Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-36612

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-29 Nov, 2024 | 00:00
Updated At-02 Dec, 2024 | 16:35
Rejected At-
Credits

Zulip from 8.0 to 8.3 contains a memory leak vulnerability in the handling of popovers.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:29 Nov, 2024 | 00:00
Updated At:02 Dec, 2024 | 16:35
Rejected At:
▼CVE Numbering Authority (CNA)

Zulip from 8.0 to 8.3 contains a memory leak vulnerability in the handling of popovers.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/zulip/zulip/commit/0a90a13becbf0338a8fc1ad37946e51c2c25b0a5
N/A
https://github.com/zulip/zulip/blob/8.3/web/src/click_handlers.js
N/A
https://gist.github.com/1047524396/f7ff51d24ebbb29e21dfb70a0c97302b
N/A
Hyperlink: https://github.com/zulip/zulip/commit/0a90a13becbf0338a8fc1ad37946e51c2c25b0a5
Resource: N/A
Hyperlink: https://github.com/zulip/zulip/blob/8.3/web/src/click_handlers.js
Resource: N/A
Hyperlink: https://gist.github.com/1047524396/f7ff51d24ebbb29e21dfb70a0c97302b
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Vendor
Kandra Labs, Inc. (Zulip)zulip
Product
zulip
CPEs
  • cpe:2.3:a:zulip:zulip:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From 8.0 through 8.3 (custom)
Problem Types
TypeCWE IDDescription
CWECWE-125CWE-125 Out-of-bounds Read
Type: CWE
CWE ID: CWE-125
Description: CWE-125 Out-of-bounds Read
Metrics
VersionBase scoreBase severityVector
3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:29 Nov, 2024 | 20:15
Updated At:02 Dec, 2024 | 17:15

Zulip from 8.0 to 8.3 contains a memory leak vulnerability in the handling of popovers.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.5HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-125Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-125
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://gist.github.com/1047524396/f7ff51d24ebbb29e21dfb70a0c97302bcve@mitre.org
N/A
https://github.com/zulip/zulip/blob/8.3/web/src/click_handlers.jscve@mitre.org
N/A
https://github.com/zulip/zulip/commit/0a90a13becbf0338a8fc1ad37946e51c2c25b0a5cve@mitre.org
N/A
Hyperlink: https://gist.github.com/1047524396/f7ff51d24ebbb29e21dfb70a0c97302b
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://github.com/zulip/zulip/blob/8.3/web/src/click_handlers.js
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://github.com/zulip/zulip/commit/0a90a13becbf0338a8fc1ad37946e51c2c25b0a5
Source: cve@mitre.org
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

494Records found
CVE-2024-33057
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.68%
||
7 Day CHG~0.00%
Published-02 Sep, 2024 | 10:22
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Host Communication

Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcm8550_firmwareimmersive_home_214ipq9574qcn9000_firmwareqca6595qcn9022wcd9335ipq6028_firmwarewcd9370qca8081_firmwareqca6696qam8620p_firmwarewcd9340_firmwaresa8530pwcd9341_firmwareipq5028_firmwarewcd9395_firmwareqcn6024qcc2073_firmwareqcc710_firmwareipq8076fastconnect_6700qcn6422_firmwareipq6018_firmwareqcn6023qcn5124_firmwarewsa8832_firmwareqca8337wcd9395ipq6000qca6574au_firmwareipq8078aipq8078a_firmwareqam8295pwcd9341snapdragon_x72_5g_modem-rf_system_firmwareipq5312qca6574auwcd9390sa8620p_firmwarewsa8845h_firmwaresa9000p_firmwaresrv1hqcn9100_firmwareqcn5122qca6554aqcs5430qcn6024_firmwareqcm5430qcm5430_firmwaresa8770pqcn9000ssg2115pqcc710qcn6132_firmwaresa8540psnapdragon_x72_5g_modem-rf_systemqca6777aqfastconnect_6900qcn6402qcn6432immersive_home_326_firmwareipq5332_firmwaresa7255psm8635qcn5052qfw7114wcd9385_firmwareipq9574_firmwareqam8255p_firmwareipq8074a_firmwareipq8076aqcn5164qca6787aqwsa8845sa6155pqcn9160qca6564au_firmwarecsr8811_firmwareqca8075qam8650pvideo_collaboration_vc5_platform_firmwaresa9000pqca8085srv1h_firmwareqca6595ausxr2250p_firmwaresa6155p_firmwarewsa8840srv1m_firmwareqcs8550_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwareipq8070a_firmwareqcn9070qcf8001qca8084snapdragon_8_gen_2_mobilesdx65mwcd9370_firmwareqcc2076sa7255p_firmwareqca6574aipq9570snapdragon_8\+_gen_2_mobilesa8195pwcd9340qcs8250_firmwaresnapdragon_auto_5g_modem-rf_gen_2qcm6490ipq5302sa8540p_firmwareqcn6122_firmwareqcn5154_firmwaresm8550p_firmwaresxr2250pqcm8550qcn5122_firmwareqcn9274qcn9024ipq8076a_firmwaresa8775pqca6574snapdragon_x75_5g_modem-rf_systemipq9570_firmwaresxr2230p_firmwareqca6777aq_firmwaresa8775p_firmwareqamsrv1hqcn6412_firmwareqcn9024_firmwarewsa8845hqca8082sa8155p_firmwaresa8155pwsa8830ipq5312_firmwaresm8550pqcf8000_firmwareqcn9074_firmwareipq8174immersive_home_318_firmwareqcn6122sa8255p_firmwareipq8174_firmwareqcc2073ar8035ipq8072aqamsrv1m_firmwaresa8650p_firmwareimmersive_home_216_firmwareimmersive_home_316srv1l_firmwareqcn6224ipq8071aqcn6112ssg2125p_firmwareqxm8083qca6698aqsa7775p_firmwareqrb5165nsa8530p_firmwarefastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990qcn6023_firmwareqcn5164_firmwareipq8078snapdragon_8_gen_3_mobileqcs6490qcs8250ipq9554_firmwareqcn9072wsa8830_firmwareqcn6224_firmwareqca6678aq_firmwareqca8386_firmwarewsa8845_firmwarewsa8832qca8082_firmwareqcc2076_firmwaresrv1limmersive_home_216srv1mqca6678aqqcn6432_firmwarear8035_firmwareqcn5022_firmwareqca4024_firmwareqca0000_firmwareipq9008ipq9554qca6564auipq9008_firmwareqcn9074ipq5300_firmwaresa8195p_firmwareqca8337_firmwareqca9888ipq5332sg8275p_firmwareipq8173qcm6490_firmwareipq8072a_firmwareipq6010_firmwarevision_intelligence_400_firmwareqcn6112_firmwareflight_rb5_5gsnapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareipq5028qca8085_firmwareqcf8001_firmwareqcn9070_firmwaresa8295p_firmwareqcn9022_firmwareipq5010_firmwareqcn6132ipq6018qcn9160_firmwareqca6584auqcn6274_firmwarewcn6755_firmwaresnapdragon_8_gen_3_mobile_firmwareqfw7114_firmwareqca4024qcs7230qca6595_firmwarefastconnect_7800_firmwareqcn6422immersive_home_214_firmwareipq5302_firmwareqxm8083_firmwareipq5300ipq8070asm8635_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380qam8255psxr2230pwcn6755qca8075_firmwareimmersive_home_3210qcf8000qcn5052_firmwaresxr1230pipq6010sdx65m_firmwarevideo_collaboration_vc3_platformqca6688aqqam8295p_firmwareqcn6402_firmwarewcn3990_firmwareqca6698aq_firmwarewcd9385qca8084_firmwaresa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwareqcn5024sg8275psdx55_firmwareimmersive_home_326ipq8071a_firmwareflight_rb5_5g_firmwaressg2125pqca6554a_firmwareipq6028qcn9100qamsrv1mrobotics_rb5qam8650p_firmwarevideo_collaboration_vc5_platformqcs6490_firmwaresnapdragon_x65_5g_modem-rf_systemipq8076_firmwareqam8620pwcd9335_firmwareqrb5165n_firmwareqca6584au_firmwareqcn5152_firmwareqcn6274wsa8835wsa8840_firmwareqca6391_firmwareqfw7124qca6595au_firmwareqca0000qca6696_firmwarewcd9380_firmwareqca6574_firmwareqca8081qcn5124qam8775psnapdragon_ar2_gen_1_firmwareqca6797aqqcn5152qcn6412sa8620pqca6574a_firmwaresdx55qcn9072_firmwareqca9888_firmwareipq8074aimmersive_home_3210_firmwareqca9889qcn5024_firmwareqca6787aq_firmwarewcd9375_firmwareqca8386qca6391sa7775pimmersive_home_318ipq5010qcn9274_firmwareipq8173_firmwareqcs5430_firmwaresa8770p_firmwaresa8295pqcs8550ipq6000_firmwarefastconnect_7800sa8650pqam8775p_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcd9375ipq8078_firmwareqca6688aq_firmwareqca9889_firmwaresnapdragon_ar2_gen_1immersive_home_316_firmwareqamsrv1h_firmwareqcn5154vision_intelligence_400wsa8835_firmwaressg2115p_firmwarecsr8811qcn5022snapdragon_x75_5g_modem-rf_system_firmwareSnapdragonqcn5024_firmwareqam8255p_firmwaresxr2230p_firmwaresg8275p_firmwareipq8173_firmwareqca6777aq_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwareqca4024_firmwareimmersive_home_318_platform_firmwaresrv1l_firmwareipq5028_firmwarewcn6755_firmwareqca6595au_firmwareqcn5152_firmwareqca0000_firmwareqcm5430_firmwareqca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca6554a_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqcn6024_firmwareqca8386_firmwareimmersive_home_316_platform_firmwareqamsrv1h_firmwareqca8084_firmwareqcn5124_firmwareqam8295p_firmwareqca8082_firmwaresa9000p_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwareqcn6422_firmwaresdx55_firmwareqca8081_firmwareqcn6023_firmwarewcd9375_firmwarewsa8845h_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareipq8078a_firmwareqca6678aq_firmwaresa8775p_firmwarewsa8840_firmwareqcf8001_firmwareqcs8550_firmwareqcn6112_firmwaresa7775p_firmwarefastconnect_6700_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwareqca6698aq_firmwaresdx65m_firmwareipq8071a_firmwaresa8770p_firmwareqca8085_firmwareqam8775p_firmwareqca9888_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca6696_firmwareqcs6490_firmwareipq9008_firmwareqcn5154_firmwareqcc710_firmwareqcn9100_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwareipq5010_firmwareipq8074a_firmwarewsa8835_firmwaresa8195p_firmwareqcn5022_firmwaresa8295p_firmwaresxr2250p_firmwareimmersive_home_216_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwareqca6787aq_firmwarerobotics_rb5_platform_firmwareqca8337_firmwarewcd9380_firmwareqcf8000_firmwareipq8076a_firmwareqcs7230_firmwaresa8530p_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwaresxr1230p_firmwareqcn6402_firmwaresa8540p_firmwarecsr8811_firmwareipq9554_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareqca8075_firmwaressg2125p_firmwaresm8635_firmwareqcn6132_firmwarewcd9335_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqfw7114_firmwareqcc2073_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwarewcd9340_firmwarewsa8845_firmwareqcn9160_firmwareqxm8083_firmwareqca6574a_firmwareipq9574_firmwareimmersive_home_3210_platform_firmwareqcn6274_firmwareipq5300_firmwareqcm6490_firmwareipq8078_firmwareipq9570_firmwareqcn9070_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwarewsa8832_firmwareipq6028_firmwareipq8072a_firmwareqca6797aq_firmwareipq5312_firmwareqcn6432_firmwareqca9889_firmwaresa8155p_firmwareqcn9024_firmwareipq8174_firmwaresa7255p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcn6412_firmwareipq5332_firmwareipq5302_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwareipq6010_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwareimmersive_home_214_platform_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwareqcn9022_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwareqcn9072_firmwareipq6000_firmwaressg2115p_firmwareqcn9074_firmwareqam8620p_firmwareqfw7124_firmwarear8035_firmware
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2024-33048
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.26% / 49.68%
||
7 Day CHG~0.00%
Published-02 Sep, 2024 | 10:22
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Host

Transient DOS while parsing the received TID-to-link mapping element of beacon/probe response frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwareimmersive_home_214qcm8550_firmwaresw5100pipq9574qcn9000_firmwareqca6595qcn9022wcd9335ipq6028_firmwarewcd9370qca8081_firmwareqca6696qam8620p_firmwarewcd9340_firmwarewcd9341_firmwareipq5028_firmwarewcd9395_firmwareqcn6024qcc2073_firmwareqcc710_firmwareipq8076qca6426fastconnect_6700qcn6422_firmwareipq6018_firmwareqcn6023qcn5124_firmwarewsa8832_firmwareqca8337qca6426_firmwarewcd9395ipq6000qca6574au_firmwareipq8078aipq8078a_firmwarewcd9341snapdragon_x72_5g_modem-rf_system_firmwareipq5312qca6574auwcd9390sa8620p_firmwarewsa8810_firmwarewsa8845h_firmwaresa9000p_firmwaresrv1hqcn9100_firmwarewcn3660b_firmwareqcn5122qca6554afastconnect_6800_firmwareqcs5430sd835_firmwareqcn6024_firmwareqcm5430qcm5430_firmwaresa8770pqcn9000ssg2115pqcc710qcn6132_firmwaresnapdragon_x72_5g_modem-rf_systemqca6777aqfastconnect_6900qcn6402qcn6432immersive_home_326_firmwareipq5332_firmwaresa7255psm8635qcn5052qfw7114wcd9385_firmwareqca6421snapdragon_x55_5g_modem-rf_systemipq9574_firmwareqca6310qam8255p_firmwareipq8074a_firmwareipq8076aqcn5164qca6787aqwsa8845sa6155pqca6421_firmwareqcn9160qca6564au_firmwarecsr8811_firmwaresnapdragon_429_mobile_firmwareqca8075wsa8810qam8650pvideo_collaboration_vc5_platform_firmwaresa9000pqca8085srv1h_firmwareqca6595ausxr2250p_firmwaresa6155p_firmwarewsa8840srv1m_firmwareqcs8550_firmwaresd835snapdragon_8_gen_2_mobile_firmwareqfw7124_firmwareqca6436_firmwareipq8070a_firmwareqcn9070qcf8001qca8084snapdragon_8_gen_2_mobilesdx65mwcd9370_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqcc2076wcn3660bqca6574asa7255p_firmwareipq9570wcn3620_firmwaresnapdragon_8\+_gen_2_mobilesa8195pwcd9340qcs8250_firmwaresnapdragon_auto_5g_modem-rf_gen_2snapdragon_835_mobile_pc_firmwareqcm6490ipq5302qcn6122_firmwareqcn5154_firmwaresm8550p_firmwaresxr2250pqcm8550wcn3988qcn5122_firmwareqcn9274qcn9024ipq8076a_firmwaresa8775pqca6574snapdragon_x75_5g_modem-rf_systemipq9570_firmwaresxr2230p_firmwareqca6777aq_firmwaresa8775p_firmwareqamsrv1hqcn6412_firmwareqcn9024_firmwarewsa8845hqca8082sa8155p_firmwaresa8155pwsa8830ipq5312_firmwaresm8550pqcf8000_firmwareqcn9074_firmwareipq8174immersive_home_318_firmwareqcn6122sa8255p_firmwareipq8174_firmwareqcc2073ar8035ipq8072aqamsrv1m_firmwaresa8650p_firmwareimmersive_home_216_firmwarewcn3620immersive_home_316srv1l_firmwareqcn6224snapdragon_865\+_5g_mobile_firmwareipq8071asnapdragon_429_mobileqcn6112qca6698aqqxm8083sa7775p_firmwaressg2125p_firmwareqrb5165nfastconnect_6700_firmwarevideo_collaboration_vc3_platform_firmwarewcn3990qcn6023_firmwareqcn5164_firmwareipq8078snapdragon_8_gen_3_mobileqcs6490qcs8250ipq9554_firmwareqcn5152_firmwareqcn9072wsa8830_firmwareqcn6224_firmwareqca6431qca6678aq_firmwareqca8386_firmwarewsa8845_firmwarewsa8832qca8082_firmwareqcc2076_firmwaresrv1limmersive_home_216srv1mqca6678aqqcn6432_firmwarear8035_firmwareqcn5022_firmwareqca6320qca4024_firmwareqca0000_firmwareipq9008ipq9554qca6564auipq9008_firmwareqcn9074ipq5300_firmwarewsa8815_firmwaresa8195p_firmwareqca8337_firmwareqca9888ipq5332sg8275p_firmwareipq8173qcm6490_firmwareipq8072a_firmwareipq6010_firmwareqcn6112_firmwareflight_rb5_5gsnapdragon_870_5g_mobile_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareipq5028qca8085_firmwareqcf8001_firmwareqcn9070_firmwaresnapdragon_870_5g_mobileqcn9022_firmwareipq5010_firmwareqcn6132ipq6018qcn9160_firmwareqca6584auqca6320_firmwareqcn6274_firmwarewcn6755_firmwaresw5100_firmwareqca6310_firmwaresnapdragon_8_gen_3_mobile_firmwarefastconnect_6800qfw7114_firmwareqca4024qcs7230qca6595_firmwarefastconnect_7800_firmwareqcn6422immersive_home_214_firmwaresnapdragon_865_5g_mobile_firmwareipq5302_firmwareqxm8083_firmwareipq5300ipq8070asm8635_firmwarefastconnect_6900_firmwarerobotics_rb5_firmwarewcd9380qam8255psxr2230pwcn6755qca8075_firmwareimmersive_home_3210qcf8000qcn5052_firmwaresxr1230pipq6010sdx65m_firmwarevideo_collaboration_vc3_platformsw5100qca6688aqqca6431_firmwareqcn6402_firmwarewcn3990_firmwareqca6698aq_firmwarewcd9385qca8084_firmwaresa8255pqcs7230_firmwaresxr1230p_firmwarewcd9390_firmwaresnapdragon_865\+_5g_mobileqcn5024sg8275psdx55_firmwareimmersive_home_326ipq8071a_firmwareflight_rb5_5g_firmwaressg2125pqca6554a_firmwareipq6028qcn9100qamsrv1mrobotics_rb5qam8650p_firmwarevideo_collaboration_vc5_platformqcs6490_firmwaresnapdragon_x65_5g_modem-rf_systemipq8076_firmwareqam8620pwcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwaresdm429wwsa8835wsa8840_firmwareqca6391_firmwareqca6584au_firmwareqcn6274qfw7124qca6595au_firmwareqca0000sw5100p_firmwareqca6696_firmwarewcd9380_firmwareqca6574_firmwareqca8081wsa8815qcn5124qam8775psnapdragon_ar2_gen_1_firmwareqca6797aqqcn5152qcn6412sa8620pqca6574a_firmwaresdx55qcn9072_firmwareqca9888_firmwaresnapdragon_865_5g_mobileipq8074aimmersive_home_3210_firmwareqca9889snapdragon_835_mobile_pcqcn5024_firmwareqca6787aq_firmwarewcd9375_firmwareqca8386qca6391sa7775pimmersive_home_318ipq5010qcn9274_firmwareipq8173_firmwareqcs5430_firmwaresa8770p_firmwareqcs8550ipq6000_firmwarefastconnect_7800sa8650pqam8775p_firmwaresnapdragon_8\+_gen_2_mobile_firmwarewcd9375ipq8078_firmwareqca6688aq_firmwareqca9889_firmwaresnapdragon_ar2_gen_1wcn3988_firmwareimmersive_home_316_firmwareqamsrv1h_firmwareqcn5154wsa8835_firmwaressg2115p_firmwarecsr8811qcn5022snapdragon_x75_5g_modem-rf_system_firmwarewcn3980Snapdragonqcn5024_firmwareqam8255p_firmwaresxr2230p_firmwaresg8275p_firmwareipq8173_firmwareqca6431_firmwareqca6777aq_firmwareflight_rb5_5g_platform_firmwareqcn6224_firmwareqca4024_firmwareimmersive_home_318_platform_firmwaresrv1l_firmwareipq5028_firmwarewcn6755_firmwareqca6595au_firmwareqcn5152_firmwareqca0000_firmwareqcm5430_firmwareqca6584au_firmwarewcn3990_firmwareqrb5165n_firmwareqcn9000_firmwareqca6554a_firmwarequalcomm_video_collaboration_vc3_platform_firmwarewcd9385_firmwareqcn6024_firmwareqca8386_firmwareimmersive_home_316_platform_firmwareqamsrv1h_firmwareqca8084_firmwareqcn5124_firmwareqca8082_firmwareqca6320_firmwaresa9000p_firmwareqca6574au_firmwareqcn5122_firmwareqcn5164_firmwareqcn6422_firmwaresdx55_firmwareqca8081_firmwareqcn6023_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_835_mobile_pc_platform_firmwarewcd9375_firmwarewsa8845h_firmwareqca6436_firmwareqca6564au_firmwaresa8620p_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwareipq8078a_firmwareqca6678aq_firmwaresa8775p_firmwarewsa8840_firmwareqcf8001_firmwareqcs8550_firmwareqcn6112_firmwarewcn3988_firmwaresa7775p_firmwarefastconnect_6700_firmwarewsa8810_firmwaresnapdragon_ar2_gen_1_platform_firmwaresa8255p_firmwarewcd9395_firmwareqca6698aq_firmwaresdx65m_firmwareipq8071a_firmwaresa8770p_firmwareqca8085_firmwareqam8775p_firmwareqca9888_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwareqca6696_firmwareqcs6490_firmwareipq9008_firmwareqcn5154_firmwareqcc710_firmwareqcn9100_firmwarewsa8830_firmwarewcn3620_firmwareipq5010_firmwareipq8074a_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwareqcn5022_firmwaresxr2250p_firmwareimmersive_home_216_platform_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqca6688aq_firmwareqca6787aq_firmwarerobotics_rb5_platform_firmwareqca8337_firmwarewcd9380_firmwareqcf8000_firmwareipq8076a_firmwareqcs7230_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwaresxr1230p_firmwareqcn6402_firmwaresdm429w_firmwarecsr8811_firmwareipq9554_firmwaresnapdragon_x72_5g_modem-rf_system_firmwareqca8075_firmwaressg2125p_firmwaresm8635_firmwareqcn6132_firmwareqca6310_firmwarewcd9335_firmwareqcn5052_firmwareqcn9274_firmwareqcc2076_firmwareipq8070a_firmwareqfw7114_firmwareqcc2073_firmwareipq6018_firmwareipq8076_firmwareqca6574_firmwarewcd9340_firmwarewsa8845_firmwareqcn9160_firmwareqxm8083_firmwareqca6426_firmwarewcn3660b_firmwareqca6574a_firmwareipq9574_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareimmersive_home_3210_platform_firmwareqca6421_firmwareqcn6274_firmwareipq5300_firmwareqcm6490_firmwareipq8078_firmwareipq9570_firmwareqcn9070_firmwaresa8650p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmwaresrv1h_firmwarewsa8832_firmwareipq6028_firmwareipq8072a_firmwareqca6797aq_firmwareipq5312_firmwareqcn6432_firmwareqca9889_firmwaresa8155p_firmwareqcn9024_firmwareipq8174_firmwaresa7255p_firmwareqcs8250_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcn6412_firmwaresw5100p_firmwareipq5332_firmwareipq5302_firmwareqamsrv1m_firmwaresrv1m_firmwaresd835_firmwareqam8650p_firmwareipq6010_firmwareqca6595_firmwareqcs5430_firmwareqca6391_firmwareimmersive_home_214_platform_firmwarewcd9370_firmwaresm8550p_firmwarequalcomm_video_collaboration_vc5_platform_firmwareqcn9022_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwareqcn9072_firmwareipq6000_firmwaressg2115p_firmwaresw5100_firmwareqcn9074_firmwareqam8620p_firmwareqfw7124_firmwarear8035_firmware
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-126
Buffer Over-read
CVE-2024-31189
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartRequestTableFeatures::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31177
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg modules). This vulnerability is associated with program routines fluid_msg::of13::TableFeaturePropActions::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31191
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeter::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31190
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeterConfig::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31178
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TableFeaturePropNextTables::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37564
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.61% / 68.68%
||
7 Day CHG~0.00%
Published-25 Dec, 2021 | 23:23
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).

Action-Not Available
Vendor-n/aMediaTek Inc.
Product-mt7615mt7603emt7622_firmwaremt7628mt7615_firmwaremt7628_firmwaremt7629_firmwaremt7603e_firmwaremt7613_firmwaremt7915_firmwaremt7629mt7622mt7915mt7613n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31193
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroup::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31714
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.41% / 60.22%
||
7 Day CHG~0.00%
Published-20 May, 2024 | 17:17
Updated-13 Feb, 2025 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in Waxlab wax v.0.9-3 and before allows an attacker to cause a denial of service via the Lua library component.

Action-Not Available
Vendor-n/awaxlab
Product-n/awax
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31176
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TableFeaturePropOXM::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31181
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:57
Updated-20 Sep, 2024 | 18:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::GroupStats::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31174
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::FeaturesReply::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31192
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:45
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroupDesc::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31183
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:57
Updated-20 Sep, 2024 | 18:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::Hello::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31187
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:57
Updated-20 Sep, 2024 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortDescription::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31166
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:54
Updated-20 Sep, 2024 | 19:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::HelloElemVersionBitmap::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31168
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:55
Updated-20 Sep, 2024 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::EchoCommon::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31172
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyTable::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31173
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::StatsReplyFlow::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-30604
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.14% / 35.44%
||
7 Day CHG~0.00%
Published-28 Mar, 2024 | 00:00
Updated-13 Mar, 2025 | 19:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Tenda FH1203 v2.0.1.6 has a stack overflow vulnerability in the list1 parameter of the fromDhcpListClient function.

Action-Not Available
Vendor-n/aTenda Technology Co., Ltd.
Product-fh1203_firmwarefh1203n/afh1203_firmware
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37070
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.11%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:03
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37570
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.61% / 68.68%
||
7 Day CHG~0.00%
Published-25 Dec, 2021 | 23:23
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).

Action-Not Available
Vendor-n/aMediaTek Inc.
Product-mt7615mt7603emt7622_firmwaremt7628mt7615_firmwaremt7628_firmwaremt7629_firmwaremt7603e_firmwaremt7613_firmwaremt7915_firmwaremt7629mt7622mt7915mt7613n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-28640
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.50% / 64.78%
||
7 Day CHG~0.00%
Published-16 Mar, 2024 | 00:00
Updated-27 Jun, 2025 | 14:26
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer Overflow vulnerability in TOTOLink X5000R V9.1.0u.6118-B20201102 and A7000R V9.1.0u.6115-B20201022 allows a remote attacker to cause a denial of service (D0S) via the command field.

Action-Not Available
Vendor-n/aTOTOLINK
Product-a7000ra7000r_firmwarex5000r_firmwarex5000rn/aa7000r_firmwarex5000r_firmware
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-26003
Matching Score-4
Assigner-CERT@VDE
ShareView Details
Matching Score-4
Assigner-CERT@VDE
CVSS Score-7.5||HIGH
EPSS-0.75% / 72.15%
||
7 Day CHG+0.36%
Published-12 Mar, 2024 | 08:12
Updated-23 Jan, 2025 | 18:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PHOENIX CONTACT: DoS of the control agent in CHARX Series

An unauthenticated remote attacker can DoS the control agent due to a out-of-bounds read which may prevent or disrupt the charging functionality. 

Action-Not Available
Vendor-Phoenix Contact GmbH & Co. KG
Product-charx_sec-3150_firmwarecharx_sec-3050charx_sec-3000_firmwarecharx_sec-3100_firmwarecharx_sec-3100charx_sec-3000charx_sec-3150charx_sec-3050_firmwareCHARX SEC-3050CHARX SEC-3000CHARX SEC-3150CHARX SEC-3100charx_sec_3150charx_sec_3050charx_sec_3100charx_sec_3000
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37565
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.61% / 68.68%
||
7 Day CHG~0.00%
Published-25 Dec, 2021 | 23:23
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).

Action-Not Available
Vendor-n/aMediaTek Inc.
Product-mt7615mt7603emt7622_firmwaremt7628mt7615_firmwaremt7628_firmwaremt7629_firmwaremt7603e_firmwaremt7613_firmwaremt7915_firmwaremt7629mt7622mt7915mt7613n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-25201
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.46% / 63.33%
||
7 Day CHG~0.00%
Published-07 Feb, 2024 | 00:00
Updated-17 Jun, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Espruino 2v20 (commit fcc9ba4) was discovered to contain an Out-of-bounds Read via jsvStringIteratorPrintfCallback at src/jsvar.c.

Action-Not Available
Vendor-espruinon/a
Product-espruinon/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37007
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.90%
||
7 Day CHG~0.00%
Published-23 Nov, 2021 | 15:21
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause kernel crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37090
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.16% / 36.98%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:06
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37567
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-8.2||HIGH
EPSS-0.61% / 68.68%
||
7 Day CHG~0.00%
Published-25 Dec, 2021 | 23:23
Updated-04 Aug, 2024 | 01:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols. (Affected Chipsets MT7603E, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 2.0.2; Out-of-bounds read).

Action-Not Available
Vendor-n/aMediaTek Inc.
Product-mt7615mt7603emt7622_firmwaremt7628mt7615_firmwaremt7628_firmwaremt7629_firmwaremt7603e_firmwaremt7613_firmwaremt7915_firmwaremt7629mt7622mt7915mt7613n/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37066
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.11%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:03
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to process crash.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-37076
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-7.5||HIGH
EPSS-0.18% / 40.11%
||
7 Day CHG~0.00%
Published-07 Dec, 2021 | 16:04
Updated-04 Aug, 2024 | 01:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is a Out-of-bounds Read vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may lead to availability affected.

Action-Not Available
Vendor-Huawei Technologies Co., Ltd.
Product-harmonyosHarmonyOS
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-24417
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.18% / 39.50%
||
7 Day CHG+0.02%
Published-21 Jan, 2025 | 00:00
Updated-14 Mar, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_protocol_configuration_options function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet.

Action-Not Available
Vendor-n/aThe Linux Foundation
Product-magman/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-23353
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.16% / 37.46%
||
7 Day CHG~0.00%
Published-05 Aug, 2024 | 14:21
Updated-26 Nov, 2024 | 15:41
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in Multi Mode Call Processor

Transient DOS while decoding attach reject message received by UE, when IEI is set to ESM_IEI.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresnapdragon_8_gen_1_mobile_platformsnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\)mdm9640_firmwaresm6250p_firmwareqcs610315_5g_iot_modem_firmwareqca8337qfw7124sg8275p_firmwareqca6431_firmwarewcd9360_firmwaresnapdragon_820_automotive_platform_firmwaresnapdragon_888_5g_mobile_platformwsa8840snapdragon_wear_2100_platform_firmwaresnapdragon_212_mobile_platformwcn3950_firmwaresc8180x\+sdx55qcs2290qca6595au_firmwaresnapdragon_480_5g_mobile_platformvideo_collaboration_vc3_platformsnapdragon_x70_modem-rf_systemqca6335snapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)_firmwarecsra6620_firmwaresd_675_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwareqcs6125_firmwareqcm5430_firmwaresnapdragon_480_5g_mobile_platform_firmwareqep8111_firmwaremsm8108snapdragon_8cx_compute_platform_\(sc8180x-ab\)_firmwarewcd9371_firmwaremsm8108_firmwarewcn3950qcn6024_firmwaremdm9628snapdragon_855\+_mobile_platform_\(sm8150-ac\)snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-ac\)_firmwarewcn3660bsnapdragon_660_mobile_platform_firmwaresnapdragon_460_mobile_platformmdm9230_firmwaresm7315_firmwaresnapdragon_429_mobile_platform_firmwaresnapdragon_695_5g_mobile_platform_firmwaresdx71m_firmwaresnapdragon_8c_compute_platform_\(sc8180xp-ad\)_firmwaresnapdragon_8cx_compute_platform_\(sc8180xp-af\)_firmwareqca6574au_firmwaremdm9630qca8081_firmwarewcd9375_firmwaremsm8909wqca6420wcd9360snapdragon_8cx_compute_platform_\(sc8180xp-af\)snapdragon_auto_5g_modem-rf_firmwareqca9367_firmwaremdm8207smart_audio_400_platform_firmwarewsa8840_firmwareqca6698aqqcs6125robotics_rb3_platform_firmwareqca4004_firmwareqca6430robotics_rb3_platformqts110wcd9306_firmwaresnapdragon_8\+_gen_1_mobile_platformwcd9340snapdragon_720g_mobile_platformsnapdragon_870_5g_mobile_platform_\(sm8250-ac\)sd626_firmwaresw5100snapdragon_780g_5g_mobile_platformqca6436snapdragon_860_mobile_platform_\(sm8150-ac\)snapdragon_690_5g_mobile_platformqca6698aq_firmwaremsm8209_firmwaresnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)mdm9250_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewcd9341vision_intelligence_100_platform_\(apq8053-aa\)snapdragon_wear_2500_platformsnapdragon_8c_compute_platform_\(sc8180x-ad\)_firmwareqca6696_firmwaresnapdragon_8cx_compute_platform_\(sc8180xp-ac\)qca6431wcd9371snapdragon_8c_compute_platform_\(sc8180xp-ad\)snapdragon_x12_lte_modemwcn3910_firmwaresnapdragon_855_mobile_platform_firmwaresnapdragon_430_mobile_platformqcc710_firmwareqca4004wsa8830_firmwaremdm9330_firmwaresd855_firmwaresd865_5g_firmwaresd660snapdragon_7c\+_gen_3_compute_firmwarewcn3988sd660_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresnapdragon_750g_5g_mobile_platform_firmwarewcn3610snapdragon_675_mobile_platform_firmwaremsm8608mdm9640snapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)wcd9380_firmwareqca8337_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresdm429wwcd9330sw5100psnapdragon_765_5g_mobile_platform_\(sm7250-aa\)snapdragon_730_mobile_platform_\(sm7150-aa\)msm8996au_firmwaresnapdragon_7c_compute_platform_\(sc7180-ac\)snapdragon_w5\+_gen_1_wearable_platformqcm8550qca6564au9205_lte_modemsnapdragon_670_mobile_platform_firmwaresnapdragon_870_5g_mobile_platform_\(sm8250-ac\)_firmwaresd670_firmwareqca6574snapdragon_7c\+_gen_3_computewcd9380snapdragon_wear_4100\+_platform_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaremdm9230fastconnect_6700qcs410snapdragon_210_processorsnapdragon_782g_mobile_platform_\(sm7325-af\)snapdragon_430_mobile_platform_firmwaremdm9205ssnapdragon_480\+_5g_mobile_platform_\(sm4350-ac\)_firmwarevideo_collaboration_vc3_platform_firmwarec-v2x_9150_firmwaresg8275psd626snapdragon_765g_5g_mobile_platform_\(sm7250-ab\)_firmwaresnapdragon_678_mobile_platform_\(sm6150-ac\)wcn3980wcd9335_firmwareqfw7114_firmwareqca6430_firmwareqca6174wsa8845qca6335_firmwareqcm4325_firmwarewcd9340_firmwarewsa8815wcn3910smart_display_200_platform_\(apq5053-aa\)_firmwareqca6584_firmwareqca6320snapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-ab\)vision_intelligence_100_platform_\(apq8053-aa\)_firmwaresnapdragon_4_gen_1_mobile_platformqca6426_firmwarewcn3680wcn3660b_firmwaresnapdragon_670_mobile_platformsd835snapdragon_x62_5g_modem-rf_system_firmwareqcn9024wcn3980_firmwaresd730wcd9330_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresnapdragon_820_automotive_platformqca6421_firmware9205_lte_modem_firmwarewcn6740_firmwaresmart_audio_200_platformqcs4490_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_system215_mobile_platformwcn3680_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900fastconnect_6900_firmwaresnapdragon_865\+_5g_mobile_platform_\(sm8250-ab\)snapdragon_660_mobile_platform9206_lte_modem_firmwaresnapdragon_778g\+_5g_mobile_platform_\(sm7325-ae\)_firmwaresd670smart_audio_200_platform_firmwareqcn9024_firmwareqca6564a_firmwaresnapdragon_730g_mobile_platform_\(sm7150-ab\)_firmwaresdx57msnapdragon_8\+_gen_2_mobile_platformqcm4290_firmwarewsa8832snapdragon_x24_lte_modemsw5100p_firmwareqcs610_firmwareqcm5430snapdragon_678_mobile_platform_\(sm6150-ac\)_firmware9207_lte_modem_firmwareqcc710qcs4490snapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"vision_intelligence_200_platform_\(apq8053-ac\)wcd9395mdm8207_firmwaresnapdragon_750g_5g_mobile_platformqcs5430_firmwaresd820_firmwareqca6391_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\)_firmware205_mobile_platformsnapdragon_710_mobile_platform_firmwarewcd9370_firmwaresm8550p_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-af\)_firmwaresdx55sd888_firmwaresd675csra6640snapdragon_695_5g_mobile_platformvideo_collaboration_vc1_platformsnapdragon_1200_wearable_platformqfw7124_firmwaresnapdragon_720g_mobile_platform_firmwareqep8111snapdragon_685_4g_mobile_platform_\(sm6225-ad\)snapdragon_782g_mobile_platform_\(sm7325-af\)_firmwaresnapdragon_855_mobile_platformqcm2290snapdragon_632_mobile_platformsnapdragon_625_mobile_platform_firmwarear8035_firmwaresnapdragon_8cx_compute_platform_\(sc8180x-aa\)_firmwaresnapdragon_wear_2100_platformwsa8830snapdragon_662_mobile_platform_firmware9207_lte_modemsnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-ab\)_firmwaresnapdragon_x24_lte_modem_firmwareqcs2290_firmwarecsrb31024mdm9628_firmwaresnapdragon_865_5g_mobile_platformcsra6620qcn6224_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180x-af\)qcs4290mdm9205s_firmwaresnapdragon_888_5g_mobile_platform_firmwaremdm9250qca6420_firmwaresnapdragon_auto_4g_modem_firmwaresd730_firmwareqca6174_firmwarewcd9370sd675_firmwareqca6426qca6584au_firmwarewcn3990_firmwaresnapdragon_8_gen_2_mobile_platformqca9377snapdragon_8cx_compute_platform_\(sc8180x-ab\)wcd9385_firmwarewcd9326_firmwarefastconnect_6200wcn3615_firmwaresnapdragon_1200_wearable_platform_firmwareapq8037snapdragon_x55_5g_modem-rf_systemqca6584snapdragon_835_mobile_pc_platform_firmwaresnapdragon_208_processor_firmwaresdx55_firmwareqca6320_firmwarewsa8845h_firmwarewcn3615snapdragon_8_gen_3_mobile_platformqfw7114sm7250p_firmwarewcn3680b_firmwarewcn3610_firmwaresnapdragon_212_mobile_platform_firmwareqca6595ausnapdragon_425_mobile_platformsnapdragon_429_mobile_platformqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwarewcd9306qca6584auqca6564au_firmwareqca6310snapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresnapdragon_x72_5g_modem-rf_systemsnapdragon_208_processorsnapdragon_x70_modem-rf_system_firmwaresnapdragon_x5_lte_modem_firmwareqcs6490snapdragon_439_mobile_platformsnapdragon_855\+_mobile_platform_\(sm8150-ac\)_firmwareqca93679206_lte_modemsnapdragon_625_mobile_platformsnapdragon_wear_3100_platformqcs8550_firmwarevision_intelligence_300_platform_firmwarewcn3988_firmware315_5g_iot_modemsnapdragon_778g_5g_mobile_platformqca6421sm6250c-v2x_9150fastconnect_6700_firmwaresxr1120apq8017_firmwaresnapdragon_626_mobile_platform_firmwareqcn6224wsa8810_firmwarevision_intelligence_400_platformwsa8845hsnapdragon_x62_5g_modem-rf_systemwcd9395_firmwarewcd9335wcd9326snapdragon_x75_5g_modem-rf_systemsg4150pqca8081sdx71msnapdragon_x35_5g_modem-rf_systemsnapdragon_auto_5g_modem-rf_gen_2qcm4490qcs5430qca6174a_firmwareqcs4290_firmwaresnapdragon_wear_1300_platform_firmwaresxr2130_firmwarewcd9385qcs6490_firmwaresnapdragon_x12_lte_modem_firmwaresnapdragon_665_mobile_platform_firmwarear8035wcd9375aqt1000snapdragon_768g_5g_mobile_platform_\(sm7250-ac\)snapdragon_210_processor_firmwaresm6250_firmwaresc8180x\+sdx55_firmwaresnapdragon_712_mobile_platform_firmwarewcd9390snapdragon_662_mobile_platformvision_intelligence_400_platform_firmwarewcn3620_firmwaresd820wsa8815_firmwareqcm6490wsa8835_firmwarewcn3620apq8017sxr1120_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_\(sc8180xp-aa\)qca6564asnapdragon_730g_mobile_platform_\(sm7150-ab\)mdm9630_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresg4150p_firmwaresnapdragon_x5_lte_modemqcm6125_firmwareqcm4325qcm2290_firmwaresnapdragon_626_mobile_platformsnapdragon_845_mobile_platformsnapdragon_1100_wearable_platformqcm2150_firmwarewcn3990sd_675snapdragon_732g_mobile_platform_\(sm7150-ac\)snapdragon_7c_gen_2_compute_platform_\(sc7180-ad\)_\"rennell_pro\"_firmwaresd865_5gfastconnect_6800snapdragon_7c_compute_platform_\(sc7180-ac\)_firmwaresnapdragon_835_mobile_pc_platformsd888wsa8835msm8909w_firmwaremsm8996ausdm429w_firmwaresnapdragon_8\+_gen_2_mobile_platform_firmwaresnapdragon_auto_5g_modem-rfqcn6274snapdragon_685_4g_mobile_platform_\(sm6225-ad\)_firmwaresm6250psnapdragon_8cx_compute_platform_\(sc8180xp-ac\)_firmwaresnapdragon_730_mobile_platform_\(sm7150-aa\)_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_8c_compute_platform_\(sc8180x-ad\)sxr2130snapdragon_425_mobile_platform_firmwaresnapdragon_wear_4100\+_platformsmart_audio_400_platformqca6574aqca6174asm7325pqca6310_firmwaresnapdragon_860_mobile_platform_\(sm8150-ac\)_firmwareqca6574_firmwaresd855sm7325p_firmwaresdx57m_firmwarewsa8845_firmware205_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_439_mobile_platform_firmwaresnapdragon_665_mobile_platformqca6574a_firmwaresnapdragon_768g_5g_mobile_platform_\(sm7250-ac\)_firmwarefastconnect_6200_firmwaresmart_display_200_platform_\(apq5053-aa\)msm8209vision_intelligence_300_platformsnapdragon_x55_5g_modem-rf_system_firmwaresm7315snapdragon_765g_5g_mobile_platform_\(sm7250-ab\)qca6391snapdragon_710_mobile_platformsnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)fastconnect_7800aqt1000_firmwaresnapdragon_x35_5g_modem-rf_system_firmwaresnapdragon_690_5g_mobile_platform_firmwareqcm4490_firmwareqcn6274_firmwaresnapdragon_auto_4g_modemsnapdragon_632_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcm4290qcm6490_firmwarecsrb31024_firmwarewsa8832_firmwaresnapdragon_xr1_platformqcm2150snapdragon_765_5g_mobile_platform_\(sm7250-aa\)_firmwarevideo_collaboration_vc1_platform_firmwareqca6574ausnapdragon_888\+_5g_mobile_platform_\(sm8350-ac\)_firmwarevision_intelligence_200_platform_\(apq8053-ac\)_firmwarewcd9341_firmwareqcm6125wsa8810fastconnect_7800_firmwaresnapdragon_712_mobile_platformsnapdragon_8cx_compute_platform_\(sc8180x-aa\)snapdragon_8_gen_1_mobile_platform_firmwaresm8550psnapdragon_680_4g_mobile_platformwcn3680bsd835_firmwaresnapdragon_675_mobile_platformsnapdragon_wear_2500_platform_firmwarewcn6740qca6696215_mobile_platform_firmwareqcs8550msm8608_firmwaresnapdragon_x50_5g_modem-rf_systemsnapdragon_1100_wearable_platform_firmwaresnapdragon_8_gen_3_mobile_platform_firmwaresnapdragon_732g_mobile_platform_\(sm7150-ac\)_firmwarewcd9390_firmwareqcn6024apq8037_firmwaresm7250psnapdragon_8\+_gen_1_mobile_platform_firmwaresnapdragon_wear_3100_platform_firmwaresw5100_firmwareqcs410_firmwaremdm9330snapdragon_wear_1300_platformsnapdragon_xr1_platform_firmwareqts110_firmwareSnapdragonqca9377_firmwaresnapdragon_662_mobile_platform_firmwaremdm9640_firmwaresm6250p_firmware315_5g_iot_modem_firmwareqcs2290_firmwaresnapdragon_x24_lte_modem_firmwaresg8275p_firmwareqca6431_firmwaremdm9628_firmwaresnapdragon_820_automotive_platform_firmwarewcd9360_firmwareqcn6224_firmwaresnapdragon_wear_2100_platform_firmwarewcn3950_firmwaremdm9205s_firmwaresnapdragon_888_5g_mobile_platform_firmwareqca6420_firmwareqca6595au_firmwareqca6174_firmwaresd730_firmwaresnapdragon_auto_4g_modem_firmwarecsra6620_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqcm5430_firmwareqcs6125_firmwaresnapdragon_460_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqep8111_firmwarewcn3990_firmwarequalcomm_video_collaboration_vc3_platform_firmwaremsm8108_firmwarewcd9371_firmwarewcd9385_firmwareqcn6024_firmwarewcd9326_firmwarewcn3615_firmwaresnapdragon_1200_wearable_platform_firmwaresnapdragon_660_mobile_platform_firmwaremdm9230_firmwaresm7315_firmwareqca6320_firmwaresnapdragon_429_mobile_platform_firmwareqca6574au_firmwaresdx55_firmwaresdx71m_firmwaresnapdragon_208_processor_firmwaresnapdragon_212_mobile_platform_firmwareqca8081_firmwaresnapdragon_695_5g_mobile_platform_firmwaresnapdragon_835_mobile_pc_platform_firmwaresm7250p_firmwarewcd9375_firmwarewcn3610_firmwarewsa8845h_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwareqca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca9367_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcm8550_firmwaresmart_audio_400_platform_firmwaresnapdragon_x70_modem-rf_system_firmwaresnapdragon_x5_lte_modem_firmwarewsa8840_firmwarerobotics_rb3_platform_firmwareqca4004_firmwareqcs8550_firmwarevision_intelligence_300_platform_firmwarewcn3988_firmwarewcd9306_firmwarefastconnect_6700_firmwareapq8017_firmwaresd626_firmwaresnapdragon_626_mobile_platform_firmwarewsa8810_firmwarewcd9395_firmwareqca6698aq_firmwaremsm8209_firmwareqca6174a_firmwaremdm9250_firmwareqcs4290_firmwarequalcomm_205_mobile_platform_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_wear_1300_platform_firmwaresxr2130_firmwareqca6696_firmwareqcs6490_firmwaresnapdragon_x12_lte_modem_firmwaresnapdragon_665_mobile_platform_firmwarewcn3910_firmwaresnapdragon_855_mobile_platform_firmwaresnapdragon_210_processor_firmwaresm6250_firmwareqcc710_firmwaresnapdragon_712_mobile_platform_firmwarevision_intelligence_400_platform_firmwarewsa8830_firmwaremdm9330_firmwaresd855_firmwaresd865_5g_firmwarewcn3620_firmwarewsa8815_firmwaresnapdragon_625_mobile_platform_firmwarewsa8835_firmwaresd660_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresxr1120_firmwaremdm9630_firmwaresg4150p_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqcm6125_firmwaresnapdragon_675_mobile_platform_firmwareqcm2290_firmwaresnapdragon_8_gen_2_mobile_platform_firmwarequalcomm_video_collaboration_vc1_platform_firmwareqca8337_firmwareqcm2150_firmwaresnapdragon_778g_5g_mobile_platform_firmwarewcd9380_firmwaremsm8996au_firmwaresnapdragon_670_mobile_platform_firmwaremsm8909w_firmwaresd670_firmwaresdm429w_firmwaresnapdragon_x72_5g_modem-rf_system_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_425_mobile_platform_firmwaresnapdragon_430_mobile_platform_firmwarec-v2x_9150_firmwareqca6310_firmwareqca6430_firmwarewcd9335_firmwareqfw7114_firmwareqca6335_firmwareqcm4325_firmwareqca6574_firmwarewcd9340_firmwarewcn3680b_firmwaresm7325p_firmwareqca6584_firmwaresdx57m_firmwarewsa8845_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_439_mobile_platform_firmwareqca6426_firmwarewcn3660b_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_x62_5g_modem-rf_system_firmwarewcn3980_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcd9330_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmware9205_lte_modem_firmwareaqt1000_firmwarewcn6740_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_845_mobile_platform_firmwareqcn6274_firmwareqcs4490_firmwaresnapdragon_632_mobile_platform_firmwaresnapdragon_x35_5g_modem-rf_system_firmwarewcn3680_firmwarecsrb31024_firmwareqcm6490_firmwarewsa8832_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6900_firmware9206_lte_modem_firmwaresmart_audio_200_platform_firmwareqca6564a_firmwareqcn9024_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm4290_firmwaresw5100p_firmwareqcs610_firmwaresnapdragon_8_gen_1_mobile_platform_firmwarequalcomm_215_mobile_platform_firmwaresd835_firmware9207_lte_modem_firmwaresnapdragon_wear_2500_platform_firmwaremdm8207_firmwareqcs5430_firmwaresd820_firmwareqca6391_firmwaresnapdragon_710_mobile_platform_firmwaremsm8608_firmwaresm8550p_firmwarewcd9370_firmwaresnapdragon_1100_wearable_platform_firmwaresd888_firmwaresnapdragon_8_gen_3_mobile_platform_firmwarewcd9390_firmwareapq8037_firmwaresnapdragon_wear_3100_platform_firmwaresw5100_firmwareqcs410_firmwareqfw7124_firmwaresnapdragon_720g_mobile_platform_firmwarear8035_firmwaresnapdragon_xr1_platform_firmwareqts110_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-35086
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.24% / 47.68%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:50
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read due to improper validation of SIB type when processing a NR system Information message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewcn3991wsa8830qca8337_firmwarewcd9380_firmwareqca8337sd865_5gqca6431_firmwaresdx55m_firmwarewcn6856_firmwarewcd9360_firmwaresd888sdx65wsa8835wcd9380sd765g_firmwaresd888_5gqca6595au_firmwareqca6390_firmwaresd690_5gwcd9370qca6574asd690_5g_firmwarewcn6855_firmwaresm7325pqca6426wcn6750wcn3998wcd9385_firmwaresdxr2_5g_firmwaresa515msd_8_gen1_5g_firmwaresd855wsa8815sm7325p_firmwarewcn6850sd765qca6426_firmwaresm7315_firmwareqca6574a_firmwaresd695qca6574au_firmwaresdx55_firmwaresd768g_firmwareqca6595auqca8081_firmwarewcd9375_firmwarewcn3998_firmwaresm7250p_firmwaresm7315qca6391wcd9360qca6436_firmwaresdx55mqca6421_firmwaresd778gsdx65_firmwaresa515m_firmwareqcs6490qcm6490_firmwaresdxr2_5gsd480_firmwarewcn6851_firmwarewcn3988_firmwareqca6574auqca6421sd778g_firmwarewsa8810_firmwaresd765gwcd9341_firmwaresd480sd765_firmwaresd870qca6436wcn6851wsa8810wcn6855qca8081wcn6856wcd9385wcd9341sd695_firmwaresd768gqca6431qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwareqca6696qca6391_firmwareqca6390ar8035sd750g_firmwarewcd9375wcd9370_firmwaresdx55sd888_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresm7250psm8475wcn6750_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-23363
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.30% / 52.64%
||
7 Day CHG~0.00%
Published-03 Jun, 2024 | 10:05
Updated-09 Jan, 2025 | 21:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Over-read in WLAN Firmware

Transient DOS while processing an improperly formatted Fine Time Measurement (FTM) management frame.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qcn5124_firmwarewsa8830qcn6422wcd9395ipq8078snapdragon_8_gen_1_mobile_firmwaresm8550p_firmwareipq8074aqcf8000_firmwareqcn9022wsa8832_firmwareqca8084_firmwareqcn9013wcd9390_firmwareqam8775pipq6000_firmwareqcc710ipq5302qcn5154qca4024_firmwareqca8084qcn6224qca4024ipq6028snapdragon_8_gen_3_mobile_firmwareipq8074a_firmwareqca6698aqipq5312qam8650pqcn5122_firmwareqfw7124wcd9340_firmwareqcn6132qcn9274_firmwareimmersive_home_316qca6696qcn5164_firmwareipq5332sxr2230pqcn5052qca6564au_firmwarewsa8835ipq8078_firmwareqcc2073_firmwareqcn9012ar8035_firmwareimmersive_home_326ipq9574_firmwaresnapdragon_8_gen_2_mobile_firmwareipq6028_firmwareqca6595au_firmwaresnapdragon_8_gen_3_mobileqcn5164qcn9072qca6595qcs8550_firmwareipq9008_firmwareipq6000qcn9100ssg2125p_firmwareipq8076aipq8076qcn9024_firmwareqcc2073ipq8070a_firmwareqcn6224_firmwareqfw7114sa7255pipq9554_firmwareqcn9072_firmwaresnapdragon_x65_5g_modem-rf_firmwareqca9888_firmwareqcf8001qcn6432_firmwareqcn6112_firmwarecsr8811_firmwareipq5010_firmwareqcn6274qcn5152_firmwareqca9888qcn5154_firmwareipq6018_firmwarear8035qam8775p_firmwareqca6797aqqcn6274_firmwaresd_8_gen1_5gqcn6422_firmwareqca8085_firmwareimmersive_home_326_firmwareqca0000_firmwaresg8275p_firmwaresnapdragon_ar2_gen_1_firmwareipq8071a_firmwareqca6584auqca0000ssg2115p_firmwareqcn9000qcs8550qca9889_firmwareimmersive_home_3210_firmwaressg2125pwcd9385qca8337immersive_home_316_firmwareipq8174qca6554a_firmwareqfw7114_firmwareipq6010immersive_home_216_firmwareqca6574auqca9889qcn5022_firmwareqca6574_firmwareqcn6432qca6698aq_firmwareqca8386qcn5024qcn6402_firmwarewsa8840sdx65mqcn5024_firmwareipq8071acsr8811qcf8001_firmwareipq8078aqcn5124sg8275pwsa8840_firmwareqcc2076_firmwareqca6574asdx55_firmwareqca6574qcn9100_firmwareqcn5052_firmwaressg2115pfastconnect_7800ipq5010qcm8550_firmwareimmersive_home_214_firmwareqcn6132_firmwarewcd9340qam8650p_firmwareqca6554asxr1230psnapdragon_x75_5g_modem-rf_firmwareipq6018qca8075_firmwareqcf8000qca6595auipq5028qca6574au_firmwareqcn9012_firmwarewcd9380_firmwarewsa8835_firmwareipq8078a_firmwareipq8070aqca8075sxr2230p_firmwarewsa8832snapdragon_8_gen_2_mobilefastconnect_6900ipq5028_firmwareipq8072a_firmwareqcn9024fastconnect_6900_firmwareqcc710_firmwareipq8174_firmwareqcn9274qca8082_firmwareqcn6402qcn9070wcd9380wcd9395_firmwareipq9570_firmwareqcn6023qca6584au_firmwareqcn9074_firmwarefastconnect_7800_firmwareipq5312_firmwareqca8081qcn6412qcm8550qcn5122sd_8_gen1_5g_firmwareqcn6023_firmwarewcd9390ipq8173_firmwareqfw7124_firmwareqam8255p_firmwareqca8386_firmwareqcn5022sc8380xp_firmwareqcc2076qcn6112wcd9385_firmwareqca8337_firmwaresa7255p_firmwareqcn9074qca6595_firmwareimmersive_home_3210ipq8076a_firmwareqca6564auqca6696_firmwarewsa8845h_firmwareqca8081_firmwaresdx65m_firmwarewsa8845_firmwareqcn6024_firmwaresc8380xpimmersive_home_318sxr1230p_firmwarewsa8845hqcn6122_firmwareimmersive_home_216qcn9000_firmwareipq9570snapdragon_ar2_gen_1ipq8072aipq9554wsa8845qca6574a_firmwareqam8255pqcn6122sm8550pipq5302_firmwaresnapdragon_8\+_gen_2_mobile_firmwaresnapdragon_8\+_gen_2_mobileimmersive_home_214ipq6010_firmwareqcn9013_firmwareqcn9022_firmwarewsa8830_firmwareipq8173ipq9008ipq9574qcn5152ipq5332_firmwareqca8082qca8085qcn6024qca6797aq_firmwareqcn6412_firmwaresdx55qcn9070_firmwaresnapdragon_8_gen_1_mobilesnapdragon_x75_5g_modem-rfimmersive_home_318_firmwareipq8076_firmwaresnapdragon_x65_5g_modem-rfSnapdragonqcn6412_firmwareqca6574a_firmwareipq5312_firmwareqca6564au_firmwareqca4024_firmwarewsa8832_firmwareqcn9000_firmwareqcn5124_firmwareqcs8550_firmwareqca6696_firmwareimmersive_home_326_platform_firmwareqcn6122_firmwareqcn9024_firmwareimmersive_home_318_platform_firmwareqcn9070_firmwarewsa8835_firmwareqcn6422_firmwareqcn9013_firmwarecsr8811_firmwaresnapdragon_8_gen_3_mobile_platform_firmwareqca8337_firmwareipq6000_firmwareqcn5154_firmwareqca6595au_firmwareipq8076a_firmwarewcd9390_firmwareqcn9022_firmwaresm8550p_firmwareipq8076_firmwareipq8074a_firmwareqca6554a_firmwaresnapdragon_ar2_gen_1_platform_firmwareipq9570_firmwareipq8078a_firmwarewcd9395_firmwareqcn6224_firmwareqca8386_firmwareqcn5164_firmwareqcn5052_firmwareimmersive_home_3210_platform_firmwaresxr1230p_firmwareqcn9072_firmwareqfw7124_firmwareqcc2076_firmwareqca6698aq_firmwareipq8174_firmwareipq6010_firmwareqca8081_firmwareqcn6402_firmwarefastconnect_6900_firmwarewcd9385_firmwarewsa8840_firmwareqca9888_firmwarewcd9380_firmwareqca6584au_firmwareqam8775p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareimmersive_home_216_platform_firmwarefastconnect_7800_firmwareipq9008_firmwarewsa8845h_firmwareqfw7114_firmwarewsa8830_firmwareqcm8550_firmwareipq8078_firmwareqca8085_firmwaresxr2230p_firmwaressg2125p_firmwaressg2115p_firmwareqca6574_firmwaresg8275p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcn6024_firmwareqca6595_firmwareipq8070a_firmwareipq5302_firmwareqca0000_firmwareqcn5152_firmwareqam8650p_firmwareqcn6274_firmwaresa7255p_firmwareqcn6112_firmwareqcn6023_firmwareqcn6132_firmwareipq5028_firmwareqcn6432_firmwareipq6028_firmwareipq8072a_firmwareimmersive_home_316_platform_firmwareipq9574_firmwaresnapdragon_8_gen_2_mobile_platform_firmwareqcn5024_firmwareqca6797aq_firmwareqcc2073_firmwareqca9889_firmwareipq8173_firmwareqcn9012_firmwareipq5010_firmwareipq6018_firmwareqcn9100_firmwareipq9554_firmwarewcd9340_firmwarear8035_firmwareqca8084_firmwareqcn5022_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewsa8845_firmwareqcf8001_firmwaresdx65m_firmwaresc8380xp_firmwareqcc710_firmwaresdx55_firmwareqca8075_firmwareqca6574au_firmwareqcf8000_firmwareqca8082_firmwareipq5332_firmwareqam8255p_firmwareimmersive_home_214_platform_firmwareqcn9274_firmwareipq8071a_firmwareqcn9074_firmwaresd_8_gen1_5g_firmwareqcn5122_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2015-7507
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.47% / 63.50%
||
7 Day CHG~0.00%
Published-18 Feb, 2020 | 18:03
Updated-06 Aug, 2024 | 07:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a crafted color table to the (1) bmp_decode_rgb or (2) bmp_decode_rle function.

Action-Not Available
Vendor-netsurf-browsern/a
Product-libnsbmpLibnsbmp
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-39213
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-7.5||HIGH
EPSS-0.17% / 38.57%
||
7 Day CHG~0.00%
Published-15 Sep, 2022 | 21:45
Updated-22 Apr, 2025 | 17:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in go-cvss

go-cvss is a Go module to manipulate Common Vulnerability Scoring System (CVSS). In affected versions when a full CVSS v2.0 vector string is parsed using `ParseVector`, an Out-of-Bounds Read is possible due to a lack of tests. The Go module will then panic. The problem is patched in tag `v0.4.0`, by the commit `d9d478ff0c13b8b09ace030db9262f3c2fe031f4`. Users are advised to upgrade. Users unable to upgrade may avoid this issue by parsing only CVSS v2.0 vector strings that do not have all attributes defined (e.g. `AV:N/AC:L/Au:N/C:P/I:P/A:C/E:U/RL:OF/RC:C/CDP:MH/TD:H/CR:M/IR:M/AR:M`). As stated in [SECURITY.md](https://github.com/pandatix/go-cvss/blob/master/SECURITY.md), the CPE v2.3 to refer to this Go module is `cpe:2.3:a:pandatix:go_cvss:*:*:*:*:*:*:*:*`. The entry has already been requested to the NVD CPE dictionary.

Action-Not Available
Vendor-pandatixpandatix
Product-go-cvssgo-cvss
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-36160
Matching Score-4
Assigner-Apache Software Foundation
ShareView Details
Matching Score-4
Assigner-Apache Software Foundation
CVSS Score-7.5||HIGH
EPSS-6.07% / 90.38%
||
7 Day CHG+1.03%
Published-16 Sep, 2021 | 14:40
Updated-01 May, 2025 | 15:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
mod_proxy_uwsgi out of bound read

A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).

Action-Not Available
Vendor-Fedora ProjectOracle CorporationThe Apache Software FoundationDebian GNU/LinuxNetApp, Inc.Broadcom Inc.
Product-communications_cloud_native_core_network_function_cloud_native_environmentbrocade_fabric_operating_system_firmwaredebian_linuxfedorapeoplesoft_enterprise_peopletoolshttp_servercloud_backupenterprise_manager_base_platformzfs_storage_appliance_kitinstantis_enterprisetrackstoragegridclustered_data_ontapApache HTTP Server
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-35100
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.72% / 71.57%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 10:11
Updated-04 Aug, 2024 | 00:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer over read due to improper calculation of string length while parsing Id3 tag in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwarewcn3991_firmwarewsa8830sd678sa6150p_firmwaresa8145p_firmwareqcs610qcs2290_firmwarefsm10056mdm9628_firmwarecsra6620fsm10055_firmwareqcs4290wcn3950_firmwaremdm9250sa8150p_firmwareqcs2290qca6595au_firmwaresd765g_firmwareqca6390_firmwaresa6155sd690_5gsd730_firmwarewcd9370csra6620_firmwareqcs605_firmwaresd_675_firmwaresd675_firmwarecsra6640_firmwareqcs6125_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377wcn3998sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950wcd9326_firmwaremdm9628sd720gmdm9206_firmwaresd_8_gen1_5g_firmwaresm6375_firmwarewcn3660bsd662sd460_firmwaresa8155sm7315_firmwareqca6574au_firmwarewcn3680b_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3998_firmwaremsm8909wsm7250p_firmwareapq8009w_firmwarewcn3610_firmwareqca6436_firmwarewcn3999_firmwareqca6564au_firmwareqca6584ausa6155p_firmwareqca9367_firmwaresd778gwcn3999qcs6490sd429sdxr2_5gqca9367qcs6125sa8155_firmwaresd662_firmwaremdm9607_firmwareqcs405wcn3988_firmwaresa6145p_firmwaresd205sd429_firmwaresd778g_firmwaresm6250wcd9340sa8195papq8017_firmwarewsa8810_firmwarequalcomm215_firmwaresd765gsd765_firmwarefsm10056_firmwareqca6436wcd9326wcd9335sa6155pwcn6851qcs603_firmwareqca6174a_firmwaremdm9250_firmwareqcs4290_firmwarewcd9341wcd9385qca6696_firmwareqcs6490_firmwaresd750gsd870_firmwareqca6390wcd9375sd750g_firmwareapq8064auaqt1000sa8150psm6250_firmwarewcn3910_firmwarewsa8830_firmwaresda429wsd210sd855_firmwaresd865_5g_firmwarewcn3620_firmwaresdx20_firmwareqcm6490sd888_5g_firmwarewcn3988wcn3620wcn6850_firmwarewsa8815_firmwaresa8195p_firmwarewsa8835_firmwareapq8017sm8475qca6564awcn6750_firmwarewcn3610qcm6125_firmwareqcm2290_firmwaresm6375wcn3991sda429w_firmwarewcd9380_firmwarewcn3990sd_675sdm429wmsm8996au_firmwaresd780gwcd9330sd865_5gqca6564ausdx55m_firmwarewcn6856_firmwaresd888msm8909w_firmwareqca6574msm8996ausdm429w_firmwarewsa8835wcd9380sd888_5gqualcomm215qcs410qca6574asd690_5g_firmwaremdm9206wcn6855_firmwareqca6174asm7325pwcd9335_firmwarewcn3980wcn6750qca6574_firmwareqcs605wcd9340_firmwaresd855wsa8815sm7325p_firmwarewcn6850wcn3910sd765qca6426_firmwarewcn3660b_firmwareqca6574a_firmwaresd768g_firmwarewcn3980_firmwaresm7315sd460qca6391sd730sdx55mwcd9330_firmwareaqt1000_firmwarewcn6740_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwareqcm4290qcm6490_firmwaresdx20sd480_firmwareqcs603wcn6851_firmwareqca6574ausa8155p_firmwaremdm9607sd205_firmwareqca6564a_firmwareapq8009wwcd9341_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855wsa8810sd210_firmwareqcs610_firmwarewcn6856sa6145pwcn3680bsd768gapq8096auar8031qcs405_firmwaresa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psd888_firmwaresdw2500apq8096au_firmwarecsra6640sa8155psd675sm7250psd720g_firmwareqcs410_firmwareqcm2290Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-46377
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-6.5||MEDIUM
EPSS-0.46% / 62.97%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 15:23
Updated-24 Jan, 2025 | 18:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An out-of-bounds read vulnerability exists in the PORT command parameter extraction functionality of Weston Embedded uC-FTPs v 1.98.00. A specially-crafted set of network packets can lead to denial of service. An attacker can send packets to trigger this vulnerability.This vulnerability occurs when no IP address argument is provided to the `PORT` command.

Action-Not Available
Vendor-weston-embeddedWeston Embedded
Product-uc-ftpsuC-FTPs
CWE ID-CWE-823
Use of Out-of-range Pointer Offset
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31184
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:57
Updated-20 Sep, 2024 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MeterStats::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-41895
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-4.8||MEDIUM
EPSS-0.11% / 29.70%
||
7 Day CHG~0.00%
Published-18 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 16:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`MirrorPadGrad` heap out of bounds read in Tensorflow

TensorFlow is an open source platform for machine learning. If `MirrorPadGrad` is given outsize input `paddings`, TensorFlow will give a heap OOB error. We have patched the issue in GitHub commit 717ca98d8c3bba348ff62281fdf38dcb5ea1ec92. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-41883
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-6.8||MEDIUM
EPSS-0.10% / 28.65%
||
7 Day CHG~0.00%
Published-18 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 16:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out of bounds segmentation fault due to unequal op inputs in Tensorflow

TensorFlow is an open source platform for machine learning. When ops that have specified input sizes receive a differing number of inputs, the executor will crash. We have patched the issue in GitHub commit f5381e0e10b5a61344109c1b7c174c68110f7629. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-41897
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-4.8||MEDIUM
EPSS-0.11% / 29.70%
||
7 Day CHG~0.00%
Published-18 Nov, 2022 | 00:00
Updated-22 Apr, 2025 | 16:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
`FractionalMaxPoolGrad` Heap out of bounds read in Tensorflow

TensorFlow is an open source platform for machine learning. If `FractionMaxPoolGrad` is given outsize inputs `row_pooling_sequence` and `col_pooling_sequence`, TensorFlow will crash. We have patched the issue in GitHub commit d71090c3e5ca325bdf4b02eb236cfb3ee823e927. The fix will be included in TensorFlow 2.11. We will also cherrypick this commit on TensorFlow 2.10.1, 2.9.3, and TensorFlow 2.8.4, as these are also affected and still in supported range.

Action-Not Available
Vendor-Google LLCTensorFlow
Product-tensorflowtensorflow
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31179
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:56
Updated-20 Sep, 2024 | 19:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::TableFeaturePropInstruction::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31195
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:58
Updated-20 Sep, 2024 | 18:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTable::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2022-40512
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.5||HIGH
EPSS-0.12% / 32.21%
||
7 Day CHG~0.00%
Published-09 Feb, 2023 | 06:58
Updated-03 Aug, 2024 | 12:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer over-read in WLAN Firmware.

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresm6250p_firmwareipq4028_firmwareqca1023qca8337ar9380ipq8173_firmwareqcn5124mdm9645msm8992_firmwarewcn3950_firmwareqca6595au_firmwaresa6155mdm8215sd_455_firmwareapq8076qcs6125_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125mdm9206_firmwarewcn3660bqsm8350_firmwareqsm8350sd460_firmwaresm7315_firmwarewcn7850qca8081_firmwarewcn3998_firmwareqca6420qcn9002qca9986ipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwaresd_8cx_gen2ipq8072_firmwareqca0000sa8155_firmwareipq8068qca6430wcd9340sd765gsd680wcn7851_firmwareqca6698aq_firmwaremdm9250_firmwareqca9888_firmwareqcn6122qca6696_firmwarewcd9371sd870_firmwareqca1062qcn5154_firmwaremdm8215_firmwaresd_8cxsa8150pqca9992_firmwaresd660sd865_5g_firmwaresnapdragon_4_gen_1sd712sd660_firmwaresm8475qcn5022_firmwareqcn7606_firmwarewcn6750_firmwareqca6428_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca4531_firmwaressg2125pqca9980_firmwareipq8078qca8084qcn9001_firmwareipq8173sdx55m_firmwaremsm8976_firmwareqca6574sd670_firmwarecsr8811_firmwarewcd9380qcs410qcn5024sd690_5g_firmwareqca9379_firmwaresxr1230psdx24_firmwareqca9985qcn9012_firmwareqcn9274_firmwareipq6018_firmwareqcm4325_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqcn6112qca6584_firmwaremdm9215_firmwaresd695ipq6028ipq8064sd835pmp8074ipq9574_firmwareqca1990wcn3980_firmwaresd730qcc5100_firmwaresa8295pqca2062_firmwarewcn6740_firmwareqca6678aqsd678_firmwareapq8064au_firmwareipq8078_firmwareqcn5054qcs603qca9994qca9980sd670qcn9024_firmwareipq8174_firmwareqcm4290_firmwarewcn6855qcn7605_firmwaresw5100p_firmwareqcs610_firmwaresa6145pqca9886_firmwarear8031qca1023_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresdx55qcn5021_firmwarecsra6640ssg2115p_firmwareqca9379sa4155psxr2150pqcn7606qsm8250_firmwarewsa8830sxr2230p_firmwareqca1062_firmwarecsrb31024mdm9628_firmwaremdm9650sd_636qca8082qca9992qcs4290mdm9250qca6420_firmwareapq8009_firmwareqca2064_firmwaresd690_5gmdm9310_firmwaresd675_firmwareipq8072qca6564qca6426wcn3990_firmwareqrb5165n_firmwareqca9984_firmwareqca9377qca4531wcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwareipq8074aqcn6102_firmwareapq8094qcn9011_firmwaresa8155qca6584qcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwaresm7250p_firmwarewcn3610_firmwareqrb5165nqca6584ausd778gipq8174wcn7851qcn5052qca9367apq8092sdm630mdm9607_firmwareqcn6112_firmwaresa415m_firmwarewcn3988_firmwareqcn9074qca6421qca8085sd778g_firmwaresa8195pwcd9326wcd9335qcn6023qcs4290_firmwareqca8085_firmwareqcs6490_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000msm8976wcd9375sm6250_firmwaremsm8994apq8092_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresdx20_firmwarewsa8815_firmwareapq8017qcx315qcm6125_firmwaresd780gsd865_5gqca6595qcc5100ipq8065_firmwareqcx315_firmwaresxr1230p_firmwaresd665_firmwareqcn5154qca8075_firmwaresc8180xmdm9206wcn6855_firmwareqcn6132_firmwareqcn9003_firmwareqca9888qca6310_firmwareapq8094_firmwareipq8070a_firmwaremdm9615qca6574_firmwareqca9886sm7325p_firmwaresd665sxr2230pqca6175asd765qca6574a_firmwareqrb5165msd850_firmwaresm7315apq8009mdm9310qcn6102csrb31024_firmwareqcm6490_firmwarewsa8832_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwaresc8180x_firmwareqca9889_firmwaresd710mdm9607qcn5122mdm9645_firmwaresdx20m_firmwareqcn5022qca6564_firmwaresd768gqca1064_firmwarewcn6740qca8075apq8096au_firmwareqcn6024qcn9022sd845mdm9615_firmwareqcn9002_firmwareipq6000_firmwaresdx12qcs410_firmwareqca6175a_firmwaresd_8cx_gen3_firmwareqca2066sa6150p_firmwareqcs610qca6431_firmwarewcd9360_firmwaresdx65qca4024_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6335qca2062csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqca6554a_firmwareqam8295psd_8cx_gen2_firmwareipq8076amdm9628qca8386_firmwaresd_8_gen1_5g_firmwareqca8084_firmwaresd710_firmwareqca4020qca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwaresa6155_firmwaresdx12_firmwarewcd9360sdx20mqca6438_firmwaresd680_firmwareqca6678aq_firmwarewcn3999qrb5165_firmwareipq5028qrb5165m_firmwareipq4029_firmwareqca6698aqqcs6125sa4155p_firmwareipq6010sd662_firmwareqcs405qcn6132qca1990_firmwaresw5100qca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwarewcd9341ipq8068_firmwareqca2066_firmwareqca6431sd750gipq9008_firmwarewcn3910_firmwaresxr2150p_firmwarewsa8830_firmwaresd855_firmwarewcn3988qca6438wcn7850_firmwaresa8195p_firmwareqca9898sa8295p_firmwareipq4028wcn3610mdm9640ipq5018_firmwareqca8337_firmwarewcd9380_firmwareipq8072asw5100pmsm8996au_firmwarewcd9330ipq8076a_firmwareqca6564auwcn6856_firmwareipq9008qcn5164qcn5054_firmwaresdx50m_firmwareqca8072_firmwareqca6174qca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqcs605sd7cwcn3910qca6320mdm9650_firmwareqca9986_firmwareqca6426_firmwarewcn3660b_firmwareqca9984qcn9024wcd9330_firmwaresdx55mipq8064_firmwareqca6421_firmwaresd821_firmwarear8031_firmwareqrb5165wcn6851_firmwareipq8070sd_636_firmwareqca6564a_firmwaresd480sd870wsa8832qsm8250ipq6018sd695_firmwaresdxr1apq8096auqca6595_firmwareqcs405_firmwaresa8145pqca2064sd780g_firmwaresd888_firmwaresa8155psd675ar8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwaresd678qcn9070sa8145p_firmwareqcs2290_firmwaresd7c_firmwaresnapdragon_4_gen_1_firmwarecsra6620qcn9072qca8386sd765g_firmwareipq8069_firmwareqca6390_firmwareipq6000qca6174_firmwaresd730_firmwarewcd9370ssg2115pqcn5152_firmwareqca0000_firmwareqca6584au_firmwareapq8076_firmwareqcn9000_firmwareipq5018sd_8cx_firmwareqcn7605qca2065sd662qcn5124_firmwareqam8295p_firmwareqca1064qcn6100_firmwareqca8082_firmwareqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwareipq5010qca6564au_firmwaresa6155p_firmwareqca6310qcn9274qcn9001qca9990qcs6490sa515m_firmwaresdxr2_5gsd821msm8994_firmwaresa6145p_firmwaremsm8992sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresd765_firmwaresg4150pqca8081ipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385qca2065_firmwaresd_8cx_gen3ar8035csr8811apq8064auqcn9100_firmwaresd820qcm6490wcn6850_firmwarewsa8835_firmwareqca6564asa4150psg4150p_firmwareqcm4325qca8072qcm2290_firmwarewcn3990qcn9000sd_675qca6554aar9380_firmwaresdx24qcn9012sd888qcn6122_firmwarewsa8835msm8996ausd888_5gsm6250pssg2125p_firmwareipq4018qca6574aqca9889qca6174asm7325pipq8074qca9994_firmwarewcn6750qcn9003ipq8076_firmwaresa515msd855sm4125_firmwareipq8076qcn5021ipq8069qcn5152sd768g_firmwaresd460qca6391sdxr1_firmwareaqt1000_firmwareqcn9100sdx65_firmwareqcm4290sdx50msdx20mdm9215qcn9011sd_455ipq8074_firmwareqca6574ausa8155p_firmwareipq9574wcd9341_firmwareqcm6125wsa8810wcn6856wcn3680bsd835_firmwareipq6010_firmwareqca6696sd845_firmwaresa6150pqcn9022_firmwareqca9990_firmwareipq8070aqcn6100qcn9072_firmwaresm7250psd720g_firmwareipq8071_firmwareqcn9074_firmwaresw5100_firmwareipq4029sd850Snapdragonqca9377_firmwaresd_8cx_gen3_firmwaremdm9640_firmwaresa6150p_firmwaresm6250p_firmwareipq4028_firmwareipq8173_firmwareqca6431_firmwarewcd9360_firmwareqca4024_firmwaremsm8992_firmwarewcn3950_firmwareipq5028_firmwaresa8150p_firmwareqca6595au_firmwaresd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwareqca6554a_firmwarewcd9371_firmwaresd_8cx_gen2_firmwareqcn6024_firmwareqca8386_firmwaremdm9206_firmwaresd_8_gen1_5g_firmwareqca8084_firmwareqsm8350_firmwaresd710_firmwaresd460_firmwaresm7315_firmwareqca6574au_firmwareqcn5164_firmwarewcd9375_firmwareqca8081_firmwaresa6155_firmwaresdx12_firmwarewcn3998_firmwareqca6438_firmwaresd680_firmwareipq8070_firmwareqca9367_firmwareipq8078a_firmwareqca6678aq_firmwareqrb5165_firmwareqrb5165m_firmwareipq4029_firmwareipq8072_firmwaresa4155p_firmwaresa8155_firmwaresd662_firmwareqca1990_firmwareqca4020_firmwareqcs603_firmwarewcn7851_firmwareqca6698aq_firmwaremdm9250_firmwareqca9888_firmwareipq8068_firmwareqca2066_firmwareqca6696_firmwaresd870_firmwareipq9008_firmwareqcn5154_firmwaremdm8215_firmwarewcn3910_firmwaresxr2150p_firmwarewsa8830_firmwareqca9992_firmwaresd855_firmwaresd865_5g_firmwaresd660_firmwarewcn7850_firmwaresa8195p_firmwareqcn5022_firmwareqcn7606_firmwaresa8295p_firmwarewcn6750_firmwareqca6428_firmwareipq5018_firmwareqca9985_firmwareipq4018_firmwareqca4531_firmwareqca8337_firmwarewcd9380_firmwareqca9980_firmwaremsm8996au_firmwareipq8076a_firmwareqcn9001_firmwaresdx55m_firmwarewcn6856_firmwaremsm8976_firmwaresd670_firmwarecsr8811_firmwareqcn5054_firmwaresd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca8072_firmwareqca6430_firmwareqcn5052_firmwareqcn9012_firmwareqcn9274_firmwarewcd9335_firmwareqca6335_firmwareipq6018_firmwareqcm4325_firmwarewcd9340_firmwarepmp8074_firmwareqca6584_firmwaremdm9650_firmwareqca9986_firmwaremdm9215_firmwareqca6426_firmwarewcn3660b_firmwareipq9574_firmwarewcn3980_firmwarewcd9330_firmwareipq8064_firmwareqcc5100_firmwareqca6421_firmwareqca2062_firmwarewcn6740_firmwaresd821_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwareipq8078_firmwarewcn6851_firmwaresd_636_firmwareqca6564a_firmwareipq8174_firmwareqcn9024_firmwareqcm4290_firmwareqcn7605_firmwaresw5100p_firmwareqcs610_firmwareqca9886_firmwaresd695_firmwareqca1023_firmwareqca6595_firmwareqcs405_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwaresa4150p_firmwaresd780g_firmwarewcd9370_firmwaresd888_firmwareqcn5021_firmwaressg2115p_firmwarear8035_firmwareqsm8250_firmwareqcn5024_firmwarewcn3991_firmwaresa8145p_firmwaresxr2230p_firmwareqca1062_firmwareqcs2290_firmwaresd7c_firmwaremdm9628_firmwaresnapdragon_4_gen_1_firmwaresd765g_firmwareqca6420_firmwareipq8069_firmwareapq8009_firmwareqca2064_firmwareqca6390_firmwareqca6174_firmwaresd730_firmwaremdm9310_firmwaresd675_firmwareqcn5152_firmwareqca0000_firmwareqca6584au_firmwareapq8076_firmwareqrb5165n_firmwareqcn9000_firmwareqca9984_firmwarewcn3990_firmwaresd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwareqcn5124_firmwareqam8295p_firmwareqcn6100_firmwareqcn6102_firmwareqcn9011_firmwareqca8082_firmwareqca6320_firmwarewcn3680b_firmwareqcn5122_firmwaresdx55_firmwarewcn3999_firmwareqcn6023_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqca6564au_firmwaresa6155p_firmwaresa515m_firmwaremdm9607_firmwaremsm8994_firmwareqcn6112_firmwaresa415m_firmwarewcn3988_firmwaresa6145p_firmwaresd712_firmwaresd778g_firmwareapq8017_firmwarewsa8810_firmwaresd765_firmwareqca6174a_firmwareipq8071a_firmwareqcs4290_firmwareqca8085_firmwareqca2065_firmwareqcs6490_firmwareqca9898_firmwaresd750g_firmwaresm6250_firmwareqcn9100_firmwareapq8092_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresdx20_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresg4150p_firmwareqcm6125_firmwareqcm2290_firmwarear9380_firmwareqcn6122_firmwareipq8065_firmwareqcx315_firmwaresxr1230p_firmwaresd665_firmwareqca8075_firmwaressg2125p_firmwarewcn6855_firmwareqcn6132_firmwareqcn9003_firmwareqca6310_firmwareapq8094_firmwareqca9994_firmwareipq8070a_firmwareipq8076_firmwareqca6574_firmwaresm4125_firmwaresm7325p_firmwareqca6574a_firmwaresd768g_firmwaresd850_firmwaresdxr1_firmwareaqt1000_firmwaresdx65_firmwarecsrb31024_firmwareqcm6490_firmwarewsa8832_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwareipq8074_firmwareqca9889_firmwaresa8155p_firmwaremdm9645_firmwarewcd9341_firmwaresdx20m_firmwaresd835_firmwareqca6564_firmwareipq6010_firmwareqca1064_firmwaresd845_firmwareqcn9022_firmwareapq8096au_firmwaremdm9615_firmwareqca9990_firmwareqcn9002_firmwareqcn9072_firmwareipq6000_firmwaresd720g_firmwareipq8071_firmwareqcn9074_firmwareqcs410_firmwaresw5100_firmwareqca6175a_firmware
CWE ID-CWE-126
Buffer Over-read
CWE ID-CWE-125
Out-of-bounds Read
CVE-2024-31169
Matching Score-4
Assigner-Nozomi Networks Inc.
ShareView Details
Matching Score-4
Assigner-Nozomi Networks Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.19% / 40.72%
||
7 Day CHG~0.00%
Published-18 Sep, 2024 | 13:55
Updated-20 Sep, 2024 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::QueueGetConfigReply::unpack. This issue affects libfluid: 0.1.0.

Action-Not Available
Vendor-opennetworkingOpen Networking Foundation (ONF)open_networking_foundation
Product-libfluid_msglibfluidlibfluid
CWE ID-CWE-125
Out-of-bounds Read
CVE-2021-3422
Matching Score-4
Assigner-Splunk Inc.
ShareView Details
Matching Score-4
Assigner-Splunk Inc.
CVSS Score-7.5||HIGH
EPSS-0.40% / 59.57%
||
7 Day CHG~0.00%
Published-25 Mar, 2022 | 18:02
Updated-03 Aug, 2024 | 16:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Indexer denial-of-service via malformed S2S request

The lack of validation of a key-value field in the Splunk-to-Splunk protocol results in a denial-of-service in Splunk Enterprise instances configured to index Universal Forwarder traffic. The vulnerability impacts Splunk Enterprise versions before 7.3.9, 8.0 versions before 8.0.9, and 8.1 versions before 8.1.3. It does not impact Universal Forwarders. When Splunk forwarding is secured using TLS or a Token, the attack requires compromising the certificate or token, or both. Implementation of either or both reduces the severity to Medium.

Action-Not Available
Vendor-Splunk LLC (Cisco Systems, Inc.)
Product-splunkSplunk Enterprise
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-20
Improper Input Validation
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 9
  • 10
  • Next
Details not found