6856_firmwareqcn9012wsa8835wcd9380sa8150p_firmwaresd888_5gqca6595au_firmwareqca6390_firmwarewcn6855_firmwareqca6174aqca6426wcn3990_firmwareqrb5165n_firmwareqcn9012_firmwareqca9377wcd9335_firmwarewcn3980wcd9385_firmwareqam8295psdxr2_5g_firmwaresd_8_gen1_5g_firmwarewsa8815wcn6850qam8295p_firmwareqcn9011_firmwareqca6426_firmwarewcn7850qca6574au_firmwareqca6595ausdx12_firmwareqrb5165mwcn3980_firmwareqca6391sdx55mqca6436_firmwareqrb5165nsa8295pqcc5100_firmwaresa6155p_firmwarewcn7851qrb5165_firmwareqrb5165m_firmwaresdxr2_5gqrb5165wcn6851_firmwareqcn9011wcn3988_firmwareqca6574ausa6145p_firmwaresa8155p_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresw5100wsa8810sd870qca6436wcn6851wcd9335sa6155pwcn6855sw5100p_firmwarewcn7851_firmwarewcn6856sa6145pqca6174a_firmwarewcd9385wcd9341qca6696_firmwaresa8145psd870_firmwareqca6696qca6391_firmwareqca6390sa8150psa6150psa8155pwsa8830_firmwaresd660sd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwaresd660_firmwarewcn7850_firmwarewsa8815_firmwaresa8195p_firmwarewsa8835_firmwaresdx12sw5100_firmwaresm8475sa8295p_firmwareSnapdragon
CWE ID-CWE-20
Improper Input Validation
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32908
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.84%
||
7 Day CHG~0.00%
Published-20 Sep, 2022 | 00:00
Updated-29 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. A user may be able to elevate privileges.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_osmacostvosipadoswatchosmacOSiOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32911
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.24% / 46.59%
||
7 Day CHG~0.00%
Published-20 Sep, 2022 | 00:00
Updated-29 May, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An app may be able to execute arbitrary code with kernel privileges.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_osmacostvosipadoswatchosmacOSiOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32917
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.52% / 66.62%
||
7 Day CHG~0.00%
Published-20 Sep, 2022 | 00:00
Updated-23 Oct, 2025 | 18:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2022-10-05||Apply updates per vendor instructions.

The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..

Action-Not Available
Vendor-Apple Inc.
Product-ipadosiphone_osmacosiOSmacOSiOS, iPadOS, and macOS
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33260
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-5.9||MEDIUM
EPSS-0.04% / 12.14%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 04:43
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack based buffer overflow in Core

Memory corruption due to stack based buffer overflow in core while sending command from USB of large size.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8830sda429w_firmwaresa6150p_firmwarewcd9380_firmwaresa8145p_firmwareqcs610sw5100pqcc5100wcn6856_firmwarewsa8835wcn3950_firmwarewcd9380sa8150p_firmwaresd888_5gqca6420_firmwareqca6595au_firmwareqcs410wcd9370wcn6855_firmwareqca6430_firmwarewcn3980wcn3998wcd9385_firmwareqam8295pwcn3950sd_8_gen1_5g_firmwarewcn3660bsd855wsa8815wcn6850qam8295p_firmwarewcn3660b_firmwarewcn7850qca6574au_firmwarewcn3680b_firmwareqca6595auwcn3998_firmwarewcn3980_firmwarewcn3610_firmwareqca6420sa8295pqcc5100_firmwareaqt1000_firmwaresa6155p_firmwareqcs8155wcn7851wcn6851_firmwarewcn3988_firmwareqca6430qca6574ausa6145p_firmwaresa8155p_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresw5100wsa8810wcn6855wcn6851sa6155psw5100p_firmwareqcs610_firmwarewcn7851_firmwarewcn6856sa6145pwcn3680bwcd9385wcd9341qca6696_firmwaresa8145pqca6696wcd9370_firmwareaqt1000sa8150psa6150psa8155pwsa8830_firmwaresda429wsd855_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewcn7850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqcs8155_firmwaresw5100_firmwaresm8475qcs410_firmwaresa8295p_firmwarewcn3610Snapdragon
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-27132
Matching Score-4
Assigner-OpenHarmony
ShareView Details
Matching Score-4
Assigner-OpenHarmony
CVSS Score-3.8||LOW
EPSS-0.07% / 21.95%
||
7 Day CHG+0.05%
Published-06 May, 2025 | 09:03
Updated-09 May, 2025 | 19:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
arkcompiler_ets_runtime has an out-of-bounds write vulnerability

in OpenHarmony v5.0.3 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scenarios.

Action-Not Available
Vendor-OpenAtom FoundationOpenHarmony (OpenAtom Foundation)
Product-openharmonyOpenHarmony
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33264
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.9||HIGH
EPSS-0.10% / 28.55%
||
7 Day CHG+0.01%
Published-06 Jun, 2023 | 07:38
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Stack-based buffer overflow in Modem

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request Message.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresnapdragon_850_mobile_compute_platform_firmwaresm7325-ae_firmwaremdm9640_firmwaresm6250p_firmwaresa6150p_firmwareqcs610315_5g_iot_modem_firmwaresc8180x-ab_firmwareqca8337qca6431_firmwarewcd9360_firmwaresnapdragon_820_automotive_platform_firmwaresnapdragon_wear_2100_platform_firmwaresnapdragon_212_mobile_platformwcn3950_firmwaresc8180x\+sdx55sa8150p_firmwareqcs2290qca6595au_firmwaresa6155snapdragon_427_mobile_platformsnapdragon_x70_modem-rf_systemqca6335sdm712sdm670mdm8215sd_455_firmwaresm8350csra6620_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaremdm8615m_firmwareapq5053-aa_firmwarewcn685x-1sm7350-ab_firmwaremsm8108sm4375wcn3998sc8180xp-adwcd9371_firmwaremsm8108_firmwarewcn3950qcn6024_firmwaremdm9628sm6375_firmwarewcn3660bsm7150-acsd460_firmwaremdm9230_firmwaresm7315_firmwaremdm8215msm7325-aeqca6574au_firmwaresm4250-aasnapdragon_636_mobile_platformmdm9630wcd9375_firmwarewcn3998_firmwareqca8081_firmwaresa6155_firmwaresm6225-admsm8909wqca6420wcd9360snapdragon_auto_5g_modem-rf_firmwaresnapdragon_427_mobile_platform_firmwareqca9367_firmwaresc8180xp-afmdm8207sdm450smart_audio_400_platform_firmwaresm6225-ad_firmwareqca6698aqsc8180xp-aa_firmwareqcs6125sa8155_firmwarerobotics_rb3_platform_firmwaresd662_firmwaresm7250-ab_firmwaremdm9615mqca6430robotics_rb3_platformsnapdragon_630_mobile_platformwcd9306_firmwarewcd9340sd626_firmwaresw5100qca6436sa6155pqca6698aq_firmwaremsm8209_firmwaremsm8905wcn685x-1_firmwaremdm9250_firmwaresm8150_firmwarewcn3660_firmwaresnapdragon_wear_2500_platformwcd9341qca6431qca6696_firmwaresc8180xp-ab_firmwarewcd9371sc8180x-absnapdragon_x12_lte_modemmdm8215_firmwarewcn3910_firmwaresm4350_firmwaresa8150psnapdragon_430_mobile_platformsm8250-ac_firmwarewsa8830_firmwaremdm9330_firmwaresd855_firmwaresd660sd865_5g_firmwaresm7225_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988sd660_firmwaresm4250-aa_firmwaresa8195p_firmwaresm8475wcn6750_firmwaresm6125_firmwarewcn3610snapdragon_675_mobile_platform_firmwaremsm8608mdm9640sm6375wcn3991qca8337_firmwarewcd9380_firmwaresdm429wsw5100pmsm8996au_firmwarewcd9330snapdragon_w5\+_gen_1_wearable_platformqca6564ausdm429sd670_firmwareqca6574apq8053-acsnapdragon_7c\+_gen_3_computewcd9380sc8180xp-aasnapdragon_wear_4100\+_platform_firmwaremdm9230qcs410snapdragon_210_processorapq8053-ac_firmwaresnapdragon_430_mobile_platform_firmwaresm7150-aa_firmwarec-v2x_9150_firmwaresc8180xp-ad_firmwaresc8180x-ac_firmwaresd626qca6174qca6430_firmwarewcd9335_firmwarewcn3980qca6335_firmwaresm7225qcm4325_firmwarewcd9340_firmwarewsa8815sm6150-ac_firmwarewcn3910qca6320qca6584_firmwaresdm429_firmwaresnapdragon_630_mobile_platform_firmwaremdm9650_firmwaremdm9215_firmwareqca6426_firmwaresnapdragon_435_mobile_platformwcn3660b_firmwarewcn3680sd835sc8180x-adqcn9024wcn3980_firmwaresd730wcd9330_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresc7180-ac_firmwaresm7150-aasnapdragon_820_automotive_platformsm6350sm8475_firmwarear6003_firmwarewcn6740_firmwareqca6421_firmwaresm7125smart_audio_200_platformsnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemwcn3680_firmwaresm7150-ab_firmwaresm8350_firmwaresdm660sm6350_firmwarewcn785x-1_firmwaresdm710sd670smart_audio_200_platform_firmwareqcn9024_firmwareqca6564a_firmwaresdx57mqcm4290_firmwaresnapdragon_x24_lte_modemsc8180xp-ac_firmwaresw5100p_firmwareqcs610_firmwaresa6145p9207_lte_modem_firmwaresdm439_firmwaresa8145pmdm8207_firmwaresd820_firmwareqca6391_firmwarewcd9370_firmwareqm215_firmwaresm4350-ac_firmwaresdx55sd888_firmwaresm8250csra6640sa8155psd675snapdragon_x20_lte_modemwcn3660ar8035_firmwareqcm2290snapdragon_632_mobile_platformsdm845_firmwaresnapdragon_625_mobile_platform_firmwarewcn3991_firmwaresnapdragon_wear_2100_platformwsa8830snapdragon_662_mobile_platform_firmwaresa8145p_firmware9207_lte_modemsm6125sdm712_firmwaresnapdragon_850_mobile_compute_platformsnapdragon_x24_lte_modem_firmwareqcs2290_firmwaresdm450_firmwarewcn785x-5csrb31024mdm9628_firmwaremdm9650csra6620sm7250-ac_firmwareqcs4290snapdragon_x20_lte_modem_firmwaremdm9250qca6420_firmwaresc7180-acqca6390_firmwaresnapdragon_auto_4g_modem_firmwareqca6174_firmwaresd730_firmwaremdm9310_firmwarewcd9370sd675_firmwareqca6426qca6584au_firmwarewcn3990_firmwaresm8450qca9377sm8250-abwcd9385_firmwarewcd9326_firmwaremdm9615m_firmwarewcn3615_firmwaresd662sm7325-afapq8037snapdragon_435_mobile_platform_firmwaresa8155snapdragon_x55_5g_modem-rf_systemqca6584msm8905_firmwaresdx55_firmwaresnapdragon_208_processor_firmwaresnapdragon_835_mobile_pc_platform_firmwarewcn3615qca6320_firmwarewcn3680b_firmwaresnapdragon_212_mobile_platform_firmwaresm7250p_firmwareqca6595auwcn3610_firmwaresm7325-af_firmwaresnapdragon_425_mobile_platformqca6436_firmwaresm4350-acsnapdragon_w5\+_gen_1_wearable_platform_firmwarewcd9306qca6584auqca6564au_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqca6310apq8053-aa_firmwaresm6225snapdragon_208_processorsnapdragon_x70_modem-rf_system_firmwareqcs6490snapdragon_x5_lte_modem_firmwareqca9367snapdragon_625_mobile_platformsnapdragon_wear_3100_platformsm8250_firmwareqcs8550_firmwarevision_intelligence_300_platform_firmwaresm8250-acwcn3988_firmware315_5g_iot_modemsa6145p_firmwareqm215qca6421sm7250-aasm6250c-v2x_9150sa8195psxr1120sdm710_firmwareapq8017_firmwarewsa8810_firmwaresm4375_firmwarevision_intelligence_400_platformsm8450_firmwaresc7180-adwcd9326wcd9335sg4150pqca8081apq8053-aaqca6174a_firmwareqcs4290_firmwarewcd9385sxr2130_firmwaremdm8615mqcs6490_firmwaresnapdragon_x12_lte_modem_firmwaresm7150-absc8180x-acqca6390wcd9375ar8035aqt1000snapdragon_210_processor_firmwaresc8180x\+sdx55_firmwaresm6250_firmwarevision_intelligence_400_platform_firmwaresnapdragon_662_mobile_platformwcn3620_firmwaresm8150sd820wsa8815_firmwareqcm6490wsa8835_firmwarewcn3620snapdragon_636_mobile_platform_firmwaresm7350-abapq8017sxr1120_firmwarear6003qca6564amdm9630_firmwaresg4150p_firmwarewcn785x-1qcm6125_firmwaresnapdragon_x5_lte_modemqcm4325qcm2290_firmwaresnapdragon_1100_wearable_platformapq5053-aawcn3990sd_675sdm845sd865_5g8953prosm8350-ac_firmwaresdm439snapdragon_835_mobile_pc_platformsm8150-acsd888msm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresc7180-ad_firmwaresnapdragon_auto_5g_modem-rfsm6250psc8180xp-acsxr2130snapdragon_425_mobile_platform_firmwaresnapdragon_wear_4100\+_platformsmart_audio_400_platformqca6574awcn685x-5_firmwaresc8180x-afqca6174asm7325psdm670_firmwareqca6310_firmwaresm7325wcn6750mdm9615sm7150-ac_firmwaresm7250-abqca6574_firmwaresd855sm7325p_firmwaresdx57m_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmware8953pro_firmwaremsm8209wcn785x-5_firmwaresm7315snapdragon_x55_5g_modem-rf_system_firmwarevision_intelligence_300_platformsd460qca6391sm8250-ab_firmwaremdm9310aqt1000_firmwaresnapdragon_auto_4g_modemsnapdragon_632_mobile_platform_firmwareqcm4290csrb31024_firmwareqcm6490_firmwaresnapdragon_xr1_platformwcn685x-5mdm9215sd_455sm6225_firmwaresc8180xp-af_firmwareqca6574ausa8155p_firmwaremdm8215m_firmwarewcd9341_firmwareqcm6125wsa8810sm7250-aa_firmwaresc8180x-aa_firmwaresm7250-acsm8150-ac_firmwaresc8180x-aasm8350-acwcn3680bsd835_firmwaresnapdragon_675_mobile_platformsnapdragon_wear_2500_platform_firmwaresc8180x-af_firmwarewcn6740qca6696qcs8550sm4350msm8608_firmwaresm6150-acsm7125_firmwaresnapdragon_x50_5g_modem-rf_systemsa6150psnapdragon_1100_wearable_platform_firmwaresc8180xp-abqcn6024mdm9615_firmwareapq8037_firmwaresc8180x-ad_firmwaresm7250psnapdragon_wear_3100_platform_firmwaresw5100_firmwareqcs410_firmwaremdm9330sdm660_firmwaresnapdragon_xr1_platform_firmwaresm7325_firmwareSnapdragonqca9377_firmwaresnapdragon_850_mobile_compute_platform_firmwaresnapdragon_662_mobile_platform_firmwaremdm9640_firmwaresa6150p_firmwaresa8145p_firmwaresm6250p_firmware315_5g_iot_modem_firmwareqcs2290_firmwaresnapdragon_x24_lte_modem_firmwareqca6431_firmwaremdm9628_firmwaresnapdragon_820_automotive_platform_firmwarewcd9360_firmwaresnapdragon_wear_2100_platform_firmwaresnapdragon_x20_lte_modem_firmwarewcn3950_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwaresnapdragon_450_mobile_platform_firmwareqca6174_firmwaresd730_firmwaresd_455_firmwarecsra6620_firmwaremdm9310_firmwaresd_675_firmwaresd675_firmwaresnapdragon_auto_4g_modem_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwareqcs6125_firmwaresnapdragon_480_5g_mobile_platform_firmwaremdm8615m_firmwareqca6584au_firmwarewcn3990_firmwarewcd9371_firmwaremsm8108_firmwarewcd9385_firmwareqcn6024_firmwaremdm9615m_firmwarewcd9326_firmwarewcn3615_firmwaresnapdragon_660_mobile_platform_firmwaresd460_firmwaresnapdragon_435_mobile_platform_firmwaremdm9230_firmwaresm7315_firmwareqca6320_firmwaresnapdragon_429_mobile_platform_firmwareqca6574au_firmwaresdx55_firmwaresnapdragon_208_processor_firmwaresnapdragon_212_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca8081_firmwaresa6155_firmwaresnapdragon_835_mobile_pc_platform_firmwaresm7250p_firmwarewcd9375_firmwarewcn3610_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa6155p_firmwareqca9367_firmwaresnapdragon_427_mobile_platform_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresmart_audio_400_platform_firmwaresnapdragon_x70_modem-rf_system_firmwaresnapdragon_x5_lte_modem_firmwaresa8155_firmwarerobotics_rb3_platform_firmwareqcs8550_firmwaresd662_firmwarevision_intelligence_300_platform_firmwarewcn3988_firmwaresa6145p_firmwarewcd9306_firmwarefastconnect_6700_firmwareapq8017_firmwaresd626_firmwaresnapdragon_626_mobile_platform_firmwarewsa8810_firmwareqca6698aq_firmwaremsm8209_firmwareqca6174a_firmwarequalcomm_205_mobile_platform_firmwaremdm9250_firmwareqcs4290_firmwaresxr2130_firmwarewcn3660_firmwareqca6696_firmwareqcs6490_firmwaresnapdragon_x12_lte_modem_firmwaremdm8215_firmwaresnapdragon_665_mobile_platform_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwaresnapdragon_210_processor_firmwaresm6250_firmwaresnapdragon_712_mobile_platform_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwaremdm9330_firmwaresd855_firmwaresd865_5g_firmwarewcn3620_firmwarewsa8815_firmwarewsa8835_firmwaresd660_firmwaresnapdragon_636_mobile_platform_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresxr1120_firmwaremdm9630_firmwaresg4150p_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqcm6125_firmwaresnapdragon_675_mobile_platform_firmwareqcm2290_firmwareqca8337_firmwarewcd9380_firmwaresnapdragon_778g_5g_mobile_platform_firmwaremsm8996au_firmwaresnapdragon_670_mobile_platform_firmwaremsm8909w_firmwaresd670_firmwaresdm429w_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_425_mobile_platform_firmwaresnapdragon_430_mobile_platform_firmwarec-v2x_9150_firmwareqca6310_firmwareqca6430_firmwarewcd9335_firmwareqca6335_firmwareqcm4325_firmwareqca6574_firmwarewcd9340_firmwarewcn3680b_firmwaresm7325p_firmwareqca6584_firmwaresdx57m_firmwaremdm9650_firmwaresnapdragon_630_mobile_platform_firmwaremdm9215_firmwareqca6426_firmwaresnapdragon_439_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwarefastconnect_6200_firmwarewcn3660b_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcd9330_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwareaqt1000_firmwarear6003_firmwarewcn6740_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwaresnapdragon_632_mobile_platform_firmwarewcn3680_firmwarecsrb31024_firmwareqcm6490_firmwarefastconnect_6900_firmwaresa8155p_firmwaremdm8215m_firmwaresmart_audio_200_platform_firmwareqca6564a_firmwareqcn9024_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm4290_firmwaresw5100p_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwarequalcomm_215_mobile_platform_firmwaresd835_firmware9207_lte_modem_firmwaresnapdragon_wear_2500_platform_firmwaremdm8207_firmwaresd820_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaremsm8608_firmwarewcd9370_firmwaresnapdragon_1100_wearable_platform_firmwaresd888_firmwaremdm9615_firmwareapq8037_firmwaresnapdragon_wear_3100_platform_firmwaresw5100_firmwareqcs410_firmwaresnapdragon_720g_mobile_platform_firmwarear8035_firmwaresnapdragon_xr1_platform_firmwaresnapdragon_625_mobile_platform_firmware
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-33103
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.61%
||
7 Day CHG~0.00%
Published-01 Jul, 2022 | 11:36
Updated-03 Nov, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Das U-Boot from v2020.10 to v2022.07-rc3 was discovered to contain an out-of-bounds write via the function sqfs_readdir().

Action-Not Available
Vendor-denxn/a
Product-u-bootn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2025-27070
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.15%
||
7 Day CHG~0.00%
Published-04 Nov, 2025 | 03:19
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Write in Windows Compute

Memory corruption while performing encryption and decryption commands.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-snapdragon_x32_5g_modem-rf_system_firmwareqcs9100_firmwareqdu1000_firmwareqca6426_firmwareqcs6490wcn7861snapdragon_x65_5g_modem-rf_system_firmwaresm7675snapdragon_765g_5g_mobile_platform_\(sm7250-ab\)qcs5430qamsrv1m_firmwaresa8150p_firmwarewcd9385qcn6024_firmwarewsa8835_firmwaresc8380xpsm8750_firmwaresnapdragon_ar1_gen_1_platform_firmwareqfw7114ar8035_firmwareqca6698aq_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwareqca6391qam8775p_firmwaresm8550psa8145p_firmwareqca8081_firmwarefastconnect_6900sa9000pqam8295p_firmwareqca8081sa8770pqca6574qca6431snapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)_firmwareqca6436_firmwaresa8775pwsa8830qcs5430_firmwareqcm6490qcs8550_firmwaresm8735snapdragon_695_5g_mobile_platformwcd9340snapdragon_auto_5g_modem-rf_gen_2_firmwareqcs8550qdu1110_firmwaresa8540p_firmwareqcs8300wcn6450sm4635_firmwarewcn7860_firmwareqdu1210sa7775p_firmwaresnapdragon_x62_5g_modem-rf_systemsa8775p_firmwareqam8620p_firmwaresm8550p_firmwaresnapdragon_695_5g_mobile_platform_firmwareqru1052_firmwareqru1062qdx1010_firmwarewcd9380_firmwaresm7675pqru1032_firmwaresa8530pqca6595ausm6650p_firmwareqcn9012_firmwaresnapdragon_8_gen_3_mobile_platform_firmwaresnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmwaresa8255pqdx1011qcm6490_firmwarewcd9395_firmwaresm7250p_firmwaresnapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)qca6678aqwsa8845_firmwarefastconnect_6200sa6150p_firmwareqcn9011_firmwaresnapdragon_888_5g_mobile_platformwcd9370_firmwaresnapdragon_480_5g_mobile_platformqfw7124sm6650wcn7750_firmwareqmp1000_firmwaresnapdragon_662_mobile_platformfastconnect_6900_firmwaresm8650q_firmwareqamsrv1mwsa8810_firmwaresnapdragon_8_gen_2_mobile_platformsa8150psxr2250pqmp1000sa4155pqcc710_firmwareqca6174a_firmwaresnapdragon_ar2_gen_1_platformwsa8810sm7635qcn9024wcd9395snapdragon_x72_5g_modem-rf_systemwcd9378_firmwareqcm4325_firmwareqru1032ar8035sm6650_firmwareqcm8550wsa8832_firmwaresm4635wcn6755_firmwaresa8195p_firmwaresa6150pwcn3988_firmwareqca6678aq_firmwaresnapdragon_8_gen_3_mobile_platformsa8155pssg2125p_firmwareqca6696_firmwaresnapdragon_460_mobile_platformwsa8832sdx61_firmwarewcn3950_firmwaresnapdragon_ar1_gen_1_platformqcn9274video_collaboration_vc3_platformwcd9375qcs615_firmwaresnapdragon_auto_5g_modem-rf_gen_2sm8735_firmwaresnapdragon_865_5g_mobile_platform_firmwarewcd9390_firmwaresrv1lwsa8815wcd9370sd865_5g_firmwarewsa8815_firmwaresnapdragon_8_gen_1_mobile_platformsnapdragon_768g_5g_mobile_platform_\(sm7250-ac\)_firmwaresnapdragon_x65_5g_modem-rf_systemsnapdragon_x75_5g_modem-rf_system_firmwarewcn3988sdx61snapdragon_662_mobile_platform_firmwaresa8145psnapdragon_ar1_gen_1_platform_\"luna1\"_firmwaresrv1hqcs8300_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)snapdragon_xr2_5g_platform_firmwaresd_8_gen1_5gqdx1010fastconnect_6800qca6421_firmwareqca6574_firmwareqdu1110qca6698aqsxr1230psxr2230pqca6584auwcn7880qfw7124_firmwareqru1052wsa8845h_firmwareqam8650psa8620psm8750p_firmwaresg4150p_firmwaresm8635ssg2125pqcn9012sa7255p_firmwarewsa8845qep8111fastconnect_7800_firmwareqca6391_firmwaresa8255p_firmwaresa4150pqca6595wcn7750wcn6650qcn6274_firmwarefastconnect_6700srv1h_firmwareqam8295psm8635_firmwarewsa8840sa8650pwcn6650_firmwaresnapdragon_xr2_5g_platformwcd9385_firmwaresnapdragon_680_4g_mobile_platformsnapdragon_x62_5g_modem-rf_system_firmwaresnapdragon_x35_5g_modem-rf_systemsnapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmwareqam8775pwsa8830_firmwaresnapdragon_8\+_gen_2_mobile_platformqca6688aqsm7635_firmwareqam8255p_firmwaresm7675p_firmwaresa8650p_firmwareqdu1010qdu1000sg4150psm8635pqca6797aq_firmwaressg2115p_firmwarewcd9378fastconnect_6800_firmwareqep8111_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_x75_5g_modem-rf_systemfastconnect_6200_firmwareqca6584au_firmwareqca6421snapdragon_685_4g_mobile_platform_\(sm6225-ad\)qca6688aq_firmwaresnapdragon_680_4g_mobile_platform_firmwaresg8275psa8620p_firmwareqam8255psa8155p_firmwareqca6595au_firmwaresa6155pqru1062_firmwaresnapdragon_ar2_gen_1_platform_firmwaresxr2250p_firmwareqcn6274qca6426wsa8845hqdu1010_firmwareqcn6024qfw7114_firmwareqca6574a_firmwaresnapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)sxr2130qcc710sm8635p_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqdx1011_firmwaresa8540psm8750qca6797aqsnapdragon_8_gen_2_mobile_platform_firmwaresnapdragon_x32_5g_modem-rf_systemqam8650p_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwaresnapdragon_ar1_gen_1_platform_\"luna1\"sxr1230p_firmwarewcn7861_firmwareqdu1210_firmwareqsm8350_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresa8770p_firmwaresm8750psm7675_firmwaresrv1l_firmwaresnapdragon_x55_5g_modem-rf_systemsc8380xp_firmwaresd_8_gen1_5g_firmwaresm8650qqca8337qcn6224_firmwaresxr2230p_firmwareqca6595_firmwarewcn7881qcn9011qamsrv1hqca6574au_firmwareqcm8550_firmwarewcn7880_firmwarewsa8835snapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)sa6145pwcd9390srv1m_firmwaresa4150p_firmwaresa9000p_firmwareqca6174aqcm4325wcn7860wcn7881_firmwaresa7775pwcd9340_firmwarewcn6450_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwaresa8195psrv1msnapdragon_768g_5g_mobile_platform_\(sm7250-ac\)ssg2115pvideo_collaboration_vc3_platform_firmwaresnapdragon_765_5g_mobile_platform_\(sm7250-aa\)_firmwaresa8295pfastconnect_6700_firmwareqcm5430_firmwareqcm5430wcd9375_firmwareqsm8350sg8275p_firmwarewcd9380qamsrv1h_firmwareqca6574ausa4155p_firmwaresa6145p_firmwareqcn9024_firmwaresa7255pqca6436sa6155p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqcs615sm7250pqca6431_firmwaresnapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)_firmwareqca8337_firmwaresd865_5gsnapdragon_765_5g_mobile_platform_\(sm7250-aa\)sxr2130_firmwarefastconnect_7800snapdragon_460_mobile_platform_firmwareqca6696snapdragon_865_5g_mobile_platformwcn6755qca6574aqcs9100snapdragon_4_gen_1_mobile_platformsnapdragon_480_5g_mobile_platform_firmwareqcn9274_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)qam8620pqcn6224sxr2330p_firmwaresm6650pwsa8840_firmwaresnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmwaresa8530p_firmwaresnapdragon_888_5g_mobile_platform_firmwaresnapdragon_765g_5g_mobile_platform_\(sm7250-ab\)_firmwaresa8295p_firmwareqcs6490_firmwarewcn3950sxr2330psnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)Snapdragon
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32575
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-4.8||MEDIUM
EPSS-0.14% / 33.83%
||
7 Day CHG~0.00%
Published-16 Feb, 2023 | 20:00
Updated-27 Jan, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Out-of-bounds write in the Intel(R) Trace Analyzer and Collector software before version 2021.5 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-trace_analyzer_and_collectorIntel(R) Trace Analyzer and Collector software
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-31610
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 28.55%
||
7 Day CHG~0.00%
Published-18 Nov, 2022 | 00:00
Updated-29 Apr, 2025 | 14:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Windows contains a vulnerability in the kernel mode layer (nvlddmkm.sys), where a local user with basic capabilities can cause an out-of-bounds write, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.

Action-Not Available
Vendor-Microsoft CorporationNVIDIA Corporation
Product-studiogpu_display_drivervirtual_gpuwindowsteslacloud_gaming_guestgeforceNVIDIA Cloud Gaming (guest driver)
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-32813
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.16% / 36.72%
||
7 Day CHG+0.04%
Published-24 Aug, 2022 | 19:46
Updated-29 May, 2025 | 18:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.5, macOS Big Sur 11.6.8, Security Update 2022-005 Catalina, iOS 15.6 and iPadOS 15.6, tvOS 15.6, watchOS 8.7. An app with root privileges may be able to execute arbitrary code with kernel privileges.

Action-Not Available
Vendor-Apple Inc.
Product-iphone_osmacostvosmac_os_xipadoswatchosmacOSwatchOStvOS
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • ...
  • 14
  • 15
  • 16
  • ...
  • 26
  • 27
  • Next
Details not found