Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-28583

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-20 Mar, 2024 | 00:00
Updated At-05 Aug, 2024 | 18:11
Rejected At-
Credits

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the readLine() function when reading images in XPM format.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:20 Mar, 2024 | 00:00
Updated At:05 Aug, 2024 | 18:11
Rejected At:
▼CVE Numbering Authority (CNA)

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the readLine() function when reading images in XPM format.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
N/A
Hyperlink: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
x_transferred
Hyperlink: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Vendor
freeimage_project
Product
freeimage
CPEs
  • cpe:2.3:a:freeimage_project:freeimage:3.19.0:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • 3.19.0
Problem Types
TypeCWE IDDescription
CWECWE-120CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Type: CWE
CWE ID: CWE-120
Description: CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Metrics
VersionBase scoreBase severityVector
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:20 Mar, 2024 | 06:15
Updated At:28 Mar, 2025 | 14:48

Buffer Overflow vulnerability in open source FreeImage v.3.19.0 [r1909] allows a local attacker to execute arbitrary code via the readLine() function when reading images in XPM format.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
freeimage_project
freeimage_project
>>freeimage>>3.19.0
cpe:2.3:a:freeimage_project:freeimage:3.19.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-120
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909cve@mitre.org
Third Party Advisory
Exploit
https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Exploit
Hyperlink: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
Source: cve@mitre.org
Resource:
Third Party Advisory
Exploit
Hyperlink: https://github.com/Ruanxingzhi/vul-report/tree/master/freeimage-r1909
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Exploit

Change History

0
Information is not available yet

Similar CVEs

376Records found
CVE-2021-25498
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-7.3||HIGH
EPSS-0.08% / 23.04%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:11
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A possible buffer overflow vulnerability in maetd_eco_cb_mode of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-notesSamsung Notes
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-26572
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.79%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 18:50
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgetactivexcfg function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-26571
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.79%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 18:43
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgetactivexcfg function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25496
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-7.3||HIGH
EPSS-0.08% / 23.04%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:11
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A possible buffer overflow vulnerability in maetd_dec_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-notesSamsung Notes
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-35089
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.10% / 27.05%
||
7 Day CHG~0.00%
Published-01 Apr, 2022 | 04:40
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of input IB amount validation while processing the user command in Snapdragon Auto

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6574ausa8155psa8155p_firmwareqca6696_firmwareqca6574au_firmwareqca6696Snapdragon Auto
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-26570
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.12% / 31.76%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 18:47
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webifc_setadconfig function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25494
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-4||MEDIUM
EPSS-0.06% / 18.02%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:11
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A possible buffer overflow vulnerability in libSPenBase library of Samsung Notes prior to Samsung Note version 4.3.02.61 allows arbitrary code execution.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-notesSamsung Notes
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-26577
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.05%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 19:46
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so uploadsshkey function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25497
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-7.3||HIGH
EPSS-0.08% / 23.04%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:11
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A possible buffer overflow vulnerability in maetd_cpy_slice of libSPenBase library of Samsung Notes prior to Samsung Notes version 4.3.02.61 allows arbitrary code execution.

Action-Not Available
Vendor-SamsungSamsung Electronics
Product-notesSamsung Notes
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-26573
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.79%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 19:05
Updated-03 Aug, 2024 | 20:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so webgeneratesslcfg function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-26409
Matching Score-4
Assigner-Advanced Micro Devices Inc.
ShareView Details
Matching Score-4
Assigner-Advanced Micro Devices Inc.
CVSS Score-7.8||HIGH
EPSS-0.14% / 33.37%
||
7 Day CHG~0.00%
Published-10 Jan, 2023 | 20:56
Updated-09 Apr, 2025 | 14:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table (RMP) memory, potentially resulting in a loss of SNP (Secure Nested Paging) memory integrity.

Action-Not Available
Vendor-Advanced Micro Devices, Inc.
Product-milanpi_firmwaremilanpi3rd Gen EPYC
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25131
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.14%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:36
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setfwimagelocation_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25133
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.14%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:38
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setradiusconfig_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25169
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.79%
||
7 Day CHG~0.00%
Published-08 Feb, 2021 | 18:06
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0.14.0 has a local buffer overflow in libifc.so websetservicecfg function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-baseboard_management_controllerapollo_70_systemHPE Apollo 70 System
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25136
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.14%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:46
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsolvideoremotestorage_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25126
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.14%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:08
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice downloadkvmjnlp_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25134
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-7.8||HIGH
EPSS-0.13% / 32.14%
||
7 Day CHG~0.00%
Published-29 Jan, 2021 | 18:43
Updated-03 Aug, 2024 | 19:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setremoteimageinfo_func function.

Action-Not Available
Vendor-n/aHewlett Packard Enterprise (HPE)
Product-cloudline_cl5200_gen9_servercloudline_cl3100_gen10_server_firmwarecloudline_cl5800_gen10_servercloudline_cl3100_gen10_servercloudline_cl4100_gen10_servercloudline_cl5200_gen9_server_firmwarecloudline_cl5800_gen9_server_firmwarecloudline_cl5800_gen9_servercloudline_cl5800_gen10_server_firmwarecloudline_cl4100_gen10_server_firmwareHPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25461
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-4||MEDIUM
EPSS-0.03% / 9.13%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 18:05
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper length check in APAService prior to SMR Sep-2021 Release 1 results in stack based Buffer Overflow.

Action-Not Available
Vendor-Google LLCSamsung Electronics
Product-androidSamsung Mobile Devices
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-22547
Matching Score-4
Assigner-Google LLC
ShareView Details
Matching Score-4
Assigner-Google LLC
CVSS Score-6.3||MEDIUM
EPSS-0.03% / 7.21%
||
7 Day CHG~0.00%
Published-04 May, 2021 | 13:05
Updated-03 Aug, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer overrun in Google Cloud IoT Device SDK for Embedded C

In IoT Devices SDK, there is an implementation of calloc() that doesn't have a length check. An attacker could pass in memory objects larger than the buffer and wrap around to have a smaller buffer than required, allowing the attacker access to the other parts of the heap. We recommend upgrading the Google Cloud IoT Device SDK for Embedded C used to 1.0.3 or greater.

Action-Not Available
Vendor-Google LLC
Product-cloud_iot_device_sdk_for_embedded_cGoogle Cloud IoT Device SDK for Embedded C
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-1984
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.10% / 27.05%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to improper validation of index value while processing the plugin block in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sm7250sm6250p_firmwareqcs610qcs2290_firmwaresm7250_firmwaresd_636qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqcs2290qca6390_firmwareqca6335msm8917sd690_5gsd730_firmwaresd_455_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426sd632wcn3998wcd9371_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125sd720gwcn3615_firmwarewcn3660bsd662sd460_firmwareqca6320_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3610_firmwareqca6420qca6436_firmwareapq8053_firmwareqca6564au_firmwaresd778gqca6310qcs6490sd429sdxr2_5gqcs6125sd662_firmwaresdm630wcn3988_firmwareqca6430sd205sd429_firmwaresm6250sd778g_firmwareapq8017_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca6436wcn6851qcs603_firmwareqcs4290_firmwarewcd9385qcs6490_firmwarewcd9371sd750gsd870_firmwareqca6390wcd9375sd750g_firmwareaqt1000apq8064auwcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd210sd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8835_firmwareapq8017qca6564awcn6750_firmwarewcn3610qcm6125_firmwareqcm2290_firmwarewcn3991wcd9380_firmwaresd_675msm8996au_firmwaresd780gsd865_5gqca6564ausdx55m_firmwarewcn6856_firmwaresd888wsa8835sd632_firmwaremsm8996ausd665_firmwarewcd9380sd888_5gsm6250pqualcomm215qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqca6310_firmwaresm7325qca6430_firmwarewcn6750sd439_firmwareqca6335_firmwareqcs605sd855sm4125_firmwarewcn6850sd665wcn3910qca6320sd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwaresd460qca6391sd730sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwareapq8064au_firmwareqcm4290qcm6490_firmwaresdx50mwcn3680_firmwaresd480_firmwareqcs603wcn6851_firmwaresd_455qca6574ausd_636_firmwaresd205_firmwareqca6564a_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwarewcn6856wcn3680bsdxr1sd768gapq8096auwcn6740sdm630_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053apq8096au_firmwaresd675sd439sd720g_firmwareqcm2290sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-1915
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 10.26%
||
7 Day CHG~0.00%
Published-07 May, 2021 | 09:10
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow can occur due to improper validation of NDP application information length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwaresm6250p_firmwareipq4028_firmwareqca8337qdm5579ar9380ipq8173_firmwareqfs2608_firmwareqfs2530qpm8870_firmwareqln1030pm6125qcn5124qat5522_firmwarewcn3950_firmwarepm8150aqdm5670qca6595au_firmwareqpm5541_firmwareqpa5581_firmwaresa6155pm7150lqpa8821pm8998_firmwarewtr5975_firmwareqcs6125_firmwarepm456_firmwareqpa5580_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125qsw8573_firmwareqsw8574_firmwaresd460_firmwaresmb2351_firmwaresd6905gqpa4360_firmwareqca8081_firmwarewcn3998_firmwarepm855pqca6420pm6150aqpm6670_firmwareipq8070_firmwareipq8065ipq8078a_firmwarepm660_firmwarepm8150bipq8072_firmwaresa8155_firmwareipq8068qca6430qat3522pmr735awcd9340sd765gsdr660qfs2630_firmwaresdr865qdm5620_firmwareqca9888_firmwaresmr545qca6696_firmwareqln5020wcd9371sd870_firmwareqcn5154_firmwarepmm855au_firmwaresa8150ppm6350qdm5621qtc800sqat3514_firmwareqca9992_firmwaresd660qet6105pm640p_firmwaresd660_firmwareqcn5121qcn5022_firmwareqcn7606_firmwareqat5516_firmwarepm6150lwcn6750_firmwaresd8885gpm855l_firmwareqca6428_firmwareqca9985_firmwareqtc410sipq4018_firmwarewcn3991qca9980_firmwareqpa8801ipq8078pm8150l_firmwareipq8173qat5533_firmwaresdx55m_firmwaresdxr25gqpa8673_firmwarepm6150smb1354_firmwaresd670_firmwareqca6574qfs2630qpa8842csr8811_firmwarepmm8996ausdr052_firmwarewcd9380qln4640qcs410qpm5579_firmwaresmb1380_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresmb1381pm7250qpa8803qca9985qcn9012_firmwaresdxr25g_firmwareqdm2301ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm5621_firmwareqdm2301_firmwareqpm6375ipq6028ipq8064sd835pmp8074wcn3980_firmwaresd730pm660l_firmwarepm6250_firmwarewcn6740_firmwarepm8008pm8350b_firmwareqtm525_firmwareqcn5064_firmwaresd678_firmwareipq8078_firmwareqpm5621_firmwareqcn5054qln1021aq_firmwarersw8577qca9896qpa6560_firmwareqca9994qpa8802_firmwareqln4640_firmwareqca9980qpm5621qcn9024_firmwareipq8174_firmwarepm8009_firmwareqpm6582qfs2580_firmwaresd670qcm4290_firmwarewcn6855qcn7605_firmwarepm8150lpmi8998_firmwareqcs610_firmwaresa6145ppm660a_firmwarepm4250qca9886_firmwarear8031qpm5577wtr2965sdm630_firmwaresa2150pqca6391_firmwarepm8150qca4024wcd9370_firmwareqat3516_firmwaresdx55qcn5021_firmwarecsra6640pm8350bhsqat3555_firmwareqpa8803_firmwarepm855bsmb2351qln1031qcn7606qpm5870qcn5500wsa8830pm660qca9561qet6110_firmwareqdm5579_firmwareqpm6325pm6125_firmwareqbt1500qpa5581csrb31024qca9563_firmwarepmx24_firmwarefsm10055_firmwareqbt1500_firmwareqpm5870_firmwareqca9992qcs4290pmm855auqet6100qca6420_firmwaresmb1394_firmwaresmb1396pm7150asd675_firmwareipq8072pm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwareqca6426wcn3990_firmwareqca9984_firmwareqpm5641wcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarepm7250_firmwareqdm5620qln1021aqipq8074asmb1380qca9982pmk8002_firmwareqsw6310_firmwaresa8155qln1031_firmwareqdm4650_firmwareqcn5122_firmwarepmm6155au_firmwareqat5533sdx55_firmwareqcn6023_firmwaresm7250p_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584auqpm4641qat5515_firmwareipq8174pm855qpm8830_firmwarepm8250qcn5052sdm630qdm4643qfs2530_firmwaresa415m_firmwarepmx55qpm4641_firmwareqcn9074wcn3988_firmwarepm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwareqpm5677qat5515qca6694qat3514wcd9326wcd9335qca9982_firmwarepm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwareqcs4290_firmwareqtc800h_firmwarepmk7350_firmwareqpm5620qpm4630qca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375sm6250_firmwarepmm8195auqln4642qpm5677_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwaresmr525_firmwarepm8998pmk7350wtr3925_firmwareqpm8820_firmwareqln1020_firmwareqpm6621_firmwareqcm6125_firmwareqca9882pmx55_firmwareqca6595pm8150_firmwaresmb1398_firmwareqpm8830pmm8996au_firmwareqat5522qca9896_firmwareipq8065_firmwarepm8150cpmr735bsd665_firmwareqpa4360pmk8003_firmwareqcn5154qca8075_firmwareqpa4361ipq6005_firmwareqpm4640_firmwareqpm5577_firmwarewcn6855_firmwareqdm5679_firmwarepm8350csmr525qca9888qca6310_firmwareipq8070a_firmwarepm6150l_firmwarepmr525pm8150a_firmwareqca6574_firmwareqca9886qcn5502_firmwareqln1036aq_firmwaresd665pm6150a_firmwarepm6150_firmwareqca6175asd765qca6574a_firmwareqpm4630_firmwareqat3555qpa5461sd8c_firmwarewtr2965_firmwarecsrb31024_firmwareqfs2608qcn9070_firmwaresd480_firmwareqln1036aqqtc801sipq6028_firmwareipq8072a_firmwareqca9531qpm5641_firmwareqca9889_firmwaresd710qcn5122pm8008_firmwareqpm6621pmr735a_firmwarepmx50qcn5022qca6564_firmwaresdr8250sd768gqln1030_firmwarewcn6740pm8004pm640lpmk8002qca8075apq8096au_firmwareqcn6024qcn9022sd845ipq6000_firmwareqcs410_firmwareqca6175a_firmwareqpa5580qpm5579fsm10055sa6150p_firmwareqcs610qcn5550qpm5620_firmwareqdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqca9561_firmwareqat3519qbt2000_firmwareqca4024_firmwareipq8078aqtc800hsa8150p_firmwareqcs2290sdr8250_firmwareqca6335qcn5064csra6620_firmwareqln1020smr546_firmwareqdm5671csra6640_firmwarepmc1000hqpm4650_firmwareqat3518sd8csdr425_firmwaresmr526_firmwareipq8076apm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwaresd710_firmwareqca6428qdm5652qca6574au_firmwareqcn5164_firmwareipq8071qpm8870wcd9375_firmwareqpm5679qbt2000sa6155_firmwarewcd9360qca6438_firmwarepmx50_firmwareqpa8675_firmwaresdr735gwcn3999qdm3301_firmwareqca7500qsm7250ipq4029_firmwareqcs6125ipq6010sd662_firmwareqcs405rsw8577_firmwareqdm2308_firmwarefsm10056_firmwareqca6436wcn6851sa6155pqpa6560sdr675_firmwarewcd9341ipq8068_firmwareqdm4643_firmwareqca6431sm7350_firmwareqet4100_firmwaresd750gqdm3302wcn3910_firmwareqpm5657qpm5875_firmwarewsa8830_firmwaresd855_firmwareqdm5650wcn3988qca6438wtr3925sdr052sa8195p_firmwaresmb1390qca9898ipq4028qet4100qpa8686_firmwareipq5018_firmwareqpm6585qca8337_firmwarewcd9380_firmwaresmb1355ipq8072aqca7500_firmwareqln4650sdr735g_firmwarepm8350bhs_firmwarewgr7640ipq8076a_firmwareqat5568qdm5671_firmwareqet5100qca6564auqpa8801_firmwareqtm527_firmwaresd636wcn6856_firmwarepm8005_firmwareqcn5164qca9558qet4101_firmwarepm7250bqln4642_firmwaresmb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwareqcn5054_firmwareipq4019_firmwaresdx50m_firmwaresdr735smb1395pm660lsmr526qca8072_firmwarewtr5975qca6430_firmwarepmk8003qcn5052_firmwareqtc801s_firmwareqat3522_firmwarewcd9335_firmwarewcn3980pm7350c_firmwareqca6335_firmwareqsw8573wcn3910qca6320smb1394qca6426_firmwarepm8350_firmwareqca9984qcn9024pm8009qpa8675qcn5550_firmwaresdr051_firmwaresdx55mipq8064_firmwareqca6421_firmwareqat3518_firmwareqsw8574pmi8998sd6905g_firmwarear8031_firmwarepm855lwcn6851_firmwareqdm5670_firmwareipq8070sd8655gqcn5502pm7150a_firmwarepm8150b_firmwareqca9887_firmwaresmr545_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepm4250_firmwareqca9880sd480sd870qcn5121_firmwaresd8885g_firmwareqdm5677pm8005ipq6018pm855_firmwareqdm2302pmm6155ausdxr1pm855b_firmwareapq8096auqca6595_firmwareqcs405_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqln4650_firmwareqpm5875qet5100msd888_firmwaresa8155psd675qet4101qca9531_firmwareqat3516qpm5658ar8035_firmwareqcm2290qpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwarepmm8155au_firmwaresd678qcn9070sdr051qln5030qcs2290_firmwarepm4125fsm10056pmi632qpa2625_firmwarepm456pm8350bh_firmwarecsra6620pmr735b_firmwareqet5100_firmwareqpm4621qcn9072qca9880_firmwareqet6100_firmwaresdr660gsd765g_firmwareqpa8686qca6390_firmwareipq6000sd730_firmwarewcd9370qcn5152_firmwaresdr425pmr525_firmwareqca6584au_firmwareqcn9000_firmwareipq5018pmi632_firmwareqcn7605qpm5541qat5516qca9563sd662qpa8821_firmwareqcn5124_firmwaresdr660g_firmwarepm8350bhpm3003aqca6320_firmwareqca6595auwcn3999_firmwareqca6436_firmwaresm7350smb1354ipq5010qca6564au_firmwareqdm2305sa6155p_firmwareqca6310qpm8820qpm2630qln5020_firmwaresa515m_firmwareqca9990smb1398sa6145p_firmwaresdr675sm6250wsa8810_firmwaresd765_firmwareqdm5677_firmwareqca8081ipq8071aipq8071a_firmwarewcd9385qpm6325_firmwareqdm2302_firmwareqat3550_firmwarepmm8155auqln5040_firmwarepm4125_firmwarear8035csr8811qpa8673ipq4019qca6694_firmwareqdm2310qln5030_firmwareqcn9100_firmwaresmb1396_firmwarewcn6850_firmwarewsa8835_firmwareqca6564asmr546pmx24qet6110qln5040qca8072qcm2290_firmwareqpm8895qpm5670wcn3990qcn9000qtm527ar9380_firmwarepmk8350qcn9012qdm3302_firmwaresd888qca9558_firmwarepm8350bqdm2307_firmwarewsa8835qpm5657_firmwaresm6250psdr660_firmwareipq4018qca6574asmb1390_firmwareqca9889ipq8074qca9994_firmwareqpm4640wcn6750pm7350cqet5100m_firmwareipq8076_firmwareqpm4650qtm525sa515msa2150p_firmwarewtr6955sd855sm4125_firmwaresd8cxipq8076wtr6955_firmwareqca9887pm640pqcn5021qcn5152sd768g_firmwaresdr865_firmwarepm8250_firmwaresd460qca6391sd8cx_firmwaresdxr1_firmwaresmb1351ipq6005aqt1000_firmwareqcn9100qpm8895_firmwarepm660aqpa4340qcm4290sdx50mpm640aqca9882_firmwaresdr8150smb1395_firmwareqdm4650pmd9655ipq8074_firmwareqca6574ausa8155p_firmwareqsw6310qet6105_firmwaresd8655g_firmwarewcd9341_firmwareqcm6125wsa8810qtc410s_firmwareqpm2630_firmwareqcn5500_firmwareqat5568_firmwareqdm2308qat3550wcn6856qdm5679sd835_firmwareipq6010_firmwarepm3003a_firmwareqca6696qtc800s_firmwaresmb1381_firmwaresd845_firmwareqpa2625sa6150pqcn9022_firmwareqca9990_firmwareipq8070apmm8195au_firmwareqcn9072_firmwaresm7250psd720g_firmwareipq8071_firmwareqcn9074_firmwareqpm4621_firmwareipq4029sd636_firmwarepm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-1909
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.3||HIGH
EPSS-0.03% / 10.26%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:35
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow occurs in trusted applications due to lack of length check of parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7250mdm9640_firmwaresm6250p_firmwareipq4028_firmwareqca8337ar9380ipq8173_firmwareqcn5124fsm9950mdm9645wcn3950_firmwaresc8180x\+sdx55qca6595au_firmwaresa6155sd_455_firmwareapq8076fsm9905_firmwareqcs6125_firmwaremsm8108sa415mwcn3998wcd9371_firmwaremsm8108_firmwarewcn3950qcn6024_firmwaresd720gsm4125mdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwareqsm8350_firmwareqsm8350sd460_firmwaremdm9230_firmwareipq8062apq8064_firmwareqca8081_firmwarewcn3998_firmwareapq8009w_firmwareqca6420apq8053_firmwareipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwaremdm8207ipq8072_firmwaresa8155_firmwareqca4004_firmwareipq8068qca6430wcd9306_firmwarewcd9340sdm830_firmwaremdm9625_firmwaresd765gar3012_firmwareapq8052msm8209_firmwaremdm9250_firmwareqca9888_firmwareqcn6122qca6696_firmwarewcd9371sd870_firmwareqcn5154_firmwaresd_8cxsa8150par7420_firmwareqca4004mdm9330_firmwareqca9992_firmwaresd865_5g_firmwaresd712qcn5121qcn5022_firmwareqcn7606_firmwarewcn6750_firmwaresd450qca6428_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca9980_firmwaresdm429wipq8078sdx55m_firmwareipq8173msm8976_firmwareqca6574sd632_firmwaresd670_firmwarecsr8811_firmwarewcd9380qualcomm215qcs410qcn5024sd690_5g_firmwareqca9379_firmwaresdx24_firmwareqca9985qcn9012_firmwareipq6018_firmwareqca9890_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwaremsm8956_firmwareqca6584_firmwaremsm8937_firmwaresd_8c_firmwareipq6028ipq8064sd835pmp8074qca1990sd730wcn6740_firmwaremdm9225qcn5064_firmwaresd678_firmwareapq8064au_firmwaremdm9225mipq8078_firmwareqca9890qca6234qcn5054qcs603fsm9900_firmwareqca9994qca6164_firmwareqca9980sd670qcn9024_firmwareipq8174_firmwareapq8009wqcm4290_firmwarewcn6855qcn7605_firmwareqcs610_firmwareapq8084_firmwaresa6145pqca9886_firmwarear8031mdm8207_firmwareqca6164sdm630_firmwaremdm9205_firmwareqca6391_firmwaresd820_firmwareqca4024wcd9370_firmwaresdx55apq8053qcn5021_firmwarecsra6640wcn3660qca9379qca6234_firmwareqcn7606qsm8250_firmwaremdm9150_firmwarewsa8830qca9561fsm9915_firmwarecsrb31024mdm9628_firmwaremdm9650fsm9916_firmwaresd_636fsm10055_firmwareqca9992qcs4290mdm9250qca6420_firmwarepmd9635_firmwareapq8009_firmwaresd690_5gfsm9915msm8916_firmwaresd675_firmwareipq8072qca6564qca6426qca9984_firmwareqca9377fsm9905sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewhs9410ipq8074aqca9982mdm8635msa8155qca6584qcn5122_firmwaresdx55_firmwareqcn6023_firmwarewcn3610_firmwaremdm9207wcd9306qca6584ausd778gqfe1952msm8208ipq8174sd429msm8962qca9367qcn5052mdm9235m_firmwaresdm630mdm9607_firmwaremdm9655_firmwaremsm8976sgsa415m_firmwarewcn3988_firmwareqcn9074sd205sd429_firmwareqca6421sd778g_firmwaresa8195pqca6694qca7550wcn3660aqca9982_firmwareqcn6023qcs4290_firmwareqcs6490_firmwaremdm8635m_firmwaremdm9625qca6390qca9898_firmwaresd750g_firmwareaqt1000msm8956msm8976sc8180x\+sdx55_firmwaresm6250_firmwarewcd9375apq8056msm8917_firmwareipq5010_firmwareipq8074a_firmwaremdm9625msd888_5g_firmwaresdx20_firmwarewsa8815_firmwaremsm8916apq8017qcx315mdm9235mmdm9630_firmwareqcm6125_firmwareqca9882sd780gsd865_5gqca6595ipq8065_firmwareqcx315_firmwareqca10901sd665_firmwareqcn5154qca8075_firmwareipq6005_firmwaremdm9206wcn6855_firmwareqca9888qca6310_firmwaresm7325ipq8070a_firmwareqca6574_firmwareqca9886sd665qca6175asd765wtr3925lqca6574a_firmwaresd850_firmwarewcn3660a_firmwareapq8009csrb31024_firmwareqcm6490_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwaremdm9626_firmwareqca9531qca9889_firmwaremdm9607qcn5122mdm9645_firmwaresdx20m_firmwareqcn5022qca6564_firmwaresd768gwcn6740sdw2500msm8940qca8075apq8096au_firmwareqcn6024qcn9022sd845msm8962_firmwaresdm830ipq6000_firmwaresdx12qcs410_firmwaremdm9330qca6175a_firmwaresm7325_firmwareipq8062_firmwarefsm10055sa6150p_firmwareqcs610qcn5550fsm9955_firmwareqca6431_firmwarewcd9360_firmwareqca9561_firmwareqca4024_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6335msm8917qcn5064csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwarefsm9916qca9987_firmwaresd632ipq8076amdm9628qca4020qca6428qca6574au_firmwareqcn5164_firmwareipq8071mdm9630wcd9375_firmwaresa6155_firmwaresdx12_firmwaremsm8909wwcd9360qca10901_firmwaresdx20mqca6438_firmwarewhs9410_firmwarewcn3999qrb5165_firmwareipq5028qca7500ipq4029_firmwareqcs6125apq8056_firmwareapq8016_firmwareipq6010apq8062_firmwaresd662_firmwareqcs405sc8280xp_firmwareqca1990_firmwarequalcomm215_firmwarefsm10056_firmwareqca4020_firmwareqca6436fsm9910_firmwareqcn3018_firmwaresa6155pwcn6851qcs603_firmwaremsm8937ipq8066_firmwarewcn3660_firmwareipq8068_firmwaremdm9655pm8937_firmwareqca6431sd750gwcn3910_firmwaremdm9207_firmwareqfe1922wsa8830_firmwaresd855_firmwarewcn3988qca6438sa8195p_firmwaremsm8208_firmwareqca9898ipq4028wcn3610mdm9640msm8608ipq5018_firmwarear9580_firmwareqca8337_firmwaresda429w_firmwarewcd9380_firmwareipq8072aqca7500_firmwarewcd9330msm8996au_firmwarecsr6030ipq8076a_firmwareqca7550_firmwaremdm9225m_firmwareqca6564auwcn6856_firmwareqcn5164msm8940_firmwareqca9558qca7520_firmwaremdm9230qcn5054_firmwareipq4019_firmwaresdx50m_firmwareipq8066qca8072_firmwareqca6174qca6430_firmwareqcn5052_firmwareqca6335_firmwareqsw8573qcs605sd7cmdm9225_firmwareqca6320wcn3910mdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680qca9984qcn9024qcn5550_firmwarewcd9330_firmwaresdx55mipq8064_firmwareqca6421_firmwaremsm8953sd821_firmwareapq8064ar8031_firmwarewcn3680_firmwareqrb5165wcn6851_firmwareipq8070pmd9635qca9887_firmwarewtr3925l_firmwaresd_636_firmwareqca6564a_firmwareqca6694au_firmwareqca9880msm8976sg_firmwaresd480sd870qcn5121_firmwarear3012sd210_firmwareqsm8250ipq6018qcn3018sdxr1apq8096auqca6595_firmwareqcs405_firmwaresa8145par9580sd780g_firmwaresd888_firmwaresc8280xpsa8155psd675qca9531_firmwarear8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwaresd678qcn9070sa8145p_firmwareqca7520qcs2290_firmwarefsm10056sm7250_firmwaresd7c_firmwareqca9378csra6620qca9987qfe1100_firmwareqcn9072qca9880_firmwaresd765g_firmwareipq8069_firmwareqca6390_firmwareipq6000qca6174_firmwaresd730_firmwarewcd9370qcn5152_firmwareqca6584au_firmwareapq8076_firmwareqcn9000_firmwareipq5018sd_8cx_firmwareqcn7605fsm9950_firmwaresd662qcn5124_firmwareqfe1952_firmwareapq8037qca6320_firmwareqca6595auwcn3999_firmwareqca6436_firmwareipq5010qca6564au_firmwaresa6155p_firmwareqca6310pm8937sa515m_firmwareqca9990qcs6490sdxr2_5gapq8084sd821apq8062sa6145p_firmwaresm6250sd712_firmwareapq8017_firmwareqfe1100sd765_firmwareqca8081ipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385ar8035csr8811apq8064auipq4019qca6694_firmwaremsm8953_firmwareqcn9100_firmwareqca6694aumsm8952sda429wsd210wcn3620_firmwaresd820qcm6490wcn6850_firmwarewsa8835_firmwarewcn3620csr6030_firmwareqca6564aqca8072qcm2290_firmwaremdm9635m_firmwareqcn9000sd_675mdm9625m_firmwarear9380_firmwaresdx24qcn9012sd888qca9558_firmwaremsm8952_firmwaremsm8909w_firmwareqcn6122_firmwaremsm8996ausdm429w_firmwarewsa8835sd888_5gsm6250pipq4018qca6574aqca9889qca6174aipq8074qca9994_firmwarewcn6750mdm9635mapq8052_firmwarefsm9910ipq8076_firmwaremdm9205sa515mar7420sd855sm4125_firmwareipq8076qfe1922_firmwareqca9887qca9378_firmwareqcn5021ipq8069qcn5152sd768g_firmwaremsm8209sd460qca6391sdxr1_firmwareipq6005aqt1000_firmwaremsm8920qcn9100mdm9626qcm4290sdx50mqca9882_firmwaresdx20msm8920_firmwaresd_455ipq8074_firmwareqca6574ausa8155p_firmwaresd205_firmwareqcm6125mdm9150wcn6856sd_8csd835_firmwareipq6010_firmwareqca6696fsm9955apq8016msm8608_firmwaresd845_firmwaresa6150pqcn9022_firmwarefsm9900qca9990_firmwareapq8037_firmwareipq8070aqcn9072_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareipq4029sd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-1983
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 10.26%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to improper handling of negative data length while processing write request in VR service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sm7250sm6250p_firmwareqcs610qcs2290_firmwaresm7250_firmwaresd_636qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqcs2290qca6390_firmwareqca6335msm8917sd690_5gsd730_firmwaresd_455_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426sd632wcn3998wcd9371_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125sd720gwcn3615_firmwarewcn3660bsd662sd460_firmwareqca6320_firmwareqca6574au_firmwaresdx55_firmwarewcn3680b_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3610_firmwareqca6420qca6436_firmwareapq8053_firmwareqca6564au_firmwaresd778gqca6310qcs6490sd429sdxr2_5gqcs6125sd662_firmwaresdm630wcn3988_firmwareqca6430sd205sd429_firmwaresm6250sd778g_firmwareapq8017_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca6436wcn6851qcs603_firmwareqcs4290_firmwarewcd9385qcs6490_firmwarewcd9371sd750gsd870_firmwareqca6390wcd9375sd750g_firmwareaqt1000apq8064auwcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd210sd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8835_firmwareapq8017qca6564awcn6750_firmwarewcn3610qcm6125_firmwareqcm2290_firmwarewcn3991wcd9380_firmwaresd_675msm8996au_firmwaresd780gsd865_5gqca6564ausdx55m_firmwarewcn6856_firmwaresd888wsa8835sd632_firmwaremsm8996ausd665_firmwarewcd9380sd888_5gsm6250pqualcomm215qca6574asd690_5g_firmwaresdx50m_firmwarewcn6855_firmwareqca6310_firmwaresm7325qca6430_firmwarewcn6750sd439_firmwareqca6335_firmwareqcs605sd855sm4125_firmwarewcn6850sd665wcn3910qca6320sd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwaresd460qca6391sd730sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwareapq8064au_firmwareqcm4290qcm6490_firmwaresdx50mwcn3680_firmwaresd480_firmwareqcs603wcn6851_firmwaresd_455qca6574ausd_636_firmwaresd205_firmwareqca6564a_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855sd210_firmwareqcs610_firmwarewcn6856wcn3680bsdxr1sd768gapq8096auwcn6740sdm630_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053apq8096au_firmwaresd675sd439sd720g_firmwareqcm2290sm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-1889
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 10.26%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:30
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of length check in Trusted Application in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055mdm9640_firmwaresm6250p_firmwaresa6150p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwarewcn3950_firmwaresc8180x\+sdx55sa8150p_firmwareqcs2290qca6595au_firmwaresa6155msm8917sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresd632sa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gwcn3660bsd450_firmwareqsm8350_firmwareqsm8350sd460_firmwareqca4020qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaresa6155_firmwareqca6420apq8053_firmwarewcd9360wcn3999qcs6125sa8155_firmwareqca4004_firmwaresd662_firmwareqcs405qca6430wcd9306_firmwaresd765gqualcomm215_firmwarefsm10056_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwaremsm8937wcn3660_firmwaremdm9655qca6696_firmwarepm8937_firmwareqca6431wcd9371sd870_firmwaresd750gwcn3910_firmwaresd_8cxsa8150pqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwaresa8195p_firmwarewcn6750_firmwaresd450wcn3610mdm9640wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wmsm8996au_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6430_firmwarewcd9335_firmwaresd439_firmwareqcs605wcn6850sd7cwcn3910qca6320msm8937_firmwaremdm9650_firmwaresd_8c_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835sd730sdx55mqca6421_firmwarewcn6740_firmwaremsm8953sd821_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwarewcn3680_firmwareqca6234wcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareqca6694au_firmwareqcm4290_firmwaresd480sd870wcn6855qcs610_firmwareqsm8250sa6145psdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145psdm630_firmwaremdm9205_firmwareqca6391_firmwaresd820_firmwarewcd9370_firmwaresd780g_firmwaresdx55apq8053sa8155pcsra6640sd675sd439wcn3660qca9379qca6234_firmwarear8035_firmwareqsm8250_firmwareqcm2290wcn3991_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarefsm10056sd7c_firmwarecsrb31024mdm9650sd_636csra6620fsm10055_firmwareqcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426qca6584au_firmwareqca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3615_firmwaresd662apq8037sa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwarewcd9306qca6584ausd778gqca6564au_firmwaresa6155p_firmwarepm8937sa515m_firmwaresd429sdxr2_5gsdm630sd821mdm9655_firmwaresa415m_firmwarewcn3988_firmwaresd429_firmwaresa6145p_firmwareqca6421sd778g_firmwaresm6250sd712_firmwaresa8195papq8017_firmwareqca6694sd765_firmwarewcd9335qca6174a_firmwareqcs4290_firmwarewcd9385qca6390wcd9375sd750g_firmwareaqt1000ar8035apq8064ausm6250_firmwaresc8180x\+sdx55_firmwareqca6694_firmwaremsm8953_firmwareqca6694ausda429wmsm8917_firmwarewcn3620_firmwaresd820sd888_5g_firmwarewcn6850_firmwarewsa8835_firmwarewcn3620apq8017qca6564aqcm6125_firmwareqcm2290_firmwaresd_675sd780gsd865_5gqca6595sdx24wsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca6574awcn6855_firmwareqca6174asm7325pwcn6750mdm9205sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665qca6175asd765qca6574a_firmwaresd768g_firmwaresd850_firmwaresd460qca6391sdxr1_firmwareaqt1000_firmwaremsm8920qcm4290csrb31024_firmwaresdx50msd480_firmwaremsm8920_firmwaresd_455qca6574ausa8155p_firmwareqcm6125wcn6856sd_8cwcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sa6150pmsm8940apq8096au_firmwareapq8037_firmwaresm7250psd720g_firmwareqcs410_firmwareqca6175a_firmwaresd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-21780
Matching Score-4
Assigner-kernel.org
ShareView Details
Matching Score-4
Assigner-kernel.org
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.79%
||
7 Day CHG~0.00%
Published-27 Feb, 2025 | 02:18
Updated-03 Nov, 2025 | 21:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table()

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid buffer overflow attach in smu_sys_set_pp_table() It malicious user provides a small pptable through sysfs and then a bigger pptable, it may cause buffer overflow attack in function smu_sys_set_pp_table().

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinux
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-25078
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.19% / 40.81%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-05 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
pacparser pacparser.c pacparser_find_proxy buffer overflow

A vulnerability classified as problematic was found in pacparser up to 1.3.x. Affected by this vulnerability is the function pacparser_find_proxy of the file src/pacparser.c. The manipulation of the argument url leads to buffer overflow. Attacking locally is a requirement. Upgrading to version 1.4.0 is able to address this issue. The name of the patch is 853e8f45607cb07b877ffd270c63dbcdd5201ad9. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215443.

Action-Not Available
Vendor-pacparser_projectunspecified
Product-pacparserpacparser
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-3438
Matching Score-4
Assigner-HP Inc.
ShareView Details
Matching Score-4
Assigner-HP Inc.
CVSS Score-7.8||HIGH
EPSS-0.42% / 61.60%
||
7 Day CHG-0.76%
Published-20 May, 2021 | 13:32
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege.

Action-Not Available
Vendor-n/aSamsungHP Inc.
Product-proxpress_sl-c3060_ss211alaserjet_mfp_m438_8af44aproxpress_sl-c3010_ss210jxpress_sl-m2826_ss344aproxpress_sl-m3870_ss377aproxpress_sl-m4020_ss383yxpress_sl-m2621_ss325asf-760_ss199aproxpress_sl-m3375fd_ss368fmultixpress_sl-m5360_ss403ascx-5637_ss182ascx-4833_ss181axpress_sl-m2885_ss359aclx-3305_ss095aml-5510_ss152acolor_laser_mfp_170_4zb96alaser_mfp_130_4zb90ascx-5737_sw045axpress_sl-m2020_ss272acolor_laser_mfp_170_6hu08aproxpress_sl-c4010_ss216sxpress_sl-m2625_ss326alaserjet_mfp_m443_8af72axpress_sl-m2825_ss342axpress_sl-m2676_ss337axpress_sl-m2875_ss353ascx-3405_sv943ascx-3405_sw314aproxpress_sl-m3375fd_ss369cxpress_sl-c480_ss255ascx-3401_ss158aproxpress_sl-m3820_ss372csf-760_ss196ascx-4650_sb983acolor_laser_mfp_170_6hu09aml-3750_ss138alaser_100_4zb81axpress_sl-c1860_ss205axpress_sl-m2070_ss297amultixpress_clx-9301_ss007axpress_sl-m2875_ss352aml-5510_sv897aproxpress_sl-c3060_ss213fmultixpress_clx-9301_sw179aproxpress_sl-m4075_ss394aproxpress_sl-c4010_ss216bml-6510_ss154amultixpress_sl-x7500_ss055alaser_mfp_130_4zb84aproxpress_sl-c3010_ss210flaserjet_mfp_m440_8af46alaser_408_7uq75alaser_mfp_130_4zb91aproxpress_sl-m4580_ss402aproxpress_sl-c4010_ss216fproxpress_sl-c4010_ss216kclp-365_ss066aproxpress_sl-m3375fd_ss369dproxpress_sl-c4010_ss216vproxpress_sl-m3875_ss382amultixpress_scx-8128_ss018amultixpress_sl-k7500_ss040aclx-3305_ss096asf-760_ss197ascx-3401_ss157aproxpress_sl-m3325_ss367aml-6510_sv901aproxpress_sl-m4024_ss385axpress_sl-m2676_ss338ascx-3401_sv393aclp-680_ss075axpress_sl-c480_ss254aproxpress_sl-c3060_ss213dmultixpress_sl-k7500_ss039axpress_sl-m2880_ss358aproxpress_sl-m3820_ss373wproxpress_sl-c3060_ss211lclp-775_ss079aproxpress_sl-c4010_ss216eproxpress_sl-c3060_ss213gxpress_sl-m2820_ss339aproxpress_sl-m3370_ss378ascx-3400_sv938alaserjet_mfp_m42625_8af52axpress_sl-m2675_sw112aproxpress_sl-c4060_ss218alaser_mfp_130_4zb82amultixpress_sl-k7600_ss042aproxpress_sl-m4530_ss398dproxpress_sl-m4025_ss387aml-5017_ss148aclx-3300_ss088aproxpress_sl-c3010_ss210hscx-4021_ss165aproxpress_sl-c4012_ss217aproxpress_sl-m3321_ss366aproxpress_sl-c4010_ss216pproxpress_sl-m3320nd_ss365amultixpress_sl-x4300_ss049axpress_sl-m2620_ss324aproxpress_sl-c4010_ss216dscx-4521_ss168aproxpress_sl-m3820_ss373dproxpress_sl-c3010_ss210aproxpress_sl-c3010_ss210gproxpress_sl-c3060_ss211nproxpress_sl-m3820_ss373sproxpress_sl-m4072_ss391acolor_laser_150_4zb95aclp-680_ss076aclx-3305_ss094aproxpress_sl-m3820_ss371bsf-760_ss195amultixpress_sl-x7600_ss058aproxpress_sl-m4070_ss390cmultixpress_scx-8230_ss021aproxpress_sl-m3820_ss373uscx-5639_st676alaser_100_4zb79ascx-3405_ss162aproxpress_sl-c3010_ss201claserjet_mfp_m42523_7ab26axpress_sl-m2620_ss322alaser_mfp_432_7uq76amultixpress_scx-8128_ss020axpress_sl-m2625_ss327aproxpress_sl-m4025_ss386alaserjet_mfp_m442_8af71axpress_sl-m2821_ss341aproxpress_sl-m4020_ss383cproxpress_sl-m3820_ss373qlaserjet_mfp_m438_8af45axpress_sl-m2675_ss336aproxpress_sl-m3820_ss373lxpress_sl-m2876_ss355axpress_sl-m2070_ss294aproxpress_sl-m3825_ss375aproxpress_sl-m4070_ss389jlaser_mfp_130_4zb87amultixpress_sl-x4220_ss047aclx-6260_ss105aproxpress_sl-c4062_ss219alaserjet_mfp_m72625-m72630_2zn50aproxpress_sl-m4075_ss393aproxpress_sl-m3875_ss380amultixpress_sl-x7600_ss059aproxpress_sl-c3060_ss211eproxpress_sl-m3820_ss373mproxpress_sl-c3060_ss211pml-6510_sv899cmultixpress_sl-k7400_ss038ascx-3405_sw313ascx-5737_ss183axpress_sl-m2871_ss350amultixpress_sl-x7500_ss056aml-5015_ss147axpress_sl-m2875_ss354aclp-775_ss078aproxpress_sl-m3820_ss373jproxpress_sl-c4010_ss216jproxpress_sl-m3375fd_ss369elaserjet_mfp_m436_w7u01amultixpress_scx-8240_ss022alaser_mfp_130_6hu10amultixpress_sl-m4370_ss396axpress_sl-m2825_ss343ascx-3400_ss155ascx-4521_sv968aclx-6260_ss106axpress_sl-m2626_ss328ascx-4521_sv967aproxpress_sl-m3870_ss378ascx-5635_sw041amultixpress_clx-9301_sw152ascx-4655_ss174aproxpress_sl-m3820_ss373tproxpress_sl-c3060_ss211qproxpress_sl-c3060_ss211dproxpress_sl-m4530_ss397escx-4650_ss171ascx-3406_ss164alaser_mfp_130_4zb85axpress_sl-m2671_ss333axpress_sl-m2620_ss323amultixpress_sl-k4250_ss030ascx-4655_sv989amultixpress_sl-x4250_ss048aproxpress_sl-c3010_ss210kxpress_sl-m2870_ss349aproxpress_sl-m4560_ss400aproxpress_sl-c3010_ss210eproxpress_sl-c3010_ss210mproxpress_sl-c4010_ss216claserjet_mfp_m437_7zb19aproxpress_sl-m3820_ss373gproxpress_sl-c3060_ss211mlaser_mfp_130_4zb83aproxpress_sl-c3060_ss211gproxpress_sl-c3060_ss211cxpress_sl-m2070_ss295axpress_sl-m2070_ss298aproxpress_sl-c3060_s221bxpress_sl-m2070_ss293aproxpress_sl-m3820_ss373fproxpress_sl-c3060_ss213axpress_sl-c430_ss229aclp-560_sv611ascx-3400_ss156aclp-560_sv612alaser_mfp_130_4zb86ascx-4835_sw020ascx-3405_ss161axpress_sl-c480_ss257amultixpress_sl-k4300_ss032amultixpress_sl-m5370_sw121alaserjet_mfp_m42625_8af50aproxpress_sl-m4080_ss395amultixpress_clx-9251_sv719aproxpress_sl-m3820_ss373aclp-360_ss062amultixpress_sl-m4370_sw117aproxpress_sl-c3060_ss211hscx-3405_ss159acolor_laser_150_4zb94aproxpress_sl-m3820_ss373nproxpress_sl-c3060_ss211flaser_mfp_130_5ue15alaserjet_mfp_m433_1vr14aclp-366_ss068aclx-3305_ss093ascx-3405_ss163aproxpress_sl-m4560_ss399aproxpress_sl-m3375fd_ss369bproxpress_sl-m4020_ss383kproxpress_sl-m3820_ss371aproxpress_sl-m3875_ss381aclp-368_sv601aproxpress_sl-m3820_ss371dlaserjet_mfp_m439_7zb22ascx-4833_sw019aclx-6260_ss108aproxpress_sl-m3820_ss373pml-6510_sv900aproxpress_sl-c4010_ss216hml-5010_ss145amultixpress_sl-m5370_ss404aclp-365_sw139ascx-4521_sv530ascx-5637_sw043amultixpress_sl-k4250_ss031aml-4510_ss141aproxpress_sl-m3820_ss373vproxpress_sl-m4020_4pt87amultixpress_clx-9251_ss005ascx-5635_sw093axpress_sl-m2876_ss357ascx-5635_sw040amultixpress_sl-k3250_ss027eproxpress_sl-c3010_ss210plaserjet_mfp_m440_8af48ascx-4835_sw021aproxpress_sl-m4030_ss388aproxpress_sl-c3010_ss209alaser_100_4zb80aproxpress_sl-c3060_ss213hproxpress_sl-c4010_ss216qxpress_sl-m2820_ss340ascx-3406_sw127axpress_sl-m2676_sw113alaserjet_mfp_m42523_7zb72aml-5012_ss146aproxpress_sl-c3060_ss213blaserjet_mfp_m437_7zb20amultixpress_sl-k2200_ss025axpress_sl-m2835_ss346axpress_sl-m2670_ss331amultixpress_sl-k3300_ss028aproxpress_sl-c4010_ss216mmultixpress_sl-x7400_ss054alaserjet_mfp_m439_7zb23aproxpress_sl-m3820_ss373hproxpress_sl-m3820_ss373zxpress_sl-m2626_ss329ascx-4650_ss172axpress_sl-m2671_ss332aproxpress_sl-c4010_ss216zproxpress_sl-m3825_ss376aproxpress_sl-m3820_ss373bml-6510_ss153amultixpress_sl-x3280_ss044ascx-5737_sw046aclx-6260_ss107aproxpress_sl-c3060_ss211jlaserjet_mfp_m439_7zb24alaserjet_mfp_m436_w7u02ascx-4521_sw129aclx-3300_sv677alaserjet_mfp_m440_8af47aproxpress_sl-c4010_ss215acolor_laser_mfp_170_4zb97aproxpress_sl-c3060_ss211kmultixpress_sl-k2200_ss024aclx-6260_sw177alaser_mfp_130_4zb88aml-5510_sv898aproxpress_sl-m3820_ss373cxpress_sl-m2876_ss356amultixpress_sl-x3220nr_ss043eclp-366_sv600alaser_mfp_130_6hu11axpress_sl-c480_ss256amultixpress_scx-8128_sw172ascx-4655_sv988alaserjet_mfp_m42523_7zb25ascx-3406_sv946ascx-4521_ss167axpress_sl-m2670_ss330aproxpress_sl-m3375fd_ss369amultixpress_scx-8128_ss019aproxpress_sl-c4010_ss216nproxpress_sl-c4010_ss216gproxpress_sl-m3820_ss373eproxpress_sl-m4020_ss383xproxpress_sl-m4075_ss392aproxpress_sl-c4010_ss216llaserjet_mfp_m436_2ky38ascx-3405_ss160axpress_sl-m2070_ss296aproxpress_sl-c4010_ss216uproxpress_sl-m3825_ss374alaserjet_mfp_m42625_8af49alaser_mfp_130_4zb93aproxpress_sl-m3820_ss371cmultixpress_sl-x7400_ss053asf-760_ss198aclp-365_ss067alaser_100_5ue14axpress_sl-m2675_ss335alaser_mfp_130_9vv52aproxpress_sl-m4020_4pt7blaser_mfp_130_6hu12amultixpress_sl-k7400_ss037aproxpress_sl-c3060_ss213cmultixpress_scx-8240_st717alaser_mfp_130_4zb92aproxpress_sl-m3820_ss373kscx-4833_ss180axpress_sl-c430_ss230ascx-4521_sv966aproxpress_sl-m3875_ss379alaser_mfp_130_4zb89alaserjet_mfp_m42625_8af51aproxpress_sl-m4020_ss383lproxpress_sl-m3820_ss375bproxpress_sl-c3010_ss210lmultixpress_sl-k7600_ss041aml-4512_ss142axpress_sl-m2675_ss334aml-5510_ss151amultixpress_scx-8240_sw185alaserjet_mfp_m437_7zb21ascx-3406_sv298aproxpress_sl-c4010_ss216tproxpress_sl-c3010_ss210bxpress_sl-m3015_ss360axpress_sl-m2870_ss348alaser_100_209u7aml-5510_ss150alaserjet_mfp_m438_8af43alaserjet_mfp_m72625-m72630_2zn49aproxpress_sl-m4530_ss397gxpress_sl-m2875_ss351aproxpress_sl-m4580_ss401aproxpress_sl-c3060_ss213escx-4521_sv969aml-5510_ss149aproxpress_sl-c3010_ss210dscx-3406_sv945amultixpress_sl-k4350_ss033aproxpress_sl-c4010_ss216ascx-3406_sv947axpress_sl-m2020_ss271aCertain HP LaserJet products and Samsung product printers, see Security Bulletin
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-21481
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.01% / 1.10%
||
7 Day CHG~0.00%
Published-24 Sep, 2025 | 15:33
Updated-07 Jan, 2026 | 17:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in HLOS

Memory corruption while performing private key encryption in trusted application.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwareqfw7124srv1h_firmwaresm8735_firmwaresdx55wcn7880_firmwaresnapdragon_x75_5g_modem-rf_system_firmwareqcs6125_firmwaresnapdragon_855\+\/860_mobile_platform_\(sm8150-ac\)snapdragon_xr2_5g_platformqrb5165m_firmwaresnapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)qfw7114snapdragon_778g_5g_mobile_platform_firmwaresg4150psnapdragon_765_5g_mobile_platform_\(sm7250-aa\)_firmwaresnapdragon_675_mobile_platformqcm6125_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwaresnapdragon_750g_5g_mobile_platform_firmwaresa8145psnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-ab\)snapdragon_x72_5g_modem-rf_systemsnapdragon_w5\+_gen_1_wearable_platformqru1032snapdragon_680_4g_mobile_platform_firmwareqca8081_firmwarewcd9335sa8650psd865_5g_firmwareqca6797aqwsa8840_firmwareqca6696srv1l_firmwaresa8195psnapdragon_710_mobile_platformsnapdragon_7c_compute_platform_\(sc7180-ac\)_firmwareqca6574au_firmwareqcn9024_firmwareqca8337wcd9370snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-af\)_firmwaresa8145p_firmwaresrv1lwsa8845h_firmwaresnapdragon_780g_5g_mobile_platformwcn7881_firmwaresnapdragon_768g_5g_mobile_platform_\(sm7250-ac\)_firmwaresa4155psnapdragon_480_5g_mobile_platform_firmwareqcs6125sd670_firmwaresa8620psnapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)sm6650wcn7860snapdragon_8cx_compute_platform_\(sc8180x-aa\)_firmwaresd_8_gen1_5gsnapdragon_768g_5g_mobile_platform_\(sm7250-ac\)wcd9380qcs8300_firmwaresa8540p_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresnapdragon_765_5g_mobile_platform_\(sm7250-aa\)qep8111sxr2330psnapdragon_662_mobile_platform_firmwaresm7675qmp1000qcs8550_firmwareqca6574ausnapdragon_7c\+_gen_3_compute_firmwaresa8770p_firmwaresd670sa8155_firmwaresnapdragon_8cx_compute_platform_\(sc8180xp-ac\)qca6797aq_firmwaresnapdragon_xr1_platform_firmwarewcd9341_firmwaresxr1120snapdragon_8_gen_3_mobile_platform_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareqcn6024_firmwareqam8775pqcn9274_firmwarewsa8835snapdragon_auto_5g_modem-rf_firmwaresnapdragon_765g_5g_mobile_platform_\(sm7250-ab\)snapdragon_690_5g_mobile_platform_firmwaresa6155psa6145pvideo_collaboration_vc1_platformqsm8350_firmwareqam8295pqcs8300snapdragon_7c_compute_platform_\(sc7180-ac\)qca6678aq_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareflight_rb5_5g_platform_firmwarewcn3999wsa8835_firmwareqamsrv1msdx61qdu1010_firmwareqam8620psnapdragon_732g_mobile_platform_\(sm7150-ac\)qdu1000wcn3988sm8635snapdragon_x65_5g_modem-rf_system_firmwarerobotics_rb2wcd9395_firmwaresm8750snapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwaresm6650_firmwarewcn7750snapdragon_865_5g_mobile_platform_firmwareqca6595sd855sa6155_firmwareqca6436_firmwaresnapdragon_782g_mobile_platform_\(sm7325-af\)snapdragon_8_gen_1_mobile_platformsw5100_firmwarewcn3999_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\)sa2150p_firmwarefastconnect_7800_firmwaresm7675p_firmwareqca6698aq_firmwaresc8380xpsnapdragon_8_gen_3_mobile_platformwsa8815snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmwarear8035snapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"_firmwareqru1062_firmwaresm7325pqcn6224snapdragon_855\+\/860_mobile_platform_\(sm8150-ac\)_firmwaresnapdragon_720g_mobile_platformwcd9340_firmwarewcn6740_firmwareqamsrv1h_firmwareqca6584au_firmwareqcn6274sxr1120_firmwareqca6430_firmwareqdu1210_firmwaresdx61_firmwareqcs2290_firmwarewcd9370_firmwarewsa8832_firmwaresd888sm7675_firmwareqca6436wcd9326_firmwaresm8635_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)snapdragon_670_mobile_platform_firmwaresnapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"qca6421srv1msa8540pwsa8830qcm8550qru1062snapdragon_x65_5g_modem-rf_systemc-v2x_9150_firmwareqca8081fastconnect_6700qca6391snapdragon_4_gen_1_mobile_platform_firmwareqcs9100_firmwareqca6391_firmwaresnapdragon_730g_mobile_platform_\(sm7150-ab\)_firmwareqca6688aqqrb5165nwcn3950sa9000p_firmwarewcn3990_firmwareqam8650pqcs410sm7675psnapdragon_665_mobile_platform_firmwarewcn6450aqt1000_firmwarec-v2x_9150sm4635qdu1110qcs610sa8775psm8635p_firmwareqrb5165mqamsrv1hqca6698aqsnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)snapdragon_678_mobile_platform_\(sm6150-ac\)315_5g_iot_modemsnapdragon_680_4g_mobile_platformflight_rb5_5g_platformqfw7114_firmwarewcn6740sm6250_firmwaresnapdragon_695_5g_mobile_platformsnapdragon_x50_5g_modem-rf_systemsd_8_gen1_5g_firmwaresd855_firmwareqca6574robotics_rb2_firmwarewcd9335_firmwaresnapdragon_662_mobile_platformsnapdragon_8cx_compute_platform_\(sc8180xp-af\)sa8255p_firmwaresnapdragon_865_5g_mobile_platform315_5g_iot_modem_firmwaresw5100p_firmwaresg4150p_firmwareqam8295p_firmwareqca6426_firmwarear8031_firmwaresd730_firmwaresnapdragon_778g_5g_mobile_platformqru1052_firmwaresm8650qsa6145p_firmwarewcd9375wcd9378video_collaboration_vc1_platform_firmwarewcn6755_firmwaresnapdragon_8cx_gen_3_compute_platform_\(sc8280xp-bb\)_firmwarewsa8845_firmwareqdx1011qcn7606sa8620p_firmwaresnapdragon_8cx_compute_platform_\(sc8180x-aa\)snapdragon_665_mobile_platformrobotics_rb5qca6421_firmwaresdx55_firmwaresm8735wcn7861_firmwareqcs610_firmwaresnapdragon_8c_compute_platform_\(sc8180xp-ad\)_firmwaresd865_5gsrv1hqcs6490_firmwareqcs8550fastconnect_6900_firmwarefastconnect_6800_firmwaresa8155p_firmwareqam8650p_firmwarear8035_firmwaresm8750psnapdragon_8c_compute_platform_\(sc8180x-ad\)_firmwareqcs6490qcn9274snapdragon_x75_5g_modem-rf_systemqca6431smart_audio_400_platformwsa8845qca6420_firmwaresnapdragon_780g_5g_mobile_platform_firmwareqcc710_firmwarewcn3988_firmwaresm4125_firmwaresw5100smart_audio_400_platform_firmwaresm8750p_firmwaresnapdragon_678_mobile_platform_\(sm6150-ac\)_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\)_firmwarewcd9390sa8255psa8775p_firmwaresnapdragon_765g_5g_mobile_platform_\(sm7250-ab\)_firmwareqru1052sd_675_firmwaresnapdragon_690_5g_mobile_platformwcn6650fastconnect_6900sm4635_firmwaresa2150psnapdragon_8c_compute_platform_\(sc8180x-ad\)wcn7880snapdragon_x55_5g_modem-rf_systemsa4155p_firmwareqdu1010video_collaboration_vc3_platformqep8111_firmwareqam8255psd_675qcm2290_firmwaresnapdragon_670_mobile_platformqcn9074_firmwareqcn6224_firmwarefastconnect_7800sa7775psm6370_firmwaresa7255p_firmwarewcd9371_firmwarewcn6755sa8770psa8155pwsa8845hwcd9390_firmwaresnapdragon_750g_5g_mobile_platformsa8195p_firmwareqsm8250sm8650q_firmwarewcd9340sa8295p_firmwaresd675_firmwarewsa8840wcd9378_firmwaresd675snapdragon_4_gen_1_mobile_platformsnapdragon_730g_mobile_platform_\(sm7150-ab\)sa6155sa6150p_firmwaresa8530pqcm4290_firmwareqdu1210qca6174a_firmwarefastconnect_6200snapdragon_x35_5g_modem-rf_system_firmwarecsra6620_firmwareqca6426wsa8810_firmwareqcm6490qca6420snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-ab\)_firmwaresnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmwarefastconnect_6700_firmwareqca6174asm8635psa4150p_firmwaresa8650p_firmwareqcs9100robotics_rb5_firmwarewcd9371snapdragon_8cx_compute_platform_\(sc8180x-ab\)snapdragon_720g_mobile_platform_firmwareqcs4290_firmwaresnapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)_firmwareqcn9074csra6640snapdragon_x62_5g_modem-rf_systemwcn3980_firmwareqcm4290wcd9326sm6250qdx1010_firmwarewcd9385_firmwarewcd9360_firmwareqmp1000_firmwarewcn7750_firmwareqca6678aqwcd9385snapdragon_xr1_platformwcn7881qca6595ausa9000psnapdragon_732g_mobile_platform_\(sm7150-ac\)_firmwarewcn3910_firmwareqcm6490_firmwarewsa8815_firmwaresnapdragon_x62_5g_modem-rf_system_firmwaresnapdragon_685_4g_mobile_platform_\(sm6225-ad\)snapdragon_888_5g_mobile_platform_firmwaresxr2130_firmwareqcn6274_firmwarewsa8832sm7315sc8180x\+sdx55wsa8810qdu1110_firmwareqsm8350wcn3980sa7255psxr2130snapdragon_auto_5g_modem-rf_gen_2_firmwaresxr2330p_firmwareqca6431_firmwareqca6574a_firmwaresnapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)_firmwaresm7250psc8180x\+sdx55_firmwareqca6574_firmwareqrb5165n_firmwareqcs5430snapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)qamsrv1m_firmwaresnapdragon_730_mobile_platform_\(sm7150-aa\)srv1m_firmwaresm7635_firmwareqam8620p_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\)_firmwareqca6696_firmwaresm7315_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_auto_4g_modem_firmwaresnapdragon_695_5g_mobile_platform_firmwareqdx1010wsa8830_firmwaresnapdragon_855_mobile_platformqcs5430_firmwareqcm2290qcs4290snapdragon_782g_mobile_platform_\(sm7325-af\)_firmwaresm7325p_firmwaresnapdragon_auto_4g_modemwcd9380_firmwareqca6688aq_firmwareqca6595_firmwaresm6250p_firmwaresd888_firmwareaqt1000qfw7124_firmwareqcn6024wcd9375_firmwaresnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)wcn7860_firmwaresa8530p_firmwareqca6574awcn3990snapdragon_8c_compute_platform_\(sc8180xp-ad\)qcn7606_firmwareqca6595au_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_auto_5g_modem-rf_gen_2qcm5430_firmwaresm8750_firmwaresnapdragon_8cx_compute_platform_\(sc8180xp-af\)_firmwaresa7775p_firmwaresnapdragon_8cx_compute_platform_\(sc8180xp-ac\)_firmwarecsra6640_firmwaresw5100psa6155p_firmwareqca8337_firmwaresnapdragon_460_mobile_platformwcd9395fastconnect_6800qca6430sm7635snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-af\)snapdragon_675_mobile_platform_firmwaresm6250pqdu1000_firmwareqam8255p_firmwareqcc710wcn3910wcd9341snapdragon_x55_5g_modem-rf_system_firmwareqsm8250_firmwareqcs2290sc8380xp_firmwareqca6584ausnapdragon_8cx_gen_3_compute_platform_\(sc8280xp-ab\)snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwaresnapdragon_888_5g_mobile_platformsa8295pwcn3950_firmwarewcn7861video_collaboration_vc3_platform_firmwaresnapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmwaresa8150p_firmwarewcd9360qam8775p_firmwaresa4150psnapdragon_8cx_compute_platform_\(sc8180x-ab\)_firmwaresa8150pqcn9024wcn6450_firmwaresm4125sm6370snapdragon_x35_5g_modem-rf_systemsa8155sm7250p_firmwaresnapdragon_xr2\+_gen_1_platformar8031snapdragon_730_mobile_platform_\(sm7150-aa\)_firmwareqdx1011_firmwareqcm5430snapdragon_460_mobile_platform_firmwarefastconnect_6200_firmwareqcm6125snapdragon_855_mobile_platform_firmwarewcn6650_firmwareqru1032_firmwaresnapdragon_710_mobile_platform_firmwarecsra6620snapdragon_xr2\+_gen_1_platform_firmwaresnapdragon_480_5g_mobile_platformsnapdragon_auto_5g_modem-rfsa6150pqcs410_firmwaresd730snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\)Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-21444
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.39%
||
7 Day CHG~0.00%
Published-08 Jul, 2025 | 12:48
Updated-21 Jul, 2025 | 19:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Data HLOS - QX

Memory corruption while copying the result to the transmission queue in EMAC.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca6574au_firmwareqamsrv1h_firmwareqam8650pqam8620psa8255pqam8650p_firmwareqca6595qca6595au_firmwaresa8650p_firmwaresrv1m_firmwaresa7775psrv1mqca6696_firmwareqca6698aqsa8295psa8650pqca6696qam8295p_firmwareqam8775psa9000p_firmwaresa8540p_firmwaresrv1lqca6688aq_firmwaresrv1l_firmwaresa7255p_firmwareqca6595_firmwaresa8295p_firmwareqca6797aq_firmwaresa8620p_firmwaresa8775p_firmwaresrv1h_firmwareqca6698aq_firmwaresa8775pqam8620p_firmwaresa8770psrv1hqamsrv1msa7255pqam8295psa8255p_firmwareqca6574ausa8770p_firmwareqamsrv1m_firmwaresa8620pqamsrv1hqam8775p_firmwareqca6797aqsa9000pqca6688aqsa8540psa7775p_firmwareqam8255pqca6595auqam8255p_firmwareSnapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-29540
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-2.5||LOW
EPSS-0.05% / 15.40%
||
7 Day CHG~0.00%
Published-14 May, 2021 | 19:11
Updated-03 Aug, 2024 | 22:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap buffer overflow in `Conv2DBackpropFilter`

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a heap buffer overflow to occur in `Conv2DBackpropFilter`. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/1b0296c3b8dd9bd948f924aa8cd62f87dbb7c3da/tensorflow/core/kernels/conv_grad_filter_ops.cc#L495-L497) computes the size of the filter tensor but does not validate that it matches the number of elements in `filter_sizes`. Later, when reading/writing to this buffer, code uses the value computed here, instead of the number of elements in the tensor. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-8729
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.06% / 17.97%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:56
Updated-04 Aug, 2024 | 10:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer copy without checking size of input for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2019-2321
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.03% / 9.57%
||
7 Day CHG~0.00%
Published-12 Dec, 2019 | 08:30
Updated-04 Aug, 2024 | 18:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect length used while validating the qsee log buffer sent from HLOS which could then lead to remap conflict in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ4019, IPQ8074, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, QCA8081, QCS404, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, Snapdragon_High_Med_2016, SXR1130, SXR2130

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9150_firmwareapq8096_firmwaresdm632_firmwaremsm8996au_firmwaresdm845sdm450_firmwaresdm632apq8096sdx24sdm439qcs404_firmwaremdm9650sdm429msm8940_firmwaresm7150_firmwaresnapdragon_high_med_2016_firmwaresm6150msm8909w_firmwaremsm8996ausm7150apq8009_firmwaremsm8917sdm670sxr2130qcs605_firmwareipq4019_firmwaremdm9206sdm670_firmwareqcs404sdx24_firmwareipq8074sdm636sda845_firmwareapq8098mdm9205mdm9206_firmwaremsm8939qcs605msm8937_firmwaremdm9650_firmwaresdm429_firmwaremsm8905_firmwaresda660sxr1130_firmwareqca8081_firmwaresxr1130msm8909wapq8009msm8909_firmwareapq8053_firmwaresda845sdm850_firmwaremsm8920msm8953sdm450sdm636_firmwareapq8098_firmwaremsm8998_firmwaresdm660msm8920_firmwaresdm630mdm9607_firmwareipq8074_firmwaresdm710qm215mdm9607apq8017_firmwaresdm710_firmwaremsm8939_firmwareqca8081mdm9150msm8937mdm9207c_firmwaremsm8996_firmwaremsm8905mdm9207csnapdragon_high_med_2016sm8150_firmwaremsm8909sxr2130_firmwareapq8096ausdm439_firmwaresdm630_firmwaremdm9205_firmwaresda660_firmwareqm215_firmwareipq4019msm8953_firmwaremsm8940sm6150_firmwareapq8053apq8096au_firmwaremsm8917_firmwaremsm8998sm8150sdm850apq8017msm8996sdm660_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8249
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-7.8||HIGH
EPSS-0.65% / 70.43%
||
7 Day CHG~0.00%
Published-28 Oct, 2020 | 12:40
Updated-04 Aug, 2024 | 09:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to perform buffer overflow.

Action-Not Available
Vendor-n/aPulse Secure
Product-pulse_secure_desktop_clientPulse Secure Desktop Client
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8252
Matching Score-4
Assigner-HackerOne
ShareView Details
Matching Score-4
Assigner-HackerOne
CVSS Score-7.8||HIGH
EPSS-0.18% / 39.63%
||
7 Day CHG~0.00%
Published-18 Sep, 2020 | 20:11
Updated-30 Apr, 2025 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.

Action-Not Available
Vendor-Node.js (OpenJS Foundation)openSUSEFedora Project
Product-fedoranode.jsleapNode
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-29520
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-2.5||LOW
EPSS-0.02% / 4.71%
||
7 Day CHG~0.00%
Published-14 May, 2021 | 19:35
Updated-03 Aug, 2024 | 22:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Heap buffer overflow in `Conv3DBackprop*`

TensorFlow is an end-to-end open source platform for machine learning. Missing validation between arguments to `tf.raw_ops.Conv3DBackprop*` operations can result in heap buffer overflows. This is because the implementation(https://github.com/tensorflow/tensorflow/blob/4814fafb0ca6b5ab58a09411523b2193fed23fed/tensorflow/core/kernels/conv_grad_shape_utils.cc#L94-L153) assumes that the `input`, `filter_sizes` and `out_backprop` tensors have the same shape, as they are accessed in parallel. The fix will be included in TensorFlow 2.5.0. We will also cherrypick this commit on TensorFlow 2.4.2, TensorFlow 2.3.3, TensorFlow 2.2.3 and TensorFlow 2.1.4, as these are also affected and still in supported range.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-8712
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.07% / 22.04%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:42
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in a verification process for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-33054
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.41% / 60.98%
||
7 Day CHG~0.00%
Published-02 Sep, 2024 | 10:22
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Computer Vision

Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwaresdm429w_firmwarewsa8845_firmwarewsa8832wsa8840qcs8550_firmwarewcd9370snapdragon_8_gen_2_mobile_firmwarewcd9385wcd9395_firmwarewcd9390_firmwarefastconnect_6700snapdragon_8_gen_2_mobilesg8275pwsa8832_firmwarewcd9370_firmwarewcd9395sg8275p_firmwaresnapdragon_8\+_gen_2_mobileqcm6490_firmwarewcn3660bwcn3620_firmwarewcd9390qcm6490wsa8845h_firmwaresm8550p_firmwareqcm8550qcs6490_firmwaresdm429wwcn3660b_firmwarewsa8835wsa8840_firmwareqcs5430wsa8845hwcd9380_firmwareqcm5430qcm5430_firmwarewsa8830sm8550pwcn6755_firmwarewcn3620snapdragon_8_gen_3_mobile_firmwarewcd9375_firmwarefastconnect_6900fastconnect_7800_firmwaresnapdragon_429_mobilesm8635qcs5430_firmwaresm8635_firmwarewcd9385_firmwarefastconnect_6900_firmwareqcs8550wcd9380fastconnect_7800snapdragon_8\+_gen_2_mobile_firmwarewcd9375wcn6755wsa8845fastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewsa8835_firmwaresnapdragon_429_mobile_firmwareqcs6490snapdragon_8_gen_3_mobilewsa8830_firmwarevideo_collaboration_vc3_platformSnapdragonwcd9380_firmwareqcm8550_firmwareqcm6490_firmwarewsa8832_firmwarewsa8840_firmwaresg8275p_firmwarefastconnect_6900_firmwareqcs8550_firmwaresdm429w_firmwarefastconnect_6700_firmwarefastconnect_7800_firmwarewcn6755_firmwarewcd9395_firmwaresm8635_firmwareqcm5430_firmwareqcs6490_firmwareqcs5430_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwarewcd9370_firmwaresm8550p_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwarewsa8830_firmwarewsa8845_firmwarewcn3620_firmwarewcn3660b_firmwarewsa8835_firmwaresnapdragon_429_mobile_platform_firmwarewcd9375_firmwarewsa8845h_firmwaresnapdragon_8_gen_2_mobile_platform_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-27957
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.06%
||
7 Day CHG~0.00%
Published-08 May, 2023 | 00:00
Updated-29 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.
Product-macosmacOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-30962
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.17% / 38.68%
||
7 Day CHG~0.00%
Published-05 Dec, 2024 | 00:00
Updated-09 Jan, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-humble and navigation 2-humble allows a local attacker to execute arbitrary code via the nav2_amcl process

Action-Not Available
Vendor-openroboticsn/aopen_robotics
Product-robot_operating_systemn/aros2_navigation2ros2_humblenav2_humble
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-29414
Matching Score-4
Assigner-Schneider Electric
ShareView Details
Matching Score-4
Assigner-Schneider Electric
CVSS Score-7.8||HIGH
EPSS-0.07% / 20.64%
||
7 Day CHG~0.00%
Published-12 Jul, 2023 | 08:18
Updated-07 Nov, 2024 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A CWE-120: Buffer Copy without Checking Size of Input (Classic Buffer Overflow) vulnerability exists that could cause user privilege escalation if a local user sends specific string input to a local function call.

Action-Not Available
Vendor-
Product-accutech_managerAccutech Manageraccutech_manager
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-29645
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.98%
||
7 Day CHG~0.00%
Published-02 Dec, 2024 | 00:00
Updated-01 Jul, 2025 | 15:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in radarorg radare2 v.5.8.8 allows an attacker to execute arbitrary code via the parse_die function.

Action-Not Available
Vendor-n/aRadare2 (r2)
Product-radare2n/aradare2
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-26797
Matching Score-4
Assigner-kernel.org
ShareView Details
Matching Score-4
Assigner-kernel.org
CVSS Score-7.8||HIGH
EPSS-0.04% / 10.83%
||
7 Day CHG~0.00%
Published-04 Apr, 2024 | 08:20
Updated-04 May, 2025 | 08:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
drm/amd/display: Prevent potential buffer overflow in map_hw_resources

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Prevent potential buffer overflow in map_hw_resources Adds a check in the map_hw_resources function to prevent a potential buffer overflow. The function was accessing arrays using an index that could potentially be greater than the size of the arrays, leading to a buffer overflow. Adds a check to ensure that the index is within the bounds of the arrays. If the index is out of bounds, an error message is printed and break it will continue execution with just ignoring extra data early to prevent the buffer overflow. Reported by smatch: drivers/gpu/drm/amd/amdgpu/../display/dc/dml2/dml2_wrapper.c:79 map_hw_resources() error: buffer overflow 'dml2->v20.scratch.dml_to_dc_pipe_mapping.disp_cfg_to_stream_id' 6 <= 7 drivers/gpu/drm/amd/amdgpu/../display/dc/dml2/dml2_wrapper.c:81 map_hw_resources() error: buffer overflow 'dml2->v20.scratch.dml_to_dc_pipe_mapping.disp_cfg_to_plane_id' 6 <= 7

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinuxlinux_kernel
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-26952
Matching Score-4
Assigner-kernel.org
ShareView Details
Matching Score-4
Assigner-kernel.org
CVSS Score-8.1||HIGH
EPSS-0.03% / 8.82%
||
7 Day CHG~0.00%
Published-01 May, 2024 | 05:18
Updated-03 Nov, 2025 | 22:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ksmbd: fix potencial out-of-bounds when buffer offset is invalid

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix potencial out-of-bounds when buffer offset is invalid I found potencial out-of-bounds when buffer offset fields of a few requests is invalid. This patch set the minimum value of buffer offset field to ->Buffer offset to validate buffer length.

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinuxlinux_kernel
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-26936
Matching Score-4
Assigner-kernel.org
ShareView Details
Matching Score-4
Assigner-kernel.org
CVSS Score-7.8||HIGH
EPSS-0.02% / 6.37%
||
7 Day CHG~0.00%
Published-01 May, 2024 | 05:26
Updated-18 Sep, 2025 | 14:19
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ksmbd: validate request buffer size in smb2_allocate_rsp_buf()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate request buffer size in smb2_allocate_rsp_buf() The response buffer should be allocated in smb2_allocate_rsp_buf before validating request. But the fields in payload as well as smb2 header is used in smb2_allocate_rsp_buf(). This patch add simple buffer size validation to avoid potencial out-of-bounds in request buffer.

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinux
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-25817
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.07% / 20.77%
||
7 Day CHG~0.00%
Published-05 Mar, 2024 | 00:00
Updated-15 Jan, 2025 | 16:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in eza before version 0.18.2, allows local attackers to execute arbitrary code via the .git/HEAD, .git/refs, and .git/objects components.

Action-Not Available
Vendor-eza.rockn/aeza
Product-ezan/aeza
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-23368
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 29.71%
||
7 Day CHG~0.00%
Published-01 Jul, 2024 | 14:17
Updated-01 Aug, 2024 | 23:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Qualcomm IPC

Memory corruption when allocating and accessing an entry in an SMEM partition.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm7325-ae_firmwareipq4028_firmwareqca8337qfw7124sg8275p_firmwarear9380ipq8173_firmwareqam8775pqcf8001qamsrv1mqru1052snapdragon_888_5g_mobile_platformqcn5124wcn3950_firmwareqca6595au_firmwaresa6155video_collaboration_vc3_platformsnapdragon_480_5g_mobile_platformqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcn3950qcn6024_firmwaresm4125immersive_home_316_platform_firmwarewcn3660bqsm8350_firmwaresnapdragon_460_mobile_platformqsm8350snapdragon_660_mobile_platform_firmwaresm7315_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwareqcn6422_firmwareqca8081_firmwareqca6420qcn9002snapdragon_auto_5g_modem-rf_firmwareipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwareqca0000sa8155_firmwarerobotics_rb3_platform_firmwareipq8068qca6430sa7775p_firmwaresdx65mwcd9340qca6698aq_firmwaresnapdragon_690_5g_mobile_platformipq5312qualcomm_205_mobile_platform_firmwareqca9888_firmwareqcn6122qca6696_firmwareqcn5154_firmwareqru1052_firmwaresa8150pqca9992_firmwaresd660sd865_5g_firmwaresd660_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn5022_firmwareimmersive_home_216_platform_firmwaresa8770psnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwareqca9985_firmwareipq4018_firmwaresnapdragon_778g_5g_mobile_platform_firmwaressg2125pqca9980_firmwaresdm429wipq8078qca8084qcm8550ipq8173qcn9001_firmwaresnapdragon_670_mobile_platform_firmwaresd670_firmwareqca6574qdu1110_firmwarecsr8811_firmwaresnapdragon_7c\+_gen_3_computewcd9380snapdragon_x72_5g_modem-rf_system_firmwareqcs410snapdragon_210_processorqcn5024sxr1230pvideo_collaboration_vc3_platform_firmwareqca9985qcn9012_firmwareqcn9274_firmwarewsa8845ipq6018_firmwareqcm4325_firmwarewcd9340_firmwarewsa8815sm6150-ac_firmwarepmp8074_firmwareqcn6112qcs8250ipq6028ipq8064sd835pmp8074snapdragon_x62_5g_modem-rf_system_firmwareipq9574_firmwarewcn3980_firmwaresd730immersive_home_3210_platform_firmwaresa8295pwcn6740_firmwareqcs4490_firmwareqca6678aqsnapdragon_x65_5g_modem-rf_systemapq8064au_firmwareipq8078_firmwaresa8650p_firmwarefastconnect_6900qcn5054snapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresnapdragon_660_mobile_platformqca9994srv1lqca9980qdx1011_firmwareqcn9024_firmwarefsm20056ipq8174_firmwaresd670snapdragon_8\+_gen_2_mobile_platformqcm4290_firmwareqcn6412_firmwareqdx1010_firmwaresw5100p_firmwareqcs610_firmwareipq5302_firmwareqamsrv1m_firmwareqcm5430qualcomm_215_mobile_platform_firmwaresa6145pqca9886_firmwareimmersive_home_214_platformqcs5430_firmwaresnapdragon_750g_5g_mobile_platformqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresm8550p_firmwareqdx1010sdx55qcn5021_firmwarecsra6640snapdragon_695_5g_mobile_platformvideo_collaboration_vc1_platformsrv1mssg2115p_firmwareqam8620p_firmwareqfw7124_firmwareqam8255pqdu1210_firmwaresa4155ptalynplus_firmwarewsa8830sxr2230p_firmwaresnapdragon_x24_lte_modem_firmwareqam8650pcsrb31024mdm9628_firmwareflight_rb5_5g_platformmdm9650snapdragon_865_5g_mobile_platformflight_rb5_5g_platform_firmwarefsm10055_firmwareqcn6224_firmwareqca8082qca9992qcs4290srv1l_firmwareqca6420_firmwaresnapdragon_auto_4g_modem_firmwareqca6564qca6426wcn3990_firmwareqrb5165n_firmwaresnapdragon_8_gen_2_mobile_platformqca9984_firmwareqca9377ipq9554wcd9385_firmwarewcd9326_firmwarefastconnect_6200wcn3615_firmwareqamsrv1h_firmwareipq8074asm7325-afqcn6102_firmwareqcn9011_firmwaresa8155snapdragon_x55_5g_modem-rf_systemsnapdragon_835_mobile_pc_platform_firmwareqcn5122_firmwaresa7255psdx55_firmwaresnapdragon_4_gen_2_mobile_platformqcn6023_firmwaresnapdragon_8_gen_3_mobile_platformqfw7114sm7250p_firmwarewcn3615wcn3610_firmwarewsa8845h_firmwareqrb5165nqca6584ausnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresnapdragon_x72_5g_modem-rf_systemipq8174qcn5052qca9367qcn6112_firmwaresm8250-acwcn3988_firmwareqcn9074srv1hqca8085sm7250-aafastconnect_6700_firmwaresa8195psxr1120qcn6224wcd9326snapdragon_x75_5g_modem-rf_systemwcd9335wcd9395_firmwaresnapdragon_auto_5g_modem-rf_gen_2qcm4490qcn6023qcs4290_firmwaresa8770p_firmwareqca8085_firmwareipq5300sxr2130_firmwareqcs6490_firmwareipq9570sm7150-abqca9898_firmwarewcd9375aqt1000snapdragon_210_processor_firmwaresm6250_firmwaresnapdragon_662_mobile_platformipq5010_firmwareipq8074a_firmwarewsa8815_firmwarevideo_collaboration_vc5_platform_firmwaresxr1120_firmwaresxr2250p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcm6125_firmwarerobotics_rb5_platform_firmwaresd865_5gqca6595qdu1010_firmwarequalcomm_205_mobile_platformipq8065_firmwaresxr1230p_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwareqcn6274qcn6422qcn5154qca8075_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresxr2130smart_audio_400_platformqcn6132_firmwareqcn9003_firmwareqca9888qca6310_firmwareipq8070a_firmwareqru1062sa8650psa9000pqca6574_firmwareqca9886sm7325p_firmwaresxr2230psnapdragon_xr2_5g_platform_firmwareqca6574a_firmwaresa8775pqrb5165msm7315snapdragon_x55_5g_modem-rf_system_firmwareqcn6102snapdragon_x35_5g_modem-rf_system_firmwaresnapdragon_690_5g_mobile_platform_firmwareqcn6274_firmwaresnapdragon_auto_4g_modemcsrb31024_firmwareqcm6490_firmwarewsa8832_firmwaresnapdragon_xr1_platformqcn9070_firmwareqcm2150ipq6028_firmwareipq8072a_firmwareqcn6432_firmwareqca9889_firmwareqcn5122qcs8250_firmwaresm7250-aa_firmwaresm8550psnapdragon_8_gen_1_mobile_platform_firmwaresm8150-ac_firmwareqcn5022sm8350-acqca6564_firmwarewcn6740qcs8550sm6150-acsnapdragon_x50_5g_modem-rf_systemqca8075snapdragon_8_gen_3_mobile_platform_firmwareqcn6024qcn9022qdu1210qcn9002_firmwareipq6000_firmwareqcs410_firmwarefsm10055qam8255p_firmwaresnapdragon_8_gen_1_mobile_platformsa6150p_firmwareqcs610snapdragon_820_automotive_platform_firmwareqca4024_firmwarewsa8840snapdragon_212_mobile_platformimmersive_home_318_platform_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6335csra6620_firmwarecsra6640_firmwareqep8111_firmwareqam8295pipq8076amdm9628qca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwaresm7150-acqcn6412sm7325-aeqca6574au_firmwareqcn5164_firmwarewcd9375_firmwaresa6155_firmwaresm6225-adsnapdragon_xr2\+_gen_1_platformqca6678aq_firmwaresmart_audio_400_platform_firmwaresm6225-ad_firmwareqrb5165m_firmwareipq5028qca7500ipq4029_firmwareqca6698aqqcs6125sa4155p_firmwareqcf8001_firmwarewsa8840_firmwareipq6010sm7250-ab_firmwareqru1062_firmwarerobotics_rb3_platformsnapdragon_8\+_gen_1_mobile_platformsnapdragon_720g_mobile_platformqcn6132snapdragon_780g_5g_mobile_platformsw5100fsm10056_firmwareqca6436sa6155pfsm20055_firmwareqdu1000_firmwareqcf8000sxr2250psnapdragon_auto_5g_modem-rf_gen_2_firmwarewcd9341qam8775p_firmwareipq8068_firmwaresa8255pipq9008_firmwaresnapdragon_x12_lte_modemqca6797aqwcn3910_firmwaresnapdragon_855_mobile_platform_firmwareqcc710_firmwarerobotics_rb5_platformsm8250-ac_firmwarewsa8830_firmwaresd855_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988snapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwareqca9898sa8295p_firmwareipq4028wcn3610qca8337_firmwarewcd9380_firmwareipq8072aqca7500_firmwaresw5100pmsm8996au_firmwareipq8076a_firmwaresnapdragon_w5\+_gen_1_wearable_platformqca6564auipq9008qualcomm_215_mobile_platformqcn5164qcn6402_firmwarefastconnect_6700ipq9554_firmwareqcn5054_firmwareipq4019_firmwaresm7150-aa_firmwaresg8275pqca8072_firmwareqca6430_firmwareqcn5052_firmwareqfw7114_firmwaresm6370_firmwarewcd9335_firmwarewcn3980qca6335_firmwarewcn3910qca6320mdm9650_firmwaresnapdragon_4_gen_1_mobile_platformqca6426_firmwarewcn3660b_firmwarewcn3680qca9984snapdragon_670_mobile_platformqcn9024snapdragon_xr2\+_gen_1_platform_firmwareipq5302ipq8064_firmwaresm7150-aasnapdragon_820_automotive_platformsnapdragon_x50_5g_modem-rf_system_firmwaresnapdragon_xr2_5g_platformwcn3680_firmwaresm7150-ab_firmwareipq8070qca6797aq_firmwareqdu1010qca6564a_firmwaresa7255p_firmwareqca9880sa8620psnapdragon_x24_lte_modemwsa8832ipq5332immersive_home_326_platformipq6018qcc710qcs4490qca6595_firmwaresa8145pwcd9395snapdragon_710_mobile_platform_firmwareimmersive_home_214_platform_firmwaresm4350-ac_firmwaresd888_firmwareqcn6402sa8155pqep8111snapdragon_720g_mobile_platform_firmwarear8035_firmwareqcm2290snapdragon_855_mobile_platformqcn5024_firmwaresnapdragon_662_mobile_platform_firmwareqcn9070sa8145p_firmwareqcs2290_firmwarefsm10056csra6620qcn9072sm7250-ac_firmwareqca8386qca9880_firmwaresnapdragon_888_5g_mobile_platform_firmwareipq6000sd730_firmwarewcd9370ssg2115pqcn5152_firmwareqca0000_firmwareqca6584au_firmwareqdu1110qcn9000_firmwaresm8250-abqamsrv1himmersive_home_216_platformtalynplusimmersive_home_316_platformimmersive_home_318_platformqcn5124_firmwareqam8295p_firmwareqcn6100_firmwareqca8082_firmwareqca6320_firmwaresa9000p_firmwarewcn3680b_firmwaresnapdragon_778g_5g_mobile_platformsnapdragon_212_mobile_platform_firmwareqca6595ausm7325-af_firmwaresnapdragon_429_mobile_platformqca6436_firmwaresm4350-acsnapdragon_680_4g_mobile_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwareipq5010qca6564au_firmwaresa8620p_firmwaresa6155p_firmwareqca6310qcn9274sa8775p_firmwareqcn9001qca9990qcs6490video_collaboration_vc5_platformqcs8550_firmwarevision_intelligence_300_platform_firmwaresa6145p_firmwarefsm20056_firmwaresm6250wsa8810_firmwarevision_intelligence_400_platformwsa8845hsnapdragon_x62_5g_modem-rf_systemsnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresg4150pqcs7230qca8081snapdragon_x35_5g_modem-rf_systemipq8071asa7775psdx65m_firmwareqam8620pqca6174a_firmwareipq8071a_firmwareqcs5430immersive_home_3210_platformwcd9385snapdragon_x12_lte_modem_firmwarear8035csr8811apq8064auipq4019wcd9390qcn9100_firmwarevision_intelligence_400_platform_firmwarewcn3620_firmwareqcm6490wsa8835_firmwarewcn3620qca6564asa4150psg4150p_firmwareqcm4325qca8072qcm2290_firmwaresnapdragon_845_mobile_platformqcm2150_firmwarewcn3990qcn9000qcf8000_firmwarefastconnect_6800ar9380_firmwareqru1032sm8350-ac_firmwareqcs7230_firmwaresnapdragon_835_mobile_pc_platformqcn9012sm8150-acsd888qdx1011qdu1000immersive_home_326_platform_firmwareqcn6122_firmwarewsa8835msm8996ausdm429w_firmwaresnapdragon_auto_5g_modem-rfsd_8_gen1_5gsnapdragon_4_gen_1_mobile_platform_firmwaressg2125p_firmwareipq4018qca6574aqca9889qca6174asm7325pqca9994_firmwareqcn9003ipq8076_firmwaresm7150-ac_firmwaresm7250-absd855sm4125_firmwareipq8076qru1032_firmwarewsa8845_firmwarefastconnect_6200_firmwareqcn5021qcn5152vision_intelligence_300_platformsm8250-ab_firmwareqca6391snapdragon_710_mobile_platformfastconnect_7800aqt1000_firmwareqcn9100qcm4490_firmwaresnapdragon_845_mobile_platform_firmwareqcm4290ipq5300_firmwareipq9570_firmwaresrv1h_firmwareqcn9011video_collaboration_vc1_platform_firmwareipq5312_firmwareqca6574ausa8155p_firmwareipq9574wcd9341_firmwarefastconnect_7800_firmwareqcm6125wsa8810sm7250-acipq5332_firmwaresnapdragon_680_4g_mobile_platformsm6370srv1m_firmwaresnapdragon_ar2_gen_1_platformwcn3680bsd835_firmwareqam8650p_firmwaresnapdragon_675_mobile_platformipq6010_firmwareqca6696fsm20055sa6150pqcn9022_firmwarewcd9390_firmwareqca9990_firmwareipq8070aqcn6100qcn9072_firmwaresm7250psnapdragon_8\+_gen_1_mobile_platform_firmwaresw5100_firmwareqcn9074_firmwareipq4029qcn6432snapdragon_xr1_platform_firmwareSnapdragonqca9377_firmwareqam8255p_firmwaresa6150p_firmwareipq4028_firmwaresg8275p_firmwareipq8173_firmwaresnapdragon_820_automotive_platform_firmwareqca4024_firmwarewcn3950_firmwareimmersive_home_318_platform_firmwareipq5028_firmwaresa8150p_firmwareqca6595au_firmwarecsra6620_firmwarecsra6640_firmwareqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqep8111_firmwareqcn6024_firmwareqca8386_firmwareimmersive_home_316_platform_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwaresnapdragon_660_mobile_platform_firmwaresm7315_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwareqcn5164_firmwareqcn6422_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwaresnapdragon_auto_5g_modem-rf_firmwareipq8070_firmwareqca9367_firmwareipq8078a_firmwareqca6678aq_firmwaresmart_audio_400_platform_firmwareqrb5165m_firmwarewsa8840_firmwareipq4029_firmwaresa4155p_firmwaresa8155_firmwareqcf8001_firmwarerobotics_rb3_platform_firmwareqru1062_firmwaresa7775p_firmwarefsm10056_firmwarefsm20055_firmwareqdu1000_firmwareqca6698aq_firmwarequalcomm_205_mobile_platform_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca9888_firmwareqam8775p_firmwareipq8068_firmwareqca6696_firmwareipq9008_firmwareqcn5154_firmwareqru1052_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwareqcc710_firmwarewsa8830_firmwareqca9992_firmwaresd865_5g_firmwaresd855_firmwaresd660_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn5022_firmwaresa8295p_firmwareimmersive_home_216_platform_firmwaresnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwarequalcomm_video_collaboration_vc1_platform_firmwareqca9985_firmwareipq4018_firmwareqca8337_firmwaresnapdragon_778g_5g_mobile_platform_firmwarewcd9380_firmwareqca7500_firmwareqca9980_firmwaremsm8996au_firmwareipq8076a_firmwareqcn9001_firmwaresnapdragon_670_mobile_platform_firmwaresd670_firmwareqdu1110_firmwareqcn6402_firmwarecsr8811_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareipq9554_firmwareqcn5054_firmwareipq4019_firmwareqca8072_firmwareqcn9012_firmwareqca6430_firmwareqcn9274_firmwareqcn5052_firmwareqfw7114_firmwaresm6370_firmwarewcd9335_firmwareqca6335_firmwareipq6018_firmwareqcm4325_firmwarewcd9340_firmwarepmp8074_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwaresnapdragon_x62_5g_modem-rf_system_firmwareipq9574_firmwarewcn3980_firmwareimmersive_home_3210_platform_firmwareipq8064_firmwaresnapdragon_x50_5g_modem-rf_system_firmwarewcn6740_firmwareqcs4490_firmwareapq8064au_firmwarewcn3680_firmwareipq8078_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwareqca6797aq_firmwareqdx1011_firmwareqcn9024_firmwareipq8174_firmwareqca6564a_firmwaresa7255p_firmwareqcm4290_firmwareqcn6412_firmwareqdx1010_firmwaresw5100p_firmwareqcs610_firmwareipq5302_firmwareqamsrv1m_firmwarequalcomm_215_mobile_platform_firmwareqca9886_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaresa4150p_firmwareimmersive_home_214_platform_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresd888_firmwareqcn5021_firmwaressg2115p_firmwareqam8620p_firmwareqfw7124_firmwareqdu1210_firmwaresnapdragon_720g_mobile_platform_firmwarear8035_firmwareqcn5024_firmwaretalynplus_firmwaresnapdragon_662_mobile_platform_firmwaresxr2230p_firmwaresa8145p_firmwaresnapdragon_x24_lte_modem_firmwareqcs2290_firmwaremdm9628_firmwareflight_rb5_5g_platform_firmwarefsm10055_firmwareqcn6224_firmwareqca9880_firmwaresrv1l_firmwaresnapdragon_888_5g_mobile_platform_firmwareqca6420_firmwaresnapdragon_auto_4g_modem_firmwaresd730_firmwareqcn5152_firmwareqca0000_firmwareqca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwarewcd9326_firmwarewcn3615_firmwareqamsrv1h_firmwareqcn5124_firmwareqam8295p_firmwareqcn6102_firmwareqcn9011_firmwareqcn6100_firmwareqca8082_firmwareqca6320_firmwaresa9000p_firmwaresnapdragon_835_mobile_pc_platform_firmwareqcn5122_firmwaresdx55_firmwarewcn3680b_firmwarewsa8845h_firmwareqcn6023_firmwaresnapdragon_212_mobile_platform_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresa8775p_firmwareqcs8550_firmwarevision_intelligence_300_platform_firmwareqcn6112_firmwarewcn3988_firmwaresa6145p_firmwarefsm20056_firmwarefastconnect_6700_firmwarewsa8810_firmwarewcd9395_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwaresdx65m_firmwareqca6174a_firmwareipq8071a_firmwareqcs4290_firmwaresa8770p_firmwareqca8085_firmwaresxr2130_firmwareqcs6490_firmwaresnapdragon_x12_lte_modem_firmwareqca9898_firmwaresnapdragon_210_processor_firmwaresm6250_firmwareqcn9100_firmwarevision_intelligence_400_platform_firmwarewcn3620_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwaresxr1120_firmwaresxr2250p_firmwaresg4150p_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcm6125_firmwareqcm2290_firmwarerobotics_rb5_platform_firmwareqcm2150_firmwareqcf8000_firmwarear9380_firmwareqcs7230_firmwareqdu1010_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwareipq8065_firmwaresxr1230p_firmwaresdm429w_firmwaresnapdragon_4_gen_1_mobile_platform_firmwareqca8075_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaressg2125p_firmwareqcn6132_firmwareqcn9003_firmwareqca6310_firmwareqca9994_firmwareipq8070a_firmwareipq8076_firmwareqca6574_firmwaresm4125_firmwaresm7325p_firmwareqru1032_firmwaresnapdragon_xr2_5g_platform_firmwarewsa8845_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareaqt1000_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresnapdragon_690_5g_mobile_platform_firmwareqcm4490_firmwareqcn6274_firmwaresnapdragon_845_mobile_platform_firmwarecsrb31024_firmwareqcm6490_firmwarewsa8832_firmwareipq5300_firmwareqcn9070_firmwareipq9570_firmwaresrv1h_firmwareipq6028_firmwareipq8072a_firmwareqcn6432_firmwareipq5312_firmwareqca9889_firmwaresa8155p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareipq5332_firmwaresnapdragon_8_gen_1_mobile_platform_firmwaresrv1m_firmwaresd835_firmwareqca6564_firmwareqam8650p_firmwareipq6010_firmwaresnapdragon_8_gen_3_mobile_platform_firmwareqcn9022_firmwarewcd9390_firmwareqca9990_firmwareqcn9002_firmwareqcn9072_firmwareipq6000_firmwaresw5100_firmwareqcn9074_firmwareqcs410_firmwaresnapdragon_xr1_platform_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-43526
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 12.67%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 14:32
Updated-15 Jan, 2025 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio

Memory corruption while querying module parameters from Listen Sound model client in kernel from user space.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragonqam8255p_firmwaresa8620p_firmwaresa6155p_firmwareqca8337_firmwaresa6150p_firmwareqcn6274_firmwaresnapdragon_x72_5g_modem-rf_systemsa8775p_firmwaresa8650p_firmwaresrv1h_firmwareqcn6224_firmwaresa6145p_firmwaresa8155p_firmwaresa7255p_firmwarefastconnect_7800_firmwaresa8255p_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwaresa8770p_firmwareqam8775p_firmwareqca6696_firmwareqfw7114_firmwareqca6391_firmwareqamsrv1h_firmwarewcd9340_firmwareqcc710_firmwareqam8295p_firmwaresa9000p_firmwareqca6574au_firmwaresa8195p_firmwareqca8081_firmwareqfw7124_firmwaresa8295p_firmwarear8035_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-43515
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.6||MEDIUM
EPSS-0.05% / 14.81%
||
7 Day CHG~0.00%
Published-01 Apr, 2024 | 15:05
Updated-13 Jan, 2025 | 21:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer copy without checking size of input (Classic buffer overflow) in HLOS

Memory corruption in HLOS while running kernel address sanitizers (syzkaller) on tmecom with DEBUG_FS enabled.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wsa8830_firmwarewcd9380fastconnect_6900wsa8835fastconnect_7800snapdragon_8_gen_1_mobilewsa8830fastconnect_7800_firmwarewcd9380_firmwarefastconnect_6900_firmwarewsa8835_firmwaresnapdragon_8_gen_1_mobile_firmwareSnapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-11473
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.09% / 25.85%
||
7 Day CHG~0.00%
Published-20 Jul, 2017 | 04:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table.

Action-Not Available
Vendor-n/aCanonical Ltd.Linux Kernel Organization, Inc
Product-linux_kernelubuntu_linuxn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2017-18779
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.4||HIGH
EPSS-0.21% / 43.37%
||
7 Day CHG~0.00%
Published-22 Apr, 2020 | 14:37
Updated-05 Aug, 2024 | 21:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Certain NETGEAR devices are affected by a buffer overflow. This affects D6200 before 1.1.00.24, D7000 before 1.0.1.52, JNR1010v2 before 1.1.0.44, JR6150 before 1.0.1.12, JWNR2010v5 before 1.1.0.44, PR2000 before 1.0.0.20, R6020 before 1.0.0.26, R6050 before 1.0.1.12, R6080 before 1.0.0.26, R6120 before 1.0.0.36, R6220 before 1.1.0.60, R6700v2 before 1.2.0.12, R6800 before 1.2.0.12, R6900v2 before 1.2.0.12, WNDR3700v5 before 1.1.0.50, WNR1000v4 before 1.1.0.44, WNR2020 before 1.1.0.44, and WNR2050 before 1.1.0.44.

Action-Not Available
Vendor-n/aNETGEAR, Inc.
Product-jnr1010_firmwarewnr2020_firmwarewndr3700r6120wnr2020r6220_firmwarepr2000r6080_firmwarejwnr2010r6120_firmwarer6800wnr1000_firmwarer6050pr2000_firmwarer6220r6020r6020_firmwared7000r6080d7000_firmwarer6700wndr3700_firmwarewnr1000r6900d6200_firmwarer6900_firmwarer6050_firmwarewnr2050d6200jr6150_firmwarejr6150wnr2050_firmwarejnr1010r6700_firmwarer6800_firmwarejwnr2010_firmwaren/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • Next
Details not found