Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-52531

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-11 Nov, 2024 | 00:00
Updated At-03 Nov, 2025 | 22:28
Rejected At-
Credits

GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response).

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:11 Nov, 2024 | 00:00
Updated At:03 Nov, 2025 | 22:28
Rejected At:
▼CVE Numbering Authority (CNA)

GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response).

Affected Products
Vendor
The GNOME ProjectGNOME
Product
libsoup
Default Status
unaffected
Versions
Affected
  • From 0 before 3.6.1 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-787CWE-787 Out-of-bounds Write
Type: CWE
CWE ID: CWE-787
Description: CWE-787 Out-of-bounds Write
Metrics
VersionBase scoreBase severityVector
3.16.5MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home
N/A
https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407
N/A
https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407#note_2316401
N/A
https://offsec.almond.consulting/using-aflplusplus-on-bug-bounty-programs-an-example-with-gnome-libsoup.html
N/A
Hyperlink: https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home
Resource: N/A
Hyperlink: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407
Resource: N/A
Hyperlink: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407#note_2316401
Resource: N/A
Hyperlink: https://offsec.almond.consulting/using-aflplusplus-on-bug-bounty-programs-an-example-with-gnome-libsoup.html
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
3.18.4HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://lists.debian.org/debian-lts-announce/2024/12/msg00014.html
N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2024/12/msg00014.html
Resource: N/A
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:11 Nov, 2024 | 20:15
Updated At:03 Nov, 2025 | 23:17

GNOME libsoup before 3.6.1 allows a buffer overflow in applications that perform conversion to UTF-8 in soup_header_parse_param_list_strict. There is a plausible way to reach this remotely via soup_message_headers_get_content_type (e.g., an application may want to retrieve the content type of a request or response).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.16.5MEDIUM
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
Secondary3.18.4HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 6.5
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:L
Type: Secondary
Version: 3.1
Base score: 8.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
The GNOME Project
gnome
>>libsoup>>Versions before 3.6.1(exclusive)
cpe:2.3:a:gnome:libsoup:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-787Secondarycve@mitre.org
CWE ID: CWE-787
Type: Secondary
Source: cve@mitre.org
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407cve@mitre.org
Issue Tracking
https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407#note_2316401cve@mitre.org
Issue Tracking
https://gitlab.gnome.org/Teams/Releng/security/-/wikis/homecve@mitre.org
Vendor Advisory
https://offsec.almond.consulting/using-aflplusplus-on-bug-bounty-programs-an-example-with-gnome-libsoup.htmlcve@mitre.org
Exploit
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2024/12/msg00014.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407
Source: cve@mitre.org
Resource:
Issue Tracking
Hyperlink: https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/407#note_2316401
Source: cve@mitre.org
Resource:
Issue Tracking
Hyperlink: https://gitlab.gnome.org/Teams/Releng/security/-/wikis/home
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: https://offsec.almond.consulting/using-aflplusplus-on-bug-bounty-programs-an-example-with-gnome-libsoup.html
Source: cve@mitre.org
Resource:
Exploit
Third Party Advisory
Hyperlink: https://lists.debian.org/debian-lts-announce/2024/12/msg00014.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

116Records found
CVE-2021-30256
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.03% / 10.10%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible stack overflow due to improper validation of camera name length before copying the name in VR Service in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sm7250qcs2290_firmwaresm7250_firmwaresd_636qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqcs2290qca6390_firmwaremsm8917sd690_5gsd730_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426sd632wcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125sd720gwcn3615_firmwarewcn3660bsd662sd460_firmwarewcn3680b_firmwaresdx55_firmwarewcd9375_firmwarewcn3615wcn3998_firmwareqca6420qca6436_firmwareapq8053_firmwaresd778gqcs6490sd429sdxr2_5gqcs6125sd662_firmwaresdm630wcn3988_firmwareqca6430sd429_firmwaresm6250sd778g_firmwareapq8017_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca6436wcn6851qcs4290_firmwarewcd9385qcs6490_firmwaresd750gsd870_firmwareqca6390wcd9375sd750g_firmwareaqt1000wcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8835_firmwareapq8017wcn6750_firmwareqcm6125_firmwareqcm2290_firmwarewcn3991wcd9380_firmwaresd_675sd780gsd865_5gsdx55m_firmwarewcn6856_firmwaresd888wsa8835sd632_firmwaresd665_firmwarewcd9380sd888_5gqualcomm215sd690_5g_firmwaresdx50m_firmwarewcn6855_firmwaresm7325qca6430_firmwarewcn6750sd439_firmwareqcs605sd855sm4125_firmwarewcn6850sd665wcn3910sd765qca6426_firmwarewcn3660b_firmwarewcn3680sd768g_firmwaresd730sd460qca6391sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwareqcm4290qcm6490_firmwaresdx50mwcn3680_firmwaresd480_firmwarewcn6851_firmwaresd_636_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855wcn6856wcn3680bsdxr1sd768gwcn6740sdm630_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053sd675sd439sd720g_firmwareqcm2290sm7325_firmwareSnapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-30257
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.09% / 26.44%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 22:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible out of bound read or write in VR service due to lack of validation of DSP selection values in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sm7250qcs2290_firmwaresm7250_firmwaresd_636qcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqcs2290qca6390_firmwaremsm8917sd690_5gsd730_firmwarewcd9370qcs605_firmwaresd_675_firmwaresd675_firmwareqcs6125_firmwareqca6426sd632wcn3998wcd9385_firmwaresdxr2_5g_firmwarewcn3950sm4125sd720gwcn3615_firmwarewcn3660bsd662sd460_firmwarewcn3680b_firmwaresdx55_firmwarewcd9375_firmwarewcn3615wcn3998_firmwareqca6420qca6436_firmwareapq8053_firmwaresd778gqcs6490sd429sdxr2_5gqcs6125sd662_firmwaresdm630wcn3988_firmwareqca6430sd429_firmwaresm6250sd778g_firmwareapq8017_firmwarequalcomm215_firmwaresd765gsd765_firmwareqca6436wcn6851qcs4290_firmwarewcd9385qcs6490_firmwaresd750gsd870_firmwareqca6390wcd9375sd750g_firmwareaqt1000wcn3910_firmwaresm6250_firmwaremsm8953_firmwarewsa8830_firmwaremsm8917_firmwaresd855_firmwaresd865_5g_firmwareqcm6490sd888_5g_firmwarewcn3988wcn6850_firmwarewsa8835_firmwareapq8017wcn6750_firmwareqcm6125_firmwareqcm2290_firmwarewcn3991wcd9380_firmwaresd_675sd780gsd865_5gsdx55m_firmwarewcn6856_firmwaresd888wsa8835sd632_firmwaresd665_firmwarewcd9380sd888_5gqualcomm215sd690_5g_firmwaresdx50m_firmwarewcn6855_firmwaresm7325qca6430_firmwarewcn6750sd439_firmwareqcs605sd855sm4125_firmwarewcn6850sd665wcn3910sd765qca6426_firmwarewcn3660b_firmwarewcn3680sd768g_firmwaresd730sd460qca6391sdx55msdxr1_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953sd678_firmwareqcm4290qcm6490_firmwaresdx50mwcn3680_firmwaresd480_firmwarewcn6851_firmwaresd_636_firmwareqcm6125qcm4290_firmwaresd480sd870wcn6855wcn6856wcn3680bsdxr1sd768gwcn6740sdm630_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053sd675sd439sd720g_firmwareqcm2290sm7325_firmwareSnapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-125
Out-of-bounds Read
CVE-2023-28798
Matching Score-4
Assigner-Zscaler, Inc.
ShareView Details
Matching Score-4
Assigner-Zscaler, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.22% / 44.33%
||
7 Day CHG~0.00%
Published-02 May, 2024 | 13:10
Updated-20 Feb, 2026 | 21:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Out-of-bounds write to heap in pacparser

An out-of-bounds write to heap in the pacparser library on Zscaler Client Connector on Mac may lead to arbitrary code execution.

Action-Not Available
Vendor-Zscaler, Inc.
Product-client_connectorClient Connectorclient_connector
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-1892
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 11.54%
||
7 Day CHG~0.00%
Published-07 Apr, 2021 | 07:55
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption due to improper input validation while processing IO control which is nonstandard in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qca9377_firmwareqca2066wcn3990qca1062_firmwareqfe4455fc_firmwareqfe3440fc_firmwarewgr7640wcn6856_firmwarepm8005_firmwareqfe2081fc_firmwareqca6420_firmwareqca6595au_firmwaresmb1351_firmwaresd850qln1035bdqca6335qca6174_firmwarepm8998_firmwaresmb1380_firmwaresmb1381pm855p_firmwarewcn6855_firmwarewtr5975_firmwareqfe3100_firmwaresmb1390_firmwareqca6174asd8cwcn3990_firmwareqca6310_firmwarewtr5975qca6174qca9377qca6430_firmwarewcn3998wcd9335_firmwareqcn7605qca6335_firmwarewcd9340_firmwarewgr7640_firmwarewsa8815sd8cxwcn6850smb1380qca1064smb2351_firmwaresd835qca6595auwcn3998_firmwaresd850_firmwaresmb1351qca6391pm855pqca6420sd8cx_firmwareaqt1000_firmwareqfe2082fcqca6310sd8c_firmwarepmi8998qfe2081fcpm855sdr8150qfe2082fc_firmwarewcn6851_firmwareqca6164_firmwareqca6430qfe4455fcwcd9340qln1035bd_firmwarewsa8810_firmwarewcd9341_firmwareqfe3440fcwsa8810wcn6855wcn6851wcd9335qcn7605_firmwarepmi8998_firmwareqat3550pm8005wcn6856pm855_firmwaresd835_firmwareqca6174a_firmwaresdr8150_firmwarewcd9341qca2066_firmwareqet4100_firmwaresmb1350qca1064_firmwareqca1062qat3550_firmwareqca6164smb1350_firmwareqca6391_firmwaresmb1381_firmwaresd845_firmwareaqt1000sd845wsa8815_firmwarewcn6850_firmwarepm8998smb1390qcn7606_firmwaresmb2351qet4100qcn7606Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-28547
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.06% / 18.78%
||
7 Day CHG~0.00%
Published-01 Apr, 2024 | 15:05
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in SPS Applications

Memory corruption in SPS Application while requesting for public key in sorter TA.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwaresdm429w_firmwaresd865_5gqcs8155_firmwaresnapdragon_632_mobileqca6595qca8081_firmwaresnapdragon_670_mobilewcd9340_firmwarewcd9395_firmwareqcn6024qcc710_firmwareqca6426snapdragon_8\+_gen_1_mobilefastconnect_6700wcn3610sa4150psnapdragon_427_mobile_firmwaresnapdragon_782g_mobile_firmwaresnapdragon_wear_4100\+_firmwarewsa8832_firmwareqca8337qca6426_firmwarewcd9395snapdragon_665_mobile_firmwaresc8180xp-aaabqca6574au_firmwareqcn7606_firmwareqca6564_firmwaresm6370qam8295pwcd9341sd626_firmwaresnapdragon_820_automotivesnapdragon_888\+_5g_mobile_firmware315_5g_iot_firmwaresd730_firmwarewsa8810_firmwarewsa8845h_firmwaresa9000p_firmwaresc8180xp-acafwcn3660_firmwaresnapdragon_820_automotive_firmwarefastconnect_6800_firmwareqcs5430sd835_firmwareqcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psa8770psnapdragon_678_mobile_firmwaresnapdragon_425_mobilesd821snapdragon_632_mobile_firmwaresa8540pqsm8250_firmwareqsm8350_firmwarevideo_collaboration_vc1_platformqep8111sa7255psnapdragon_730_mobile_firmwarewcd9385_firmwareqca6421vision_intelligence_200qca6310wcd9360sd821_firmwaresnapdragon_680_4g_mobilesa6155pqca6564au_firmwaresd820snapdragon_429_mobile_firmwareqam8650pvideo_collaboration_vc5_platform_firmwaresa9000psnapdragon_888_5g_mobile_firmwaresxr2250p_firmwaresnapdragon_662_mobile_firmwaresa6155p_firmwaresnapdragon_685_4g_mobile_firmwaremdm9640_firmwaresd835snapdragon_x55_5g_modem-rfsnapdragon_4_gen_2_mobile_firmwareqca6436_firmwaresnapdragon_695_5g_mobile_firmwaresnapdragon_x55_5g_modem-rf_firmwaresnapdragon_7c\+_gen_3_compute_firmwareqts110sm4125_firmwareqca6420wcn3910apq8064au_firmwaremdm9205s_firmwarecsrb31024snapdragon_712_mobilewcn3660bqca6574awcn3620_firmwareqca6174awcd9340qcs8250_firmwareqcm2290qdu1210talynplussnapdragon_auto_5g_modem-rf_gen_2snapdragon_835_mobile_pc_firmwaresm8550p_firmwaresxr2250pqcm8550wcn3988snapdragon_765_5g_mobile_firmwareqcn9024vision_intelligence_300_firmwareqca6574215_mobileqamsrv1hqcs410qcm2290_firmwarevision_intelligence_100sa8155phome_hub_100snapdragon_765g_5g_mobile_firmwarewsa8830smart_display_200_firmwaresm8550psa6145psnapdragon_625_mobile_firmwaresa8255p_firmwaremsm8996ausnapdragon_4_gen_2_mobilesnapdragon_7c_compute_firmwareqrb5165m_firmwaresa8650p_firmwaresnapdragon_820_mobile_firmwarewcn3620snapdragon_865\+_5g_mobile_firmwaresnapdragon_429_mobileapq8064auwcn3950_firmwareqrb5165nmdm9205sfastconnect_6200sm7325p_firmwaresd460wcd9360_firmwaresc8180x-acaf_firmwaresnapdragon_480_5g_mobile_firmwaresnapdragon_660_mobile_firmwareqdx1011snapdragon_710_mobile_firmwarevideo_collaboration_vc3_platform_firmwarerobotics_rb3_firmwaresd670_firmwaresnapdragon_8_gen_3_mobilesnapdragon_855_mobilesc8180xp-acaf_firmwareqcn6224_firmwarevision_intelligence_100_firmwareqca6431sd660_firmwaresnapdragon_480_5g_mobilesnapdragon_750g_5g_mobile_firmwareqca9379_firmwaresxr2130_firmwaresrv1msnapdragon_860_mobile_firmwarear8035_firmwaresnapdragon_778g\+_5g_mobileqrb5165msc8380xpqca6320sd888_firmwarewcd9306qcs6125_firmwaresnapdragon_wear_1300_firmwareqcn9074wsa8815_firmwareqca8337_firmwaresnapdragon_665_mobilesm7250p_firmwarewcn3680_firmwarewcn3999wcn3950snapdragon_730g_mobile_firmwareqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaretalynplus_firmwaresnapdragon_778g\+_5g_mobile_firmwareapq8037sa8295p_firmwaresmart_audio_400_firmwaresd_675_firmwaresa4155p_firmwaresnapdragon_720g_mobilesm7250pcsrb31024_firmwaresa8155sc8180x-acafsd888qru1062_firmwarefsm10056sd460_firmwaresnapdragon_675_mobile_firmwaresnapdragon_768g_5g_mobilesc8380xp_firmwareqru1062qca6310_firmwaresd626fastconnect_6800qcs7230pm8937snapdragon_865_5g_mobile_firmwarewcd9371fastconnect_6900_firmwarerobotics_rb5_firmwaresc8180x-aaab_firmwarevideo_collaboration_vc3_platformqcm2150_firmware215_mobile_firmwareqca6431_firmwareqca6698aq_firmwareqcs2290qcn7606qcs2290_firmwaresnapdragon_xr2\+_gen_1_firmwarewcn3615wcn3999_firmwarewcn3680sa8255pqcs7230_firmwarewcd9390_firmwareqep8111_firmwareqca6430snapdragon_855\+_mobilemdm9650qdx1011_firmwaresnapdragon_765_5g_mobilesnapdragon_860_mobilesc8180xp-ad_firmwaresnapdragon_auto_5g_modem-rfflight_rb5_5g_firmwaressg2125pqru1052snapdragon_x65_5g_modem-rf_firmwarecsra6640_firmwareqamsrv1mqam8650p_firmwarevideo_collaboration_vc5_platformqca6420_firmwareqcs6490_firmwaresd855_firmwarewcd9335_firmwaremdm9640qca6436qrb5165n_firmwarewcn3980_firmwaresnapdragon_x24_lte_modem_firmwarewsa8835qca6391_firmwarewsa8840_firmware9205_lte_firmwareqdu1010_firmwareqcs4290_firmwaresnapdragon_430_mobile_firmwarecsra6620qca8081sd660wsa8815qam8775pqca9377snapdragon_ar2_gen_1_firmwareqcm4325_firmwaresnapdragon_439_mobile_firmwareqcm4290_firmwaresnapdragon_720g_mobile_firmwaresnapdragon_821_mobile_firmwaresnapdragon_710_mobileqcs5430_firmwaresg4150p_firmwareqru1052_firmwarecsra6620_firmwareqcs8550sa8650psnapdragon_626_mobileqam8775p_firmwaresd865_5g_firmwaresnapdragon_xr1wcd9375snapdragon_ar2_gen_1snapdragon_636_mobilesa8145psd_675snapdragon_8\+_gen_1_mobile_firmwaresmart_display_200qdx1010wcn3680b_firmwaresnapdragon_8_gen_1_mobile_firmwareqcm8550_firmwareapq8017qcs410_firmwarerobotics_rb3sa6150p_firmwaresw5100psxr1120qcs610_firmwarewcd9335wcd9370snapdragon_7c_gen_2_compute_firmwareqca4004qca6696wcd9341_firmwarewcn6740_firmwaresnapdragon_780g_5g_mobilesnapdragon_750g_5g_mobilevision_intelligence_200_firmwaresnapdragon_685_4g_mobilesnapdragon_x50_5g_modem-rf_firmwareqdu1110snapdragon_auto_4g_modemsnapdragon_690_5g_mobile_firmwaresnapdragon_wear_1300qca6574auwcd9390sa8620p_firmwarepm8937_firmwarecsra6640snapdragon_778g_5g_mobile_firmwaresrv1hwcn3660b_firmwaresd730snapdragon_690_5g_mobileqcn6024_firmwaresnapdragon_636_mobile_firmwareqcm5430snapdragon_712_mobile_firmwaresnapdragon_625_mobileqcm6125_firmwarec-v2x_9150ssg2115pqcc710snapdragon_xr2_5g_firmwaresnapdragon_xr1_firmwaresxr1120_firmwaresnapdragon_wear_4100\+fastconnect_6900snapdragon_w5\+_gen_1_wearable_firmwareqru1032_firmwarefsm10056_firmwareqfw7114qam8255p_firmwaresa8155_firmwareqca6335snapdragon_x65_5g_modem-rfqcs4490snapdragon_730_mobilewsa8845snapdragon_626_mobile_firmwareqca6421_firmwareqcm6125sc8180x-adwsa8810qdu1000_firmwareqsm8250srv1h_firmwareqca6595ausnapdragon_888_5g_mobilesm7315_firmwareqdu1010wcd9326_firmwaresnapdragon_845_mobile_firmwarewsa8840srv1m_firmwareqcs8550_firmwaresnapdragon_730g_mobilesnapdragon_782g_mobilesnapdragon_x35_5g_modem-rf_firmwareqdu1210_firmwaresnapdragon_8_gen_2_mobile_firmwareqfw7124_firmwareqcn9012mdm9650_firmwarewcd9371_firmwareqcs4490_firmwarewcn3910_firmwaresnapdragon_460_mobilesnapdragon_8_gen_2_mobilewcd9370_firmwareqdu1110_firmwareqdu1000sa7255p_firmwaresnapdragon_8\+_gen_2_mobilesa8195p9205_lteqca6335_firmwareqcm6490sa8540p_firmwaresm6370_firmwaresnapdragon_662_mobileqca9379sa8775psxr2230p_firmwaresd675_firmwaresnapdragon_855_mobile_firmwareqca6430_firmwareqcn9011sa8775p_firmwaresmart_audio_400qcn9024_firmwarewsa8845hsa6150pwcd9326sa8155p_firmwaresnapdragon_630_mobileqca6564aqcn9074_firmwaresnapdragon_768g_5g_mobile_firmwaresnapdragon_7c_gen_2_computesc8180x\+sdx55_firmwarear8035qamsrv1m_firmwareqca6564sa6155qcm4325qcn6224snapdragon_435_mobile_firmwaresc8180x\+sdx55qca6698aqssg2125p_firmwaresm6250snapdragon_480\+_5g_mobilesd670wcn3680bsa8145p_firmwareqcs8155sa8150p_firmwarefastconnect_6700_firmwarewcn3990snapdragon_x75_5g_modem-rf_firmwareqcs6490qcs8250snapdragon_695_5g_mobilesnapdragon_778g_5g_mobilefastconnect_6200_firmwarear8031_firmwarehome_hub_100_firmwaresnapdragon_460_mobile_firmwarewsa8830_firmwareqca6678aq_firmwarewsa8845_firmwarewsa8832snapdragon_auto_4g_modem_firmwareqca6678aqsnapdragon_x35_5g_modem-rfsc8180xp-aaab_firmwaresa4150p_firmwareqca6564ausnapdragon_820_mobilesnapdragon_425_mobile_firmwaresm6250p_firmwaresc8180xp-adsc8280xp-abbbsa8195p_firmwareqcm4290sd_455_firmwarear8031sg8275p_firmwareqca9377_firmwareqcm6490_firmwaresnapdragon_xr2\+_gen_1sm4125qcm4490_firmwareqru1032vision_intelligence_400_firmwareqcs6125flight_rb5_5gsnapdragon_870_5g_mobile_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_732g_mobileqca4004_firmwaresnapdragon_870_5g_mobilesnapdragon_678_mobilesd_455sm6250_firmwaresc8180x-ad_firmwaresnapdragon_7c_computeqca6584auqca6320_firmwareqcn6274_firmwaresnapdragon_435_mobileqcn9011_firmwaresw5100_firmwarewcn6740snapdragon_780g_5g_mobile_firmwaresnapdragon_845_mobilesnapdragon_8_gen_3_mobile_firmwareqfw7114_firmwareqca6595_firmwarefastconnect_7800_firmwaresnapdragon_675_mobileapq8017_firmwarewcd9380sa6145p_firmwareqam8255psa6155_firmwaresxr2230psnapdragon_450_mobile_firmwaresnapdragon_xr2_5gsa8150psnapdragon_x24_lte_modemmsm8996au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresc8180x-aaabsxr1230psd662_firmwarewcn3660sw5100aqt1000wcd9306_firmwaresnapdragon_4_gen_1_mobile_firmwareqca6234c-v2x_9150_firmwareqam8295p_firmwaresd855wcn3990_firmwaresm7315snapdragon_660_mobileqca6564a_firmwarewcd9385snapdragon_888\+_5g_mobileqsm8350qca6234_firmwaresnapdragon_8_gen_1_mobilesnapdragon_630_mobile_firmwaresd662snapdragon_680_4g_mobile_firmwarewcn3610_firmwareqcs4290sxr1230p_firmwaresnapdragon_821_mobilesnapdragon_865\+_5g_mobilesd820_firmwaresg8275psm6250psdx55_firmwarewcn3615_firmwaresxr2130qcm4490snapdragon_480\+_5g_mobile_firmwarerobotics_rb5qca6174a_firmwaresm7325psnapdragon_732g_mobile_firmwaresnapdragon_x50_5g_modem-rfapq8037_firmwaresnapdragon_670_mobile_firmwareaqt1000_firmwaresdm429wqca6584au_firmwareqcn6274qfw7124qca6595au_firmwaresw5100p_firmwareqca6696_firmwarewcd9380_firmwareqca6574_firmwaresg4150psd_8_gen1_5gqca6797aqsnapdragon_x75_5g_modem-rfsnapdragon_427_mobilesa8620pqca6574a_firmwaresdx55snapdragon_4_gen_1_mobilesnapdragon_450_mobilesnapdragon_865_5g_mobilesnapdragon_835_mobile_pcsd675snapdragon_855\+_mobile_firmwaresd_8_gen1_5g_firmwarewcd9375_firmwareqca6391qts110_firmwareqcn9012_firmwaresnapdragon_439_mobilesa8770p_firmwaresa8295psc8280xp-abbb_firmwarefastconnect_7800snapdragon_8\+_gen_2_mobile_firmwarevision_intelligence_300snapdragon_765g_5g_mobilewcn3988_firmware315_5g_iotqamsrv1h_firmwaresnapdragon_430_mobilevision_intelligence_400wsa8835_firmwaressg2115p_firmwarewcn3980qcm2150snapdragon_w5\+_gen_1_wearableqcs610Snapdragonsnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_720g_mobile_platform_firmwarequalcomm_video_collaboration_vc1_platform_firmwarewsa8832_firmwareqca6431_firmwaresnapdragon_x35_5g_modem-rf_system_firmwareflight_rb5_5g_platform_firmwaresd888_firmwareqcn9024_firmwareqca6234_firmwaresd820_firmwaresd821_firmwarewcn3660_firmwarewsa8835_firmwaresd670_firmwarefastconnect_6700_firmwaresa8155p_firmwareqcn6224_firmwareqca6420_firmwarecsrb31024_firmwaresd626_firmwareqca9377_firmwaresm7315_firmwaresnapdragon_820_automotive_platform_firmwarevision_intelligence_400_platform_firmwaresd835_firmwarewcd9385_firmwarewcn3610_firmwarefastconnect_7800_firmwaressg2125p_firmwarewcd9360_firmwarecsra6620_firmwaresa8155_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqcn6024_firmwareqamsrv1m_firmwaresa8620p_firmwareqcn6274_firmwarewcd9306_firmwareqam8650p_firmwarec-v2x_9150_firmwareqsm8250_firmwarewcn3950_firmwaresnapdragon_670_mobile_platform_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresrv1m_firmwareqrb5165n_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresa8195p_firmwarewcn3910_firmwareqcn9012_firmwareqcs5430_firmwareqdx1011_firmwaresw5100_firmwaresa9000p_firmwarear8035_firmwaresnapdragon_695_5g_mobile_platform_firmware315_5g_iot_modem_firmwarewsa8845_firmwaresd660_firmwaresnapdragon_429_mobile_platform_firmwaremdm9640_firmwareqca6574au_firmwareapq8017_firmwareqca6678aq_firmwaresm4125_firmwaresnapdragon_425_mobile_platform_firmwarewcn3980_firmwarewcn3680_firmwaresnapdragon_626_mobile_platform_firmwareqcm6125_firmwarewcn3660b_firmwareqca6696_firmwaresnapdragon_430_mobile_platform_firmwareqsm8350_firmwareapq8064au_firmwaresnapdragon_xr1_platform_firmwareqca8337_firmwarefsm10056_firmwareqca6595au_firmwareqamsrv1h_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_ar2_gen_1_platform_firmwarepm8937_firmwarewcd9395_firmwareqdu1010_firmwaresg4150p_firmwareqca6174a_firmwareqca6391_firmwarewcd9370_firmwarewsa8840_firmwaretalynplus_firmwaresnapdragon_427_mobile_platform_firmwareqam8775p_firmwarewcd9371_firmwarerobotics_rb3_platform_firmwaresw5100p_firmwareqcm4325_firmwaresnapdragon_865_5g_mobile_platform_firmwarewsa8830_firmwaremsm8996au_firmwareqam8295p_firmwareqca6320_firmwareqca6574_firmwaresd_675_firmwarewcd9335_firmwaresnapdragon_630_mobile_platform_firmwarear8031_firmwareqcm4490_firmwarequalcomm_215_mobile_platform_firmwareqcm2290_firmwaresnapdragon_480_5g_mobile_platform_firmwaresnapdragon_662_mobile_platform_firmwareqdx1010_firmwareqcs610_firmwarewsa8815_firmwarewcn3990_firmwareapq8037_firmwaresm6370_firmwaresnapdragon_450_mobile_platform_firmwareqca9379_firmwareqrb5165m_firmwareqca6430_firmware9205_lte_modem_firmwaresd865_5g_firmwaresnapdragon_750g_5g_mobile_platform_firmwareqca6426_firmwaresnapdragon_auto_4g_modem_firmwaresc8380xp_firmwaresdx55_firmwaresmart_audio_400_platform_firmwaresnapdragon_auto_5g_modem-rf_firmwareqca6421_firmwareqam8255p_firmwareqca6310_firmwaresa8650p_firmwaresnapdragon_435_mobile_platform_firmwareqca6574a_firmwaresd_455_firmwareqcs4490_firmwaresa8150p_firmwareqcs7230_firmwaresrv1h_firmwaresd855_firmwaresnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_8_gen_3_mobile_platform_firmwaresa8255p_firmwaresm7325p_firmwarewcn3988_firmwarequalcomm_video_collaboration_vc5_platform_firmwaresnapdragon_660_mobile_platform_firmwaresnapdragon_855_mobile_platform_firmwareqcm6490_firmwaresxr2250p_firmwarefastconnect_6200_firmwaresnapdragon_820_mobile_platform_firmwaresa4155p_firmwaresm6250_firmwaresa6155_firmwaresm7250p_firmwaresnapdragon_675_mobile_platform_firmwareqca6698aq_firmwareqca8081_firmwaresnapdragon_680_4g_mobile_platform_firmwaresa8770p_firmwaresnapdragon_710_mobile_platform_firmwaresnapdragon_636_mobile_platform_firmwarecsra6640_firmwaresxr1120_firmwarewcd9341_firmwarewsa8845h_firmwareqcm8550_firmwareqdu1110_firmwareqca6436_firmwaresd662_firmwareqca6595_firmwaresa7255p_firmwarewcd9326_firmwareqcn9011_firmwaremdm9650_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresnapdragon_439_mobile_platform_firmwarevision_intelligence_300_platform_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqca6564a_firmwareqca6335_firmwareqcn7606_firmwaresnapdragon_625_mobile_platform_firmwaresnapdragon_690_5g_mobile_platform_firmwarewcd9340_firmwaresnapdragon_x24_lte_modem_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarefastconnect_6800_firmwareqcs6125_firmwareqcc710_firmwaresa6155p_firmwareqcn9074_firmwarewcn6740_firmwaresd_8_gen1_5g_firmwareqcs8550_firmwaresa8540p_firmwareqca6564au_firmwaresnapdragon_xr2_5g_platform_firmwareqca6564_firmwaresm6250p_firmwareqep8111_firmwaresa8775p_firmwaresnapdragon_wear_1300_platform_firmwarewcn3615_firmwareqcs8155_firmwarewcd9390_firmwareaqt1000_firmwaresm8550p_firmwaresdm429w_firmwarewcn3999_firmwareqcs6490_firmwaresnapdragon_632_mobile_platform_firmwareqcm5430_firmwaresnapdragon_821_mobile_platform_firmwaresd675_firmwaresa6145p_firmwaresnapdragon_835_mobile_pc_platform_firmwaresa8295p_firmwaresnapdragon_845_mobile_platform_firmwaresa4150p_firmwaresnapdragon_888_5g_mobile_platform_firmwaresa6150p_firmwaresxr1230p_firmwareqfw7124_firmwaremdm9205s_firmwarefastconnect_6900_firmwareqdu1000_firmwaresxr2130_firmwarewcd9380_firmwareqca6584au_firmwaresnapdragon_8_gen_1_mobile_platform_firmwarewsa8810_firmwareqfw7114_firmwaresd730_firmwaresxr2230p_firmwaressg2115p_firmwaresg8275p_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresa8145p_firmwaresd460_firmwareqru1052_firmwarequalcomm_video_collaboration_vc3_platform_firmwarerobotics_rb5_platform_firmwareqdu1210_firmwareqcs4290_firmwarehome_hub_100_platform_firmwareqru1062_firmwareqcs2290_firmwaresnapdragon_460_mobile_platform_firmwareqca6797aq_firmwarewcn3680b_firmwaresnapdragon_712_mobile_platform_firmwareqcm2150_firmwarewcn3620_firmwaresnapdragon_665_mobile_platform_firmwareqru1032_firmwareqcs410_firmwareqts110_firmwareqcm4290_firmwareqca4004_firmwareqcs8250_firmwarewcd9375_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-28523
Matching Score-4
Assigner-IBM Corporation
ShareView Details
Matching Score-4
Assigner-IBM Corporation
CVSS Score-8.4||HIGH
EPSS-0.03% / 8.12%
||
7 Day CHG~0.00%
Published-09 Dec, 2023 | 02:24
Updated-27 May, 2025 | 15:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IBM Informix Dynamic Server buffer overflow

IBM Informix Dynamic Server 12.10 and 14.10 onsmsync is vulnerable to a heap buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 250753.

Action-Not Available
Vendor-IBM Corporation
Product-informix_dynamic_server_on_cloud_pak_for_datainformix_dynamic_serverInformix Dynamic Server
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-37031
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.6||HIGH
EPSS-0.02% / 4.01%
||
7 Day CHG~0.00%
Published-30 Jan, 2026 | 22:07
Updated-04 Feb, 2026 | 16:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Simple Startup Manager 1.17 - 'File' Local Buffer Overflow

Simple Startup Manager 1.17 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting memory through the 'File' input parameter. Attackers can craft a malicious payload with 268 bytes to trigger code execution, bypassing DEP and overwriting memory addresses to launch calc.exe.

Action-Not Available
Vendor-Ashkon Software
Product-Simple Startup Manager
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-21628
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.06% / 18.48%
||
7 Day CHG+0.01%
Published-06 Jun, 2023 | 07:39
Updated-02 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in WLAN HAL

Memory corruption in WLAN HAL while processing WMI-UTF command or FTM TLV1 command.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresnapdragon_850_mobile_compute_platform_firmwaremdm9640_firmwaresm6250p_firmwareipq4028_firmwareqca1023ar9380ipq8173_firmwareqcn5124mdm9645wcn3950_firmwaresc8180x\+sdx55sm4450_firmwareqca6595au_firmwaresa6155mdm8215home_hub_100_platformsd_455_firmwareapq8076qcs6125_firmwaresm4375wcn3998sc8180xp-adwcd9371_firmwarewcn3950qcn6024_firmwaresm4125immersive_home_316_platform_firmwaresm6375_firmwarewcn3660bsd460_firmwaresm4250-aasnapdragon_636_mobile_platformwcn3998_firmwareqca8081_firmwareqca6420qca9986snapdragon_auto_5g_modem-rf_firmwareipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwareipq8072_firmwaresc8180xp-aa_firmwareqca0000sa8155_firmwarerobotics_rb3_platform_firmwareipq8068qca6430snapdragon_630_mobile_platformwcd9340snapdragon_808_processorqca6698aq_firmwaresnapdragon_808_processor_firmwarewcn685x-1_firmwaremdm9250_firmwareqca9888_firmwareqcn6122sm8150_firmwaresnapdragon_810_processor_firmwareqca6696_firmwarewcd9371sc8180x-abqcn5154_firmwaremdm8215_firmwaresm4350_firmwaresd_8cxsa8150pqca9992_firmwaresd660sm7225_firmwaresd660_firmwareqcn5121qcn5022_firmwarewcn6750_firmwareqcn7606_firmwaresm6125_firmwareimmersive_home_216_platform_firmwareqca4010_firmwaresnapdragon_675_mobile_platform_firmwareqca6428_firmwaresm6375qca9985_firmwarewcn3991ipq4018_firmwareqca4531_firmwareqca9980_firmwareipq8078ipq8173sd670_firmwareqca6574csr8811_firmwarewcd9380qcs410qcn5024qca9379_firmwaresc8180xp-ad_firmwareqca9985qcn9012_firmwareipq6018_firmwareqcm4325_firmwarewcd9340_firmwarewsa8815sm6150-ac_firmwareqca6584_firmwaresnapdragon_630_mobile_platform_firmwaremdm9215_firmwareipq6028ipq8064sd835snapdragon_821_mobile_platformqca1990wcn3980_firmwaresd730sc7180-ac_firmwaresm6350qcn5064_firmwareqcs4490_firmwareapq8064au_firmwareipq8078_firmwareqcn5054qca9994sm6350_firmwareqca9980sd670qcn9024_firmwareipq8174_firmwaresmart_audio_200_platform_firmwareqcm4290_firmwareqcn7605_firmwaresw5100p_firmwareqcs610_firmwaresa6145pqca9886_firmwarear8031immersive_home_214_platformqca1023_firmwaresd820_firmwareqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresdx55qcn5021_firmwarecsra6640snapdragon_x20_lte_modemqca9379sa4155pqcn7606wsa8830qca9561sdm712_firmwaresnapdragon_850_mobile_compute_platformsnapdragon_x24_lte_modem_firmwarecsrb31024mdm9628_firmwaremdm9650qca9992qcs4290snapdragon_x20_lte_modem_firmwaremdm9250qca6420_firmwaresc7180-acsnapdragon_auto_4g_modem_firmwaremdm9310_firmwaresd675_firmwareipq8072qca6564wcn3990_firmwareqca9984_firmwareqca9377qca4531wcd9385_firmwarewcd9326_firmwarewcn3615_firmwareipq8074aqca9982apq8094sa8155snapdragon_x55_5g_modem-rf_systemqca6584snapdragon_835_mobile_pc_platform_firmwareqcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwaresm7250p_firmwarewcn3610_firmwareqca6584auqfe1952sm6225ipq8174qcn5052qca9367apq8092wcn3988_firmwareqcn9074sm7250-aasa8195psxr1120sdm710_firmwaresm4375_firmwarewcd9326wcd9335qca9982_firmwareqcm4490qcn6023qcs4290_firmwaresm7150-abqca6390qca9898_firmwarewcd9375aqt1000sc8180x\+sdx55_firmwaresm6250_firmwaresnapdragon_662_mobile_platformapq8092_firmwareipq5010_firmwareipq8074a_firmwaresm8150wsa8815_firmwaresnapdragon_636_mobile_platform_firmwareapq8017sxr1120_firmwareqcm6125_firmwaresnapdragon_x5_lte_modemqca9882qca6595ipq8065_firmwareqcn5154qca8075_firmwaresc8180xp-acsmart_audio_400_platformipq6005_firmwarewcn685x-5_firmwareqcn6132_firmwaresdm670_firmwareqca9888qca6310_firmwareapq8094_firmwareipq8070a_firmwaremdm9615qca6574_firmwareqca9886qca6175aqca6574a_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaremdm9310snapdragon_auto_4g_modemcsrb31024_firmwarewsa8832_firmwaresnapdragon_xr1_platformqcn9070_firmwarewcn685x-5ipq6028_firmwareipq8072a_firmwareqca9531sc8180xp-af_firmwareqca9889_firmwareqcn5122mdm9645_firmwaresdx20m_firmwaresm7250-aa_firmwaresc8180x-aa_firmwaresm8150-ac_firmwareqcn5022sc8180x-aaqca6564_firmwaresc8180x-af_firmwaresm6150-acsnapdragon_x50_5g_modem-rf_systemqca8075qcn6024qcn9022mdm9615_firmwareipq6000_firmwareqcs410_firmwareqca6175a_firmwaresdm660_firmwaresa6150p_firmwareqcs610qcn5550sc8180x-ab_firmwarewcd9360_firmwaresnapdragon_820_automotive_platform_firmwareqca9561_firmwareqca4024_firmwareimmersive_home_318_platform_firmwareipq8078aipq5028_firmwaresa8150p_firmwareqcs2290qca6335sdm712qcn5064sdm670csra6620_firmwaresd_675_firmwarecsra6640_firmwarewcn685x-1qca6554a_firmwareipq8076amdm9628sm7150-acqca6428qca6574au_firmwareqcn5164_firmwareipq8071wcd9375_firmwaresa6155_firmwaresm6225-adwcd9360sdx20mqca6438_firmwaresc8180xp-afsmart_audio_400_platform_firmwarewcn3999sm6225-ad_firmwareipq5028qca7500ipq4029_firmwareqca6698aqqcs6125sa4155p_firmwareipq6010sd662_firmwaresm7250-ab_firmwarerobotics_rb3_platformqcn6132snapdragon_820_mobile_platformqca1990_firmwaresw5100home_hub_100_platform_firmwaresa6155pwcd9341ipq8068_firmwaresc8180xp-ab_firmwaresnapdragon_x12_lte_modemwcn3910_firmwareqfe1922wsa8830_firmwaresd855_firmwarewcn3988qca6438sm4250-aa_firmwaresa8195p_firmwareqca9898ipq4028wcn3610mdm9640wcd9380_firmwareipq8072aqca7500_firmwaresw5100pmsm8996au_firmwarewcd9330ipq8076a_firmwaresnapdragon_w5\+_gen_1_wearable_platformqca6564auqcn5164qca9558sc8180xp-aaqcn5054_firmwareipq4019_firmwaresm7150-aa_firmwaresc8180x-ac_firmwareqca6174qca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwaresm7225wcn3910qca6320mdm9650_firmwareqca9986_firmwaresm4450wcn3660b_firmwareqca9984sc8180x-adqcn9024qcn5550_firmwarewcd9330_firmwareipq8064_firmwaresm7150-aasnapdragon_820_automotive_platformsnapdragon_x50_5g_modem-rf_system_firmwaresm7125smart_audio_200_platformsd821_firmwaresnapdragon_652_mobile_platformar8031_firmwaresm7150-ab_firmwareipq8070sdm660qca9887_firmwaresdm710qca6564a_firmwareqca9880snapdragon_x24_lte_modemqcn5121_firmwaresc8180xp-ac_firmwarewsa8832snapdragon_810_processoripq6018qcs4490qca6595_firmwaresa8145pimmersive_home_214_platform_firmwaresm4350-ac_firmwaresa8155psd675qca9531_firmwarear8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwaresnapdragon_662_mobile_platform_firmwareqcn9070sa8145p_firmwaresm6125qcs2290_firmwarecsra6620qcn9072sm7250-ac_firmwareqca9880_firmwareqca6390_firmwareipq8069_firmwareipq6000qca6174_firmwaresd730_firmwarewcd9370qcn5152_firmwareqca0000_firmwareqca6584au_firmwareapq8076_firmwareqcn9000_firmwaresd_8cx_firmwareqcn7605immersive_home_216_platformimmersive_home_316_platformimmersive_home_318_platformsd662qcn5124_firmwareqfe1952_firmwareqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwaresm4350-acsnapdragon_w5\+_gen_1_wearable_platform_firmwareipq5010qca6564au_firmwaresa6155p_firmwareqca6310snapdragon_821_mobile_platform_firmwareqca9990snapdragon_x5_lte_modem_firmwaresd821vision_intelligence_300_platform_firmwaresa6145p_firmwaresm6250apq8017_firmwarewsa8810_firmwarevision_intelligence_400_platformsc7180-adqca4010sg4150pqca8081ipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385snapdragon_x12_lte_modem_firmwaresc8180x-acar8035csr8811apq8064auipq4019qcn9100_firmwarevision_intelligence_400_platform_firmwaresd820wsa8835_firmwareqca6564asa4150psg4150p_firmwareqcm4325qcm2290_firmwaresnapdragon_845_mobile_platformwcn3990qcn9000sd_675qca6554aar9380_firmwaresnapdragon_835_mobile_pc_platformsm8150-acqcn9012qca9558_firmwareqcn6122_firmwarewsa8835msm8996ausc7180-ad_firmwaresnapdragon_auto_5g_modem-rfsm6250pipq4018qca6574aqca9889qca6174asc8180x-afipq8074wcn6750qca9994_firmwareipq8076_firmwaresm7150-ac_firmwaresm7250-absd855sm4125_firmwareipq8076qfe1922_firmwareqca9887qcn5021ipq8069qcn5152vision_intelligence_300_platformsd460qca6391ipq6005aqt1000_firmwareqcn9100qcm4490_firmwaresnapdragon_845_mobile_platform_firmwareqcm4290qca9882_firmwaremdm9215sd_455sm6225_firmwareipq8074_firmwareqca6574ausa8155p_firmwarewcd9341_firmwareqcm6125wsa8810sm7250-acwcn3680bsd835_firmwaresnapdragon_675_mobile_platformipq6010_firmwareqca6696sm4350sm7125_firmwaresa6150psc8180xp-abqcn9022_firmwareqca9990_firmwareipq8070asnapdragon_652_mobile_platform_firmwaresc8180x-ad_firmwareqcn9072_firmwaresnapdragon_820_mobile_platform_firmwaresm7250pipq8071_firmwareqcn9074_firmwaresw5100_firmwareipq4029snapdragon_xr1_platform_firmwareSnapdragon
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-20721
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-8.4||HIGH
EPSS-0.01% / 1.06%
||
7 Day CHG~0.00%
Published-15 May, 2023 | 00:00
Updated-24 Jan, 2025 | 15:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In isp, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07162155; Issue ID: ALPS07162155.

Action-Not Available
Vendor-yoctoprojectGoogle LLCMediaTek Inc.
Product-mt6895mt6983mt8673androidmt8395yoctomt8195mt6879MT6879, MT6895, MT6983, MT8195, MT8395, MT8673
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-20
Improper Input Validation
CVE-2021-1886
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 11.54%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:30
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055mdm9640_firmwaresm6250p_firmwaresa6150p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwarewcn3950_firmwaresc8180x\+sdx55sa8150p_firmwareqcs2290qca6595au_firmwaresa6155msm8917sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresd632sa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gwcn3660bsd450_firmwareqsm8350_firmwareqsm8350sd460_firmwareqca4020qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaresa6155_firmwareqca6420apq8053_firmwarewcd9360wcn3999qcs6125sa8155_firmwareqca4004_firmwaresd662_firmwareqcs405qca6430wcd9306_firmwaresd765gqualcomm215_firmwarefsm10056_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwaremsm8937wcn3660_firmwaremdm9655qca6696_firmwarepm8937_firmwareqca6431wcd9371sd870_firmwaresd750gwcn3910_firmwaresd_8cxsa8150pqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwaresa8195p_firmwarewcn6750_firmwaresd450wcn3610mdm9640wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wmsm8996au_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6430_firmwarewcd9335_firmwaresd439_firmwareqcs605wcn6850sd7cwcn3910qca6320msm8937_firmwaremdm9650_firmwaresd_8c_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835sd730sdx55mqca6421_firmwarewcn6740_firmwaremsm8953sd821_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwarewcn3680_firmwareqca6234wcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareqca6694au_firmwareqcm4290_firmwaresd480sd870wcn6855qcs610_firmwareqsm8250sa6145psdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145psdm630_firmwaremdm9205_firmwareqca6391_firmwaresd820_firmwarewcd9370_firmwaresd780g_firmwaresdx55apq8053sa8155pcsra6640sd675sd439wcn3660qca9379qca6234_firmwarear8035_firmwareqsm8250_firmwareqcm2290wcn3991_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarefsm10056sd7c_firmwarecsrb31024mdm9650sd_636csra6620fsm10055_firmwareqcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426qca6584au_firmwareqca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3615_firmwaresd662apq8037sa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwarewcd9306qca6584ausd778gqca6564au_firmwaresa6155p_firmwarepm8937sa515m_firmwaresd429sdxr2_5gsdm630sd821mdm9655_firmwaresa415m_firmwarewcn3988_firmwaresd429_firmwaresa6145p_firmwareqca6421sd778g_firmwaresm6250sd712_firmwaresa8195papq8017_firmwareqca6694sd765_firmwarewcd9335qca6174a_firmwareqcs4290_firmwarewcd9385qca6390wcd9375sd750g_firmwareaqt1000ar8035apq8064ausm6250_firmwaresc8180x\+sdx55_firmwareqca6694_firmwaremsm8953_firmwareqca6694ausda429wmsm8917_firmwarewcn3620_firmwaresd820sd888_5g_firmwarewcn6850_firmwarewsa8835_firmwarewcn3620apq8017qca6564aqcm6125_firmwareqcm2290_firmwaresd_675sd780gsd865_5gqca6595sdx24wsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca6574awcn6855_firmwareqca6174asm7325pwcn6750mdm9205sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665qca6175asd765qca6574a_firmwaresd768g_firmwaresd850_firmwaresd460qca6391sdxr1_firmwareaqt1000_firmwaremsm8920qcm4290csrb31024_firmwaresdx50msd480_firmwaremsm8920_firmwaresd_455qca6574ausa8155p_firmwareqcm6125wcn6856sd_8cwcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sa6150pmsm8940apq8096au_firmwareapq8037_firmwaresm7250psd720g_firmwareqcs410_firmwareqca6175a_firmwaresd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-1890
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 11.54%
||
7 Day CHG~0.00%
Published-13 Jul, 2021 | 05:30
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwarefsm10055mdm9640_firmwaresm6250p_firmwaresa6150p_firmwareqcs610qca8337qca6431_firmwarewcd9360_firmwarewcn3950_firmwaresc8180x\+sdx55sa8150p_firmwareqcs2290qca6595au_firmwaresa6155msm8917sd_455_firmwarecsra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqcs6125_firmwaresd632sa415mwcn3998wcd9371_firmwarewcn3950sm4125sd720gwcn3660bsd450_firmwareqsm8350_firmwareqsm8350sd460_firmwareqca4020qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaresa6155_firmwareqca6420apq8053_firmwarewcd9360wcn3999qcs6125sa8155_firmwareqca4004_firmwaresd662_firmwareqcs405qca6430wcd9306_firmwaresd765gqualcomm215_firmwarefsm10056_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwaremsm8937wcn3660_firmwaremdm9655qca6696_firmwarepm8937_firmwareqca6431wcd9371sd870_firmwaresd750gwcn3910_firmwaresd_8cxsa8150pqca4004wsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwaresd712wcn3988sd660_firmwaresa8195p_firmwarewcn6750_firmwaresd450wcn3610mdm9640wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwaresdm429wmsm8996au_firmwareqca6564ausdx55m_firmwarewcn6856_firmwaremsm8940_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwaresdx24_firmwareqca6430_firmwarewcd9335_firmwaresd439_firmwareqcs605wcn6850sd7cwcn3910qca6320msm8937_firmwaremdm9650_firmwaresd_8c_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835sd730sdx55mqca6421_firmwarewcn6740_firmwaremsm8953sd821_firmwaresd678_firmwareapq8064au_firmwarear8031_firmwarewcn3680_firmwareqca6234wcn6851_firmwareqcs603sd670sd_636_firmwareqca6564a_firmwareqca6694au_firmwareqcm4290_firmwaresd480sd870wcn6855qcs610_firmwareqsm8250sa6145psdxr1ar8031apq8096auqca6595_firmwareqcs405_firmwaresa8145psdm630_firmwaremdm9205_firmwareqca6391_firmwaresd820_firmwarewcd9370_firmwaresd780g_firmwaresdx55apq8053sa8155pcsra6640sd675sd439wcn3660qca9379qca6234_firmwarear8035_firmwareqsm8250_firmwareqcm2290wcn3991_firmwarewsa8830sd678sa8145p_firmwareqcs2290_firmwarefsm10056sd7c_firmwarecsrb31024mdm9650sd_636csra6620fsm10055_firmwareqcs4290sd765g_firmwareqca6420_firmwareqca6390_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426qca6584au_firmwareqca9377sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3615_firmwaresd662apq8037sa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwarewcn3615qca6595auwcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwarewcd9306qca6584ausd778gqca6564au_firmwaresa6155p_firmwarepm8937sa515m_firmwaresd429sdxr2_5gsdm630sd821mdm9655_firmwaresa415m_firmwarewcn3988_firmwaresd429_firmwaresa6145p_firmwareqca6421sd778g_firmwaresm6250sd712_firmwaresa8195papq8017_firmwareqca6694sd765_firmwarewcd9335qca6174a_firmwareqcs4290_firmwarewcd9385qca6390wcd9375sd750g_firmwareaqt1000ar8035apq8064ausm6250_firmwaresc8180x\+sdx55_firmwareqca6694_firmwaremsm8953_firmwareqca6694ausda429wmsm8917_firmwarewcn3620_firmwaresd820sd888_5g_firmwarewcn6850_firmwarewsa8835_firmwarewcn3620apq8017qca6564aqcm6125_firmwareqcm2290_firmwaresd_675sd780gsd865_5gqca6595sdx24wsa8835msm8996ausdm429w_firmwaresd665_firmwaresd888_5gsm6250pqca6574awcn6855_firmwareqca6174asm7325pwcn6750mdm9205sa515mqca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd665qca6175asd765qca6574a_firmwaresd768g_firmwaresd850_firmwaresd460qca6391sdxr1_firmwareaqt1000_firmwaremsm8920qcm4290csrb31024_firmwaresdx50msd480_firmwaremsm8920_firmwaresd_455qca6574ausa8155p_firmwareqcm6125wcn6856sd_8cwcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sa6150pmsm8940apq8096au_firmwareapq8037_firmwaresm7250psd720g_firmwareqcs410_firmwareqca6175a_firmwaresd850Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-20029
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-8.4||HIGH
EPSS-0.02% / 3.97%
||
7 Day CHG~0.00%
Published-04 Mar, 2024 | 02:43
Updated-22 Apr, 2025 | 19:53
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In wlan firmware, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08477406; Issue ID: MSV-1010.

Action-Not Available
Vendor-MediaTek Inc.Google LLC
Product-mt6989androidmt8796mt8678mt6985MT6985, MT6989, MT8678, MT8796mt6985androidmt6989mt8796mt8678
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-0018
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.4||HIGH
EPSS-0.03% / 6.83%
||
7 Day CHG~0.00%
Published-16 Feb, 2024 | 19:33
Updated-16 Dec, 2024 | 19:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In convertYUV420Planar16ToY410 of ColorConverter.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-52755
Matching Score-4
Assigner-kernel.org
ShareView Details
Matching Score-4
Assigner-kernel.org
CVSS Score-8.4||HIGH
EPSS-0.68% / 71.29%
||
7 Day CHG~0.00%
Published-21 May, 2024 | 15:30
Updated-04 May, 2025 | 07:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ksmbd: fix slab out of bounds write in smb_inherit_dacl()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab out of bounds write in smb_inherit_dacl() slab out-of-bounds write is caused by that offsets is bigger than pntsd allocation size. This patch add the check to validate 3 offsets using allocation size.

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-Linuxlinux_kernel
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-22084
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.11% / 29.68%
||
7 Day CHG~0.00%
Published-14 Jun, 2022 | 09:40
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption when extracting qcp audio file due to lack of check on data length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresm6250p_firmwareqcs610sdx65wcn3950_firmwareqcs2290qca6595au_firmwaresa6155qca6335msm8917csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwaresd632wcn3998wcd9371_firmwarewcn3950sm4125mdm9628sd720gmdm9206_firmwaresd_8_gen1_5g_firmwarewcn3660bsd450_firmwaresd710_firmwaresd460_firmwareqca4020sm7315_firmwarewcn7850qca6574au_firmwarewcd9375_firmwarewcn3998_firmwaresa6155_firmwaremsm8909wapq8009w_firmwareqca6420apq8053_firmwaresm7450_firmwaresd680_firmwareqca9367_firmwarewcn3999sa8155_firmwaresd662_firmwareqcs405qca6430wcd9340qualcomm215_firmwaresd765gsw5100qca4020_firmwareqca6436sd680sa6155pwcn6851qcs603_firmwarewcn7851_firmwaremsm8937mdm9250_firmwarewcn3660_firmwarewcd9341pm8937_firmwareqca6696_firmwarewcd9371sd750gsd870_firmwarewcn3910_firmwarewsa8830_firmwaresd855_firmwaresd660sd865_5g_firmwarewcn3988sd660_firmwarewcn7850_firmwaresa8195p_firmwaresm8475wcn6750_firmwaresd450wcn3610wcn3991wcd9380_firmwaresdm429wmsm8996au_firmwaresw5100pwcd9330qca6564ausdx55m_firmwarewcn6856_firmwaresd670_firmwareqca6574sd632_firmwarewcd9380qualcomm215qcs410sd690_5g_firmwaresdx50m_firmwareqca9379_firmwareqca6430_firmwarewcd9335_firmwarewcn3980sd439_firmwareqca6335_firmwareqcs605wcd9340_firmwarewsa8815wcn6850wcn3910qca6320msm8937_firmwaremdm9650_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680sd835wcn3980_firmwaresd730wcd9330_firmwaresdx55msm8475_firmwarewcn6740_firmwaremsm8953sd678_firmwarear8031_firmwarewcn3680_firmwarewcn6851_firmwareqcs603sd_636_firmwaresd670qca6564a_firmwareapq8009wqcm4290_firmwaresd480sd870wcn6855wsa8832sw5100p_firmwareqcs610_firmwaresa6145psdxr1apq8096auar8031qcs405_firmwaresdm630_firmwaresd820_firmwareqca6391_firmwaresd780g_firmwarewcd9370_firmwaresdx55sd888_firmwareapq8053sa8155pcsra6640sd675sd439wcn3660sm8475p_firmwareqca9379qcm2290wcn3991_firmwarewsa8830sd678qcs2290_firmwaremdm9628_firmwaremdm9650sd_636csra6620qcs4290mdm9250sd765g_firmwareqca6420_firmwareqca6390_firmwareapq8009_firmwaresd690_5gsd730_firmwarewcd9370sd675_firmwareqca6564qca6426wcn3990_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwaresd662sa8155qca6320_firmwarewcn3680b_firmwaresdx55_firmwareqca6595auwcn3615wcn3999_firmwaresm7250p_firmwarewcn3610_firmwareqca6436_firmwareqca6564au_firmwaresd778gsa6155p_firmwareqca6310pm8937wcn7851qcs6490sd429sdxr2_5gqca9367sdm630mdm9607_firmwarewcn3988_firmwaresa6145p_firmwaresd429_firmwaresm6250sd778g_firmwaresa8195papq8017_firmwarewsa8810_firmwaresd765_firmwarewcd9326wcd9335qca6174a_firmwareqcs4290_firmwarewcd9385qcs6490_firmwareqca6390wcd9375sd750g_firmwareaqt1000sm6250_firmwaremsm8953_firmwaremsm8917_firmwarewcn3620_firmwaresd820qcm6490sd888_5g_firmwarewsa8835_firmwaresdx20_firmwarewcn3620wcn6850_firmwarewsa8815_firmwaresm7450apq8017qca6564aqcm2290_firmwarewcn3990sd_675sd780gsd865_5gsd888msm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd888_5gsm6250pqca6574amdm9206wcn6855_firmwareqca6174asm7325pqca6310_firmwarewcn6750qca6574_firmwaresd855sm4125_firmwaresm7325p_firmwaresd765qca6574a_firmwaresd768g_firmwaresm7315apq8009qca6391sd460sdxr1_firmwareaqt1000_firmwaresdx65_firmwaremdm9626qcm4290qcm6490_firmwaresdx50mwsa8832_firmwaresdx20sd480_firmwaremdm9626_firmwareqca6574ausa8155p_firmwaresd710mdm9607wcd9341_firmwarewsa8810wcn6856wcn3680bsd835_firmwareqca6564_firmwaresd768gwcn6740qca6696sd845_firmwaresdw2500apq8096au_firmwaresd845sm7250psd720g_firmwaresw5100_firmwareqcs410_firmwaresm8475pSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-11267
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.04% / 13.02%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 06:20
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Stack out-of-bounds write occurs while setting up a cipher device if the provided IV length exceeds the max limit value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaremdm9640_firmwaresm6250p_firmwareipq4028_firmwareqca8337ar9380ipq8173_firmwareqcn5124wcn3950_firmwareqca6595au_firmwaresa6155sd_455_firmwareapq8076qcs6125_firmwaresa415mwcn3998wcd9371_firmwarewcn3950qcn6024_firmwaresd720gsm4125mdm9206_firmwareqsw8573_firmwarewcn3660bsd450_firmwaresd460_firmwaremdm9230_firmwareqca8081_firmwarewcn3998_firmwareapq8009w_firmwareqca6420apq8053_firmwareqca9986ipq8070_firmwareqca9367_firmwareipq8065ipq8078a_firmwareipq8072_firmwaresa8155_firmwareipq8068qca6430wcd9306_firmwarewcd9340sdm830_firmwaresd765gmdm9250_firmwareqca9888_firmwareqca6696_firmwarewcd9371sd870_firmwareqcn5154_firmwaresd_8cxqcn5501_firmwaresa8150par7420_firmwaremdm9330_firmwareqca9992_firmwaresd660sd865_5g_firmwaresd660_firmwareqcn5121qcn5022_firmwarewcn6750_firmwaresd450qca6428_firmwareqca9985_firmwarewcn3991ipq4018_firmwareqca9980_firmwaresdm429wipq8078sdx55m_firmwareipq8173sd670_firmwareqca6574sd632_firmwarecsr8811_firmwarewcd9380qualcomm215qcs410qcn5024sd690_5g_firmwareqca9379_firmwaresdx24_firmwareqca9985qcn9012_firmwaresd439_firmwareipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqca6584_firmwaremsm8937_firmwaresd_8c_firmwareipq6028ipq8064sd835pmp8074wcn3980_firmwaresd730wcn6740_firmwareqcn5064_firmwaresd678_firmwareapq8064au_firmwareipq8078_firmwareqcn5054qcs603qca9994qca9980sd670qcn9024_firmwareipq8174_firmwareapq8009wqcm4290_firmwarewcn6855qcs610_firmwaresa6145pqca9886_firmwarear8031sdm630_firmwaresd820_firmwareqca6391_firmwareqca4024wcd9370_firmwaresdx55apq8053qcn5021_firmwarecsra6640wcn3660qca9379qcn5500wsa8830qca9561csrb31024qca9563_firmwaremdm9628_firmwaremdm9650sd_636fsm10055_firmwareqca9992qcs4290mdm9250qca6420_firmwareapq8009_firmwaresd690_5gsd675_firmwareipq8072qca6564qca6426wcn3990_firmwareqca9984_firmwareqca9377sdw2500_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcd9326_firmwarewcn3615_firmwareipq8074aqca9982sa8155qca6584qcn5122_firmwaresdx55_firmwarewcn3615qcn6023_firmwaresm7250p_firmwarewcn3610_firmwarewcd9306qca6584ausd778gqfe1952ipq8174sd429qcn5052qca9367sdm630mdm9607_firmwaresa415m_firmwarewcn3988_firmwareqcn9074sd205sd429_firmwareqca6421sd778g_firmwaresa8195pqca6694qca7550wcd9326wcd9335qca9982_firmwareqcn6023qcs4290_firmwareqca6390qca9898_firmwaresd750g_firmwareaqt1000wcd9375sm6250_firmwaremsm8917_firmwareipq5010_firmwareipq8074a_firmwaresd888_5g_firmwaresdx20_firmwarewsa8815_firmwareapq8017mdm9630_firmwareqcm6125_firmwareqca9882sd780gsd865_5gqca6595qca9896_firmwareipq8065_firmwaresd665_firmwareqcn5154qca8075_firmwareipq6005_firmwaremdm9206wcn6855_firmwareqca9888qca6310_firmwareipq8070a_firmwareqca6574_firmwareqca9886qcn5502_firmwaresm7325p_firmwaresd665sd765qca6574a_firmwareapq8009csrb31024_firmwareqcn9070_firmwaresd480_firmwareipq6028_firmwareipq8072a_firmwaremdm9626_firmwareqca9531qca9889_firmwaresd710mdm9607qcn5122sdx20m_firmwareqcn5022qca6564_firmwaresd768gwcn6740sdw2500qca8075apq8096au_firmwareqcn6024qcn9022sd845sdm830ipq6000_firmwareqcs410_firmwaremdm9330fsm10055sa6150p_firmwareqcs610qcn5550qca6431_firmwareqca9561_firmwareqca4024_firmwareipq8078asa8150p_firmwareqcs2290qca6335msm8917qcn5064csra6620_firmwareqcs605_firmwaresd_675_firmwarecsra6640_firmwareqca9987_firmwaresd632ipq8076amdm9628sd710_firmwareqca4020qca6428qca6574au_firmwareqcn5164_firmwareipq8071mdm9630wcd9375_firmwaresa6155_firmwaremsm8909wsdx20mqca6438_firmwarewcn3999qca7500ipq4029_firmwareqcs6125ipq6010sd662_firmwareqcs405qualcomm215_firmwarefsm10056_firmwareqca4020_firmwareqca6436wcn6851qcn3018_firmwaresa6155pqcs603_firmwaremsm8937wcn3660_firmwarewcd9341ipq8068_firmwarepm8937_firmwareqca6431sd750gqca9988_firmwarewcn3910_firmwareqfe1922wsa8830_firmwaresd855_firmwarewcn3988qca6438sa8195p_firmwareqca9898ipq4028wcn3610mdm9640ipq5018_firmwareqca8337_firmwaresda429w_firmwarewcd9380_firmwareipq8072aqca7500_firmwarewcd9330msm8996au_firmwarecsr6030ipq8076a_firmwareqca7550_firmwareqca6564auipq4029wcn6856_firmwareqcn5164qca9558qet4101_firmwareqca7520_firmwaremdm9230qcn5054_firmwareipq4019_firmwaresdx50m_firmwareqca8072_firmwareqca6174qca6430_firmwareqcn5052_firmwarewcd9335_firmwarewcn3980qca6335_firmwareqsw8573qcs605wcn3910qca6320mdm9650_firmwareqca9986_firmwareqca6426_firmwarewcn3660b_firmwarewcn3680qca9984qcn9024qcn5550_firmwarewcd9330_firmwaresdx55mipq8064_firmwareqca6421_firmwaremsm8953ar8031_firmwarewcn3680_firmwarewcn6851_firmwareipq8070qcn5502qca9887_firmwaresd_636_firmwareqca6564a_firmwareqca9880sd480sd870qcn5121_firmwaresd210_firmwareipq6018qcn3018sdxr1apq8096auqca6595_firmwareqcs405_firmwaresa8145psd780g_firmwaresd888_firmwaresa8155psd675sd439qet4101qca9531_firmwarear8035_firmwareqcm2290qcn5024_firmwarewcn3991_firmwaresd678qcn9070sa8145p_firmwareqca7520qcs2290_firmwarefsm10056csra6620qca9987qcn9072qca9880_firmwaresd765g_firmwareipq8069_firmwareqca6390_firmwareipq6000qca6174_firmwaresd730_firmwarewcd9370qcn5152_firmwareqca6584au_firmwareapq8076_firmwareqcn9000_firmwareipq5018sd_8cx_firmwareqca9563sd662qcn5124_firmwareqfe1952_firmwareqca6320_firmwarewcn3680b_firmwareqca6595auwcn3999_firmwareqca6436_firmwareipq5010qca6564au_firmwaresa6155p_firmwareqca6310pm8937sa515m_firmwareqca9990sdxr2_5gqcn5501sa6145p_firmwaresm6250apq8017_firmwarewsa8810_firmwaresd765_firmwareqca8081ipq8071aqca6174a_firmwareipq8071a_firmwarewcd9385ar8035csr8811apq8064auipq4019qca6694_firmwaremsm8953_firmwareqcn9100_firmwaresda429wsd210wcn3620_firmwaresd820wcn6850_firmwarewsa8835_firmwarewcn3620csr6030_firmwareqca6564aqca9988qca8072qcm2290_firmwarewcn3990qcn9000sd_675ar9380_firmwaresdx24qcn9012sd888qca9558_firmwaremsm8909w_firmwarewsa8835msm8996ausdm429w_firmwaresd888_5gsm6250pipq4018qca6574aqca9889qca6174asm7325pipq8074qca9994_firmwarewcn6750ipq8076_firmwaresa515mar7420sd855sm4125_firmwareipq8076qfe1922_firmwareqca9887qcn5021ipq8069qcn5152sd768g_firmwaresd460qca6391sdxr1_firmwareipq6005aqt1000_firmwareqcn9100mdm9626qcm4290sdx50mqca9882_firmwaresdx20sd_455ipq8074_firmwareqca6574ausa8155p_firmwaresd205_firmwarewcd9341_firmwareqcm6125wsa8810qcn5500_firmwarewcn6856sd_8cwcn3680bsd835_firmwareipq6010_firmwareqca6696sd845_firmwaresa6150pqcn9022_firmwareqca9990_firmwareipq8070aqcn9072_firmwaresm7250psd720g_firmwareipq8071_firmwareqcn9074_firmwareqca9896Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found