Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-6564

Summary
Assigner-ASRG
Assigner Org ID-c15abc07-96a9-4d11-a503-5d621bfe42ba
Published At-08 Jul, 2024 | 15:18
Updated At-01 Aug, 2024 | 21:41
Rejected At-
Credits

Buffer overflow in Rensas RCAR

Buffer overflow in "rcar_dev_init" due to using due to using untrusted data (rcar_image_number) as a loop counter before verifying it against RCAR_MAX_BL3X_IMAGE. This could lead to a full bypass of secure boot.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:ASRG
Assigner Org ID:c15abc07-96a9-4d11-a503-5d621bfe42ba
Published At:08 Jul, 2024 | 15:18
Updated At:01 Aug, 2024 | 21:41
Rejected At:
▼CVE Numbering Authority (CNA)
Buffer overflow in Rensas RCAR

Buffer overflow in "rcar_dev_init" due to using due to using untrusted data (rcar_image_number) as a loop counter before verifying it against RCAR_MAX_BL3X_IMAGE. This could lead to a full bypass of secure boot.

Affected Products
Vendor
Renesas
Product
rcar_gen3_v2.5
Package Name
arm-trusted-firmware
Repo
https://github.com/renesas-rcar/arm-trusted-firmware/
Program Files
  • https://github.com/renesas-rcar/arm-trusted-firmware/blob/rcar_gen3_v2.5/drivers/renesas/common/io/io_rcar.c
Default Status
unaffected
Versions
Affected
  • From c2f286820471ed276c57e603762bd831873e5a17 through c9fb3558410032d2660c7f3b7d4b87dec09fe2f2 (git)
Problem Types
TypeCWE IDDescription
CWECWE-120CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Type: CWE
CWE ID: CWE-120
Description: CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
Metrics
VersionBase scoreBase severityVector
3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
CAPEC-100CAPEC-100 Overflow Buffers
CAPEC ID: CAPEC-100
Description: CAPEC-100 Overflow Buffers
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Tomer Fichman
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/renesas-rcar/arm-trusted-firmware/commit/c9fb3558410032d2660c7f3b7d4b87dec09fe2f2
N/A
https://asrg.io/security-advisories/cve-2024-6564/
third-party-advisory
Hyperlink: https://github.com/renesas-rcar/arm-trusted-firmware/commit/c9fb3558410032d2660c7f3b7d4b87dec09fe2f2
Resource: N/A
Hyperlink: https://asrg.io/security-advisories/cve-2024-6564/
Resource:
third-party-advisory
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Vendor
renesas
Product
rcar_gen3_v2.5
CPEs
  • cpe:2.3:a:renesas:rcar_gen3_v2.5:*:*:*:*:*:*:*:*
Default Status
unknown
Versions
Affected
  • From c2f286820471ed276c57e603762bd831873e5a17 through c9fb3558410032d2660c7f3b7d4b87dec09fe2f2 (custom)
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://github.com/renesas-rcar/arm-trusted-firmware/commit/c9fb3558410032d2660c7f3b7d4b87dec09fe2f2
x_transferred
https://asrg.io/security-advisories/cve-2024-6564/
third-party-advisory
x_transferred
Hyperlink: https://github.com/renesas-rcar/arm-trusted-firmware/commit/c9fb3558410032d2660c7f3b7d4b87dec09fe2f2
Resource:
x_transferred
Hyperlink: https://asrg.io/security-advisories/cve-2024-6564/
Resource:
third-party-advisory
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@asrg.io
Published At:08 Jul, 2024 | 16:15
Updated At:22 Aug, 2024 | 15:52

Buffer overflow in "rcar_dev_init" due to using due to using untrusted data (rcar_image_number) as a loop counter before verifying it against RCAR_MAX_BL3X_IMAGE. This could lead to a full bypass of secure boot.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Secondary3.16.7MEDIUM
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 6.7
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
CPE Matches
renesas
renesas
>>arm-trusted-firmware>>-
cpe:2.3:o:renesas:arm-trusted-firmware:-:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-120Primarynvd@nist.gov
CWE-120Secondarycve@asrg.io
CWE ID: CWE-120
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-120
Type: Secondary
Source: cve@asrg.io
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://asrg.io/security-advisories/cve-2024-6564/cve@asrg.io
Third Party Advisory
https://github.com/renesas-rcar/arm-trusted-firmware/commit/c9fb3558410032d2660c7f3b7d4b87dec09fe2f2cve@asrg.io
Patch
Hyperlink: https://asrg.io/security-advisories/cve-2024-6564/
Source: cve@asrg.io
Resource:
Third Party Advisory
Hyperlink: https://github.com/renesas-rcar/arm-trusted-firmware/commit/c9fb3558410032d2660c7f3b7d4b87dec09fe2f2
Source: cve@asrg.io
Resource:
Patch

Change History

0
Information is not available yet

Similar CVEs

88Records found
CVE-2021-25467
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-5.3||MEDIUM
EPSS-0.02% / 2.67%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:07
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Assuming system privilege is gained, possible buffer overflow vulnerabilities in the Vision DSP kernel driver prior to SMR Oct-2021 Release 1 allows privilege escalation to Root by hijacking loaded library.

Action-Not Available
Vendor-Google LLCSamsungSamsung Electronics
Product-androidexynos_9830exynos_980exynos_2100Samsung Mobile Devices
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-1961
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-1.15% / 77.58%
||
7 Day CHG~0.00%
Published-09 Sep, 2021 | 07:36
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of offset length check while updating the buffer value in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055qca9377_firmwaremdm9150_firmwarewcn3991_firmwaresm7250mdm9640_firmwaresa6150p_firmwaresa8145p_firmwareqcs610wsa8830fsm10056qca8337sm7250_firmwareqca6431_firmwaremdm9650csra6620fsm10055_firmwarewcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwareapq8009_firmwaresa6155sd690_5gwcd9370csra6620_firmwareqcs605_firmwarecsra6640_firmwareqcs6125_firmwareqca6426qca6584au_firmwarewcn3990_firmwareqca9377wcn3998sd_8cx_firmwarewcd9385_firmwaresdxr2_5g_firmwarewcn3950wcd9326_firmwarewcn3615_firmwaremdm9206_firmwarewcn3660bsd662sd460_firmwaresa8155qca6574au_firmwaresdx55_firmwarewcn3680b_firmwareqca6595ausa6155_firmwaresdx12_firmwarewcd9375_firmwarewcn3615wcn3998_firmwarewcn3610_firmwareqca6420qca6436_firmwareapq8053_firmwareqca6564au_firmwareqca6584ausa6155p_firmwareqca9367_firmwaresd778gwcn3999qrb5165_firmwaresdxr2_5gqca9367qcs6125sa8155_firmwaresd662_firmwareqcs405qca6430wcn3988_firmwaresa6145p_firmwaresd205qca6421sd778g_firmwarewcd9340sa8195pwsa8810_firmwarequalcomm215_firmwaresd765gsd765_firmwarefsm10056_firmwareqca6436wcd9326wcd9335sa6155pwcn6851qca6174a_firmwarewcd9385wcd9341qca6431qca6696_firmwaresd750gsd870_firmwarear8035qca6390sd_8cxaqt1000sa8150psd750g_firmwarewcd9375msm8953_firmwarewsa8830_firmwaresda429wsd210sd855_firmwaresd865_5g_firmwarewcn3620_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewcn3620wsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqca6564awcn6750_firmwarewcn3610qcm6125_firmwaremdm9640wcn3991qca8337_firmwaresda429w_firmwarewcd9380_firmwarewcn3990wcd9330msm8996au_firmwaresd780gsd865_5gqca6595qca6564ausdx55m_firmwarewcn6856_firmwarewsa8835qca6574msm8996ausd665_firmwarewcd9380sd888_5gwcn3999_firmwarequalcomm215qcs410qca6574asd690_5g_firmwaremdm9206wcn6855_firmwareqca6174asm7325qca6430_firmwarewcd9335_firmwarewcn3980wcn6750qca6574_firmwareqcs605wcd9340_firmwaresd855wsa8815wcn6850sd665mdm9650_firmwaresd_8c_firmwaresd765qca6426_firmwarewcn3660b_firmwarewcn3680qca6574a_firmwaresd768g_firmwarewcn3980_firmwareapq8009qca6391sd460sdx55mwcd9330_firmwareqca6421_firmwareaqt1000_firmwarewcn6740_firmwaremsm8953ar8031_firmwarewcn3680_firmwareqrb5165sd480_firmwarewcn6851_firmwareqca6574ausa8155p_firmwaresd205_firmwareqca6564a_firmwarewcd9341_firmwareqcm6125sd480sd870wsa8810wcn6855sd210_firmwareqcs610_firmwaremdm9150wcn6856qsm8250sd_8csa6145pwcn3680bsd768gapq8096auar8031qca6595_firmwareqcs405_firmwaresa8145pwcn6740qca6696qca6391_firmwaresd780g_firmwarewcd9370_firmwaresa6150psdx55apq8053apq8096au_firmwarecsra6640sa8155psdx12qcs410_firmwarear8035_firmwareqsm8250_firmwaresm7325_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-20624
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.65%
||
7 Day CHG~0.00%
Published-07 Mar, 2023 | 00:00
Updated-06 Mar, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In vow, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07628530; Issue ID: ALPS07628530.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6853androidmt6855mt8781mt6983mt6833mt6873mt6883mt8797mt6885mt6789mt8791mt6875mt6877mt6879mt8791tMT6789, MT6833, MT6853, MT6855, MT6873, MT6875, MT6877, MT6879, MT6883, MT6885, MT6983, MT8781, MT8791, MT8791T, MT8797
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-40137
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.05% / 13.26%
||
7 Day CHG~0.00%
Published-30 Jan, 2023 | 21:26
Updated-27 Mar, 2025 | 15:20
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow in the WMI SMI Handler in some Lenovo models may allow an attacker with local access and elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-ideacentre_m70t_gen_3ideacentre_aio_3-27itl6_firmwarethinkagile_hx5530thinksmart_core_device\thinkstation_p340_workstationideacentre_a340-22ick_all-in-oneideacentre_m80s_gen_3_firmwareideacentre_m920sv330-20icb_all-in-oneideacentre_aio_3-22ada05_firmwarev55t_gen_2_13acnthinkstation_p330_tiny_workstation_firmwareyta8900fthinkagile_hx2330thinkagile_mx3331-f_all-flashideacentre_m910s_firmwarethinkagile_vx3520-g__firmwareideacentre_m920qideacentre_m70a_gen_2ideacentre_5-14are05thinkstation_p350_workstationthinkstation_p520c_workstationideacentre_a340-24igm_all-in-one_firmwarethinkagile_hx2320_firmwarethinksystem_hr630x_firmwarethinkagile_vx_2u4nv530s-07icb_firmwarethinkagile_hx7820_firmwarev55t_gen_2_13acn_firmwarethinkagile_vx7320_n_thinkstation_p330_workstation_2nd_gen_firmwarethinkagile_vx_4u_firmwareideacentre_5-14iob6_firmwareideacentre_510a-15ickideacentre_aio_3-22itl6_firmwareideacentre_m75s-1_firmwarethinkserver_ts560_firmwareideacentre_aio_3-24ada6_firmwarelegion_t530-28icbideacentre_m90a_firmwarethinkserver_rd450_firmwareideacentre_5-14are05_firmwareideacentre_510s-07icb_firmwareideacentre_m70a_gen_2_firmwarethinkserver_sr588_firmwarev530-22icb_all-in-oneideacentre_m800_firmwareideacentre_m710s_firmwareideacentre_neo_50t_gen_3thinkagile_hx2320-e_firmwarethinkagile_hx3331thinkagile_vx3720__firmwarethinkserver_rd350g_firmwarethinkserver_sd350_firmwarethinkserver_ts150ideacentre_m80q_firmwareideacentre_neo_70t_gen_3_firmwareideacentre_aio_3-24itl6_firmwareideacentre_m70q_gen_2_firmwareideacentre_aio_3-24are05thinkagile_hx2321_firmwareqt_b415_firmwareideacentre_m70c_firmwareideacentre_m90s_gen_3_firmwareideacentre_m70a_gen_3yangtian_afq150_firmwareideacentre_m90q_gen_2_firmwarethinkagile_mx_1u_-_mx3321_h__firmwareideacentre_m800ideacentre_g5-14imb05ideacentre_m910xthinkagile_hx3376_firmwarethinksmart_core_\&_controller_kit\thinkagile_hx7821_firmwareideacentre_m70tthinkagile_mx_edge-_mx1020_thinkagile_vx_2u4n_firmwarelegion_t530-28aprthinkagile_hx2330_firmwareideacentre_mini_5-01imh05thinkagile_hx1321ideacentre_m710tthinkstation_p620_workstationthinkagile_mx-_all_flashthinkstation_p340_tiny_workstationthinkagile_mx3520_f-_all_flash__firmwareideacentre_g5-14amr05_firmwareideacentre_m70t_firmwarethinkagile_mx_1u_-_mx3321_h_thinkcentre_m6600t_firmwarethinkcentre_m8600s_firmwarethinksmart_hub_teamsthinkagile_hx3520-gideacentre_m80sideacentre_a340-22ast_all-in-onethinksmart_core_device_for_logitechideacentre_m80s_gen_3thinkagile_vx7820_legion_t5-26iob6_firmwareideacentre_m90av530-15icbideacentre_m910qv530-24icb_all-in-onethinkagile_hx5530_firmwarethinkcentre_e75sthinkserver_sd350thinkstation_p360_tiny_workstation_firmwareideacentre_aio_3-22iil5_firmwareideacentre_m75s_gen_2ideacentre_a340-22ast_all-in-one_firmwarelegion_t5-28icb05_firmwareideacentre_aio_3-22imb05_firmwareideacentre_m75q_gen_2_firmwareideacentre_m80t_firmwarethinkserver_rd350_firmwareideacentre_m90a_gen_3v520_firmwareideacentre_720-18aprlegion_t5-28icb05thinkagile_mx3530-h_hybrid_firmwarethinkagile_vx7520_n__firmwarethinkagile_hx1520-rideacentre_m715t_firmwarethinkagile_vx_1se_firmwarethinkcentre_m6600qthinkagile_mx1021ideacentre_3-07ada05_firmwarethinkagile_hx2331thinkagile_hx2320-ethinkagile_vx5530v50t-13iob_g2_firmwarethinkserver_sr860p_firmwarethinkserver_rd550_firmwareideacentre_m810z_all-in-oneideacentre_m710ethinkstation_p320_workstation_firmwarethinkagile_hx3376ideacentre_a340-22igm_all-in-onethinkagile_vx3530-gideacentre_m70s_gen_3ideacentre_g5-14imb05_firmwarethinkcentre_m6600tideacentre_m720e_firmwareideacentre_m910sthinkagile_hx7530_firmwarethinksmart_hub_500thinkagile_hx5520thinkagile_vx7530_firmwareideacentre_a340-24icb_all-in-oneideacentre_aio_3-24imb05_firmwareideacentre_m75t_gen_2_firmwarev530-15arrthinkagile_mx_1u_-_mx3321_f__firmwarethinkserver_ts450ideacentre_m70qideacentre_m920s_firmwareideacentre_m90t_firmwarethinkagile_hx3720thinkedge_se30_firmwarev530-15icrthinksystem_hr610xthinkagile_vx3330thinkagile_hx3331_firmwarethinkstation_p350_tiny_workstationideacentre_m720tv50a-24imbthinksystem_hr610x_firmwareideacentre_m70s_firmwareideacentre_m70cthinkagile_vx1320__firmwarelegion_t530-28apr_firmwareideacentre_neo_70t_gen_3thinkserver_ts550ideacentre_neo_50s_gen_3_firmwareideacentre_m75q-1legion_c530-19icbthinkagile_hx1331thinkagile_hx7521thinkagile_hx2320thinkcentre_m8600sthinkstation_p620_workstation_firmwareideacentre_aio_3-24ada6thinkserver_rd650thinkagile_vx_2u_firmwareideacentre_aio_3-27imb05thinkserver_rs160thinkstation_p348_workstation_firmwarethinkstation_p920_workstationthinkagile_mx3330-f_all-flashthinkagile_hx2321ideacentre_510s-07ickthinksystem_dx8200d_firmwarethinkagile_hx1320v530-22icb_all-in-one_firmwareideacentre_aio_3-22iil5thinkagile_hx1321_firmwarethinkagile_vx7520_n_ideacentre_m715s_firmwarev55t-15are_firmwarelegion_t5-26iob6ideacentre_m90t_gen_3_firmwareideacentre_m720t_firmwarethinkagile_hx1320_firmwareideacentre_a340-24iwl_all-in-oneideacentre_m910x_firmwarethinkagile_hx3521-glegion_t7-34imz5_firmwarethinkserver_ts150_firmwarev530-15icr_firmwareideacentre_m720eqt_m410thinkagile_vx2330thinkstation_p310_workstationthinksystem_hr650x_firmwarethinkserver_td350_firmwarev30a-24imlthinkserver_rd450thinkagile_mx3531_h_hybridideacentre_aio_3-27itl6ideacentre_aio_3-22ada6_firmwareideacentre_m90a_gen_3_firmwarethinkagile_vx5520_ideacentre_gaming_5_17acn7thinkstation_p320_tiny_workstation_firmwareideacentre_m70a_gen_3_firmwareideacentre_a340-22iwl_all-in-onethinkstation_p320_workstationideacentre_e96zideacentre_m75q_gen_2thinkstation_p348_workstationthinkserver_rd650_firmwareideacentre_t540-15ickqitian_a815thinkagile_hx7530ideacentre_m715q_2nd_genthinkagile_mx-_hybridideacentre_m80q_gen_3thinkedge_se30ideacentre_m920x_firmwareideacentre_m810z_all-in-one_firmwarethinkagile_hx1021_edgideacentre_m715sn4610_storage_firmwareideacentre_m90t_gen_3qt_b415thinkagile_hx7821thinkagile_hx5521_firmwarelegion_t7-34imz5ideacentre_m625qv30a-24iml_firmwareideacentre_aio_3-24are05_firmwarethinkstation_p520c_workstation_firmwareideacentre_m90q_tiny_firmwarethinkagile_vx3331ideacentre_m900xv520s_firmwareyoga_a940-27icb_all-in-one_firmwarethinkagile_hx5520-c_firmwareideacentre_m90a_gen_2ideacentre_m90q_gen_3ideacentre_m720q_firmwareideacentre_m75q-1_firmwarethinksystem_st58ideacentre_c5-14imb05thinkagile_mx-_all_flash_firmwarev50s-07imb_firmwareideacentre_m90a_gen_2_firmwareideacentre_aio_3-24itl6ideacentre_m920q_firmwaren4610_storageideacentre_m900_firmwarethinkcentre_m8600t_firmwarev30a-22iml_firmwarethinkagile_hx1521-rideacentre_m80qthinkserver_rd350gthinkagile_hx3320thinkserver_ts460ideacentre_m720sv55t-15apiideacentre_5-14imb05_firmwareideacentre_m60e_tinyideacentre_m80t_gen_3thinkstation_p320_tiny_workstationthinkagile_hx7531_firmwareyoga_a940-27icb_all-in-oneideacentre_m90q_gen_2thinkagile_mx3531-f_all-flashideacentre_m90s_firmwareideacentre_5-14acn6thinkagile_vx2330_firmwarethinkagile_vx3530-g_firmwareideacentre_3-07imb05thinkagile_vx3320_ideacentre_gaming_5-14acn6_firmwarethinkserver_sr860pideacentre_m70q_firmwarethinkserver_ts550_firmwareideacentre_m80tthinkserver_rs260_firmwarethinkagile_hx3521-g_firmwareideacentre_a340-24icb_all-in-one_firmwareideacentre_5_14iab7_firmwareideacentre_aio_3-24alc6ideacentre_a340-22icb_all-in-oneideacentre_m80t_gen_3_firmwarethinkagile_vx_1u_firmwareideacentre_a340-22iwl_all-in-one_firmwarethinkagile_vx2320__firmwarethinkserver_sr590_firmwareideacentre_m710qthinkstation_p520_workstation_firmwarev50t-13imbthinkagile_vx5520__firmwareideacentre_m910tthinkstation_p330_workstation_2nd_genideacentre_510-15ick_firmwareideacentre_gaming_5_17acn7_firmwarethinkagile_hx5520-cideacentre_m70q_gen_2thinkagile_vx7520__firmwarethinkagile_mx3531_h_hybrid_firmwareideacentre_m715q_firmwarethinkagile_mx3530-h_hybridideacentre_m818z_firmwarethinkserver_sr590legion_c530-19icb_firmwarethinksmart_core_\&_controller_full_room_kit\qt_m415_firmwarethinkagile_hx3330_firmwarev50s-07imbideacentre_m910q_firmwarethinkagile_hx3321_firmwaren3310_storagethinkagile_vx3320__firmwareideacentre_aio_3-22ada05ideacentre_m818zideacentre_5-14acn6_firmwareideacentre_gaming_5-14acn6ideacentre_m70aideacentre_a340-22igm_all-in-one_firmwarethinkagile_vx7530thinkagile_mx_1u_-_mx3321_f_ideacentre_m910t_firmwarethinkserver_rs160_firmwarethinkagile_hx3721_firmwareideacentre_m70s_gen_3_firmwarethinkagile_mx3520_h-_hybrid__firmwarethinkagile_mx3330-f_all-flash_firmwareideacentre_m725s_firmwareideacentre_a340-24igm_all-in-onev50t-13iob_g2thinkagile_hx3320_firmwareideacentre_gaming_5-14iob6v520sideacentre_m710e_firmwaren3310_storage_firmwareideacentre_m70a_firmwareideacentre_aio_3-24iil5_firmwareideacentre_t540-15ama_gthinkagile_vx7330_firmwarethinkagile_vx7531_firmwareideacentre_m60e_tiny_firmwarev330-20icb_all-in-one_firmwarethinkagile_hx7531thinkagile_vx3330_firmwarethinkstation_p330_tiny_workstationthinkstation_p350_tiny_workstation_firmwarethinkagile_vx7531qt_m410_firmwarethinkagile_vx3720_ideacentre_aio_3-22imb05ideacentre_m720qideacentre_510s-07icbthinksystem_st58_firmwarethinkagile_mx1021_firmwarethinkstation_p310_workstation_firmwarethinkagile_hx7520thinkagile_hx3330qt_m415thinkcentre_m8600tv520thinkagile_hx1331_firmwareideacentre_t540-15ama_g_firmwarethinksmart_core_device_for_polythinkagile_hx3321ideacentre_m715tideacentre_720-18apr_firmwareideacentre_a340-24ick_all-in-onethinkagile_mx3331-f_all-flash_firmwareideacentre_mini_5-01imh05_firmwareideacentre_m75t_gen_2thinkagile_hx1021_edg_firmwareideacentre_m80s_firmwarethinksmart_hub_zoomideacentre_m820z_all-in-onethinkagile_hx3720_firmwarethinkstation_p520_workstationideacentre_m75nideacentre_3-07ada05ideacentre_m90s_gen_3thinkcentre_m6600sthinkagile_mx3520_h-_hybrid_ideacentre_m70q_gen_3_firmwarethinkagile_vx_2uv35s-07ada_firmwareideacentre_m625q_firmwarethinkcentre_m700qthinksmart_core_device_for_poly_firmwarethinkagile_hx5521-cthinkagile_vx_1uideacentre_m900x_firmwareideacentre_aio_3-27imb05_firmwarethinkagile_vx1320_thinkagile_hx1520-r_firmwarev530s-07icr_firmwarethinkagile_hx5531ideacentre_510-15ickv55t-15arev530s-07icrthinkagile_mx_edge-_mx1020__firmwarethinkcentre_e75tthinkagile_mx-_hybrid_firmwarev50t-13imb_firmwareideacentre_gaming_5_17iab7ideacentre_3-07imb05_firmwareqitian_a815_firmwareideacentre_t540-15ick_firmwareideacentre_g5-14amr05yta8900f_firmwareideacentre_aio_3-24alc6_firmwareideacentre_gaming_5-14iob6_firmwarethinkserver_ts250ideacentre_m710q_firmwarethinkcentre_e75t_firmwareideacentre_m900thinkagile_vx5530_firmwarethinkagile_hx5521v530-15arr_firmwarethinksmart_hub_teams_firmwareideacentre_m70sthinkagile_hx3375_firmwareideacentre_aio_3-22ada6thinkagile_hx3721thinkagile_hx3520-g_firmwareideacentre_3_07iab7_firmwarethinkstation_p330_workstationthinkstation_p340_workstation_firmwarev35s-07adaideacentre_m90sideacentre_510a-15arrideacentre_a340-24iwl_all-in-one_firmwarethinkagile_hx1521-r_firmwareideacentre_m630e_firmwarethinkagile_hx7820thinkstation_p350_workstation_firmwareideacentre_5-14iob6ideacentre_m725sideacentre_m90tideacentre_a340-24ick_all-in-one_firmwarethinkagile_hx7520_firmwareideacentre_m75s-1v50a-24imb_firmwarev530-15icb_firmwareideacentre_510s-07ick_firmwarelegion_t530-28icb_firmwarethinkagile_mx3520_f-_all_flash_thinkstation_stadia_ggp-120_firmwareideacentre_aio_3-27alc6_firmwareideacentre_510a-15arr_firmwareideacentre_m820z_all-in-one_firmwareideacentre_m700_tiny_firmwareideacentre_m920xthinkcentre_m700q_firmwarethinkagile_hx7521_firmwarethinkagile_hx3375thinkagile_vx7320_n__firmwarethinkagile_vx7820__firmwarethinksystem_hr650xideacentre_a340-22ick_all-in-one_firmwarev530s-07icbthinkagile_hx2720-e_firmwarethinkstation_thinkstation_p318_firmwarethinksystem_dx1100uv50a-22imbyangtian_afq150ideacentre_m75n_firmwarev540-24iwl_all-in-onev530-24icb_all-in-one_firmwarethinksmart_hub_500_firmwareideacentre_m710sideacentre_m90q_gen_3_firmwarethinkstation_thinkstation_p318thinkagile_vx_4uthinkagile_mx3331-h_hybridideacentre_m630eideacentre_aio_3-24imb05ideacentre_5-14imb05thinkagile_vx7520_thinksystem_st50ideacentre_neo_50s_gen_3thinkagile_mx3531-f_all-flash_firmwarev540-24iwl_all-in-one_firmwarethinkstation_p330_workstation_firmwareideacentre_m710t_firmwarethinkcentre_m610thinkserver_td350ideacentre_m715qideacentre_aio_3-24iil5thinkagile_hx2331_firmwareideacentre_aio_3-22itl6v55t-15api_firmwarethinksmart_core_device_for_logitech_firmwareideacentre_m75s_gen_2_firmwareideacentre_m70q_gen_3thinksystem_dx1100u_firmwarethinkcentre_m6600s_firmwarethinkagile_mx3330-h_hybrid_firmwareideacentre_3_07iab7thinkagile_hx2720-ethinkcentre_m6600q_firmwarethinkserver_sr588thinkagile_hx5520_firmwareideacentre_m90q_tinyideacentre_5_14iab7thinkserver_ts250_firmwarethinkagile_mx3530_f_all_flashthinkstation_stadia_ggp-120ideacentre_m70t_gen_3_firmwarethinkstation_p920_workstation_firmwareideacentre_m715q_2nd_gen_firmwareideacentre_m920t_firmwarethinkserver_rs260thinkagile_mx3530_f_all_flash_firmwarethinksystem_st50_firmwarethinkagile_mx3330-h_hybridthinkstation_p720_workstationthinksystem_dx8200dthinksystem_hr630xideacentre_m720s_firmwarethinkagile_vx2320_ideacentre_e96z_firmwarethinkagile_vx_1sethinkagile_vx3520-g_v50a-22imb_firmwareideacentre_aio_3-27alc6thinkagile_hx5521-c_firmwarethinkstation_p360_tiny_workstationthinkagile_vx7330v30a-22imlthinkserver_rd350ideacentre_a340-22icb_all-in-one_firmwarethinkcentre_e75s_firmwareideacentre_c5-14imb05_firmwarethinkcentre_m610_firmwarethinkserver_ts450_firmwarethinksmart_hub_zoom_firmwarethinkstation_p340_tiny_workstation_firmwareideacentre_510a-15ick_firmwareideacentre_m920tthinkstation_p720_workstation_firmwareideacentre_m700_tinythinkagile_vx3331_firmwareideacentre_neo_50t_gen_3_firmwarethinkserver_ts460_firmwareideacentre_gaming_5_17iab7_firmwarethinkserver_ts560ideacentre_m80q_gen_3_firmwarethinkagile_hx5531_firmwarethinkagile_mx3331-h_hybrid_firmwarethinkserver_rd550BIOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-33226
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 8.77%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:38
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer copy without checking the size of input in Core

Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client applications.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwareqam8255p_firmwarewcn3991wcd9380_firmwarewsa8830wcn785x-5sm8350-ac_firmwaresm8150-acwsa8835wcd9380qca6420_firmwareqca6595au_firmwaresnapdragon_wear_4100\+_platform_firmwaresm8350snapdragon_wear_4100\+_platformwcn685x-5_firmwarewcn685x-1qca6430_firmwaresm8450wcn3980wcn3998wcd9385_firmwaresd855wcn3660bwsa8815wcn3660b_firmwareqca6574au_firmwarewcn3680b_firmwareqca6595auwcn3998_firmwarewcn785x-5_firmwarewcn3980_firmwarewcn3610_firmwareqca6420aqt1000_firmwareqca6698aqsm8350_firmwarewcn685x-5qca6797aq_firmwareqca6430wcn785x-1_firmwareqca6574auwsa8810_firmwarewcd9341_firmwaresm8450_firmwarewsa8810sa8255p_firmwaresm8150-ac_firmwareqca6698aq_firmwarewcn3680bsm8350-acwcn685x-1_firmwarewcd9385sm8150_firmwaresa8255pwcd9341qca6797aqaqt1000wsa8830_firmwaresd855_firmwaresm8150wcn785x-1wsa8815_firmwarewsa8835_firmwareqam8255pwcn3610Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-33230
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 8.19%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:38
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer copy without checking the size of input in FM Host

Memory corruption in FM Host due to buffer copy without checking the size of input in FM Host

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwaresm6375wcn3991wsa8830sa6150p_firmwaresa8145p_firmwaresw5100pqca6554asnapdragon_w5\+_gen_1_wearable_platformqca6595qca6564auwsa8835qca6574sa8150p_firmwareqca6420_firmwareqca6595au_firmwaresnapdragon_wear_4100\+_platform_firmwarewcd9370qca6574asnapdragon_wear_4100\+_platformqca6584au_firmwareqca6430_firmwarewcn3980sm4375wcn3998qca6554a_firmwarewcd9385_firmwareqca6574_firmwaresm6375_firmwarewcn3660bsd855wsa8815wcn3660b_firmwareqca6574a_firmwareqca6574au_firmwarewcn3680b_firmwareqca6595auwcn3998_firmwarewcd9375_firmwarewcn3980_firmwarewcn3610_firmwareqca6420sm4350-acsnapdragon_w5\+_gen_1_wearable_platform_firmwareaqt1000_firmwareqca6564au_firmwareqca6584ausa6155p_firmwarewcn3988_firmwareqca6430qca6574ausa6145p_firmwaresa8155p_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresm4375_firmwaresw5100wsa8810sa6155psw5100p_firmwaresa6145pwcn3680bwcd9385sm8150_firmwarewcd9341qca6696_firmwareqca6595_firmwaresa8145pqca6696sm4350wcd9375sm4350_firmwareaqt1000sa8150pwcd9370_firmwaresm4350-ac_firmwaresa6150psa8155pwsa8830_firmwaresd855_firmwaresm8150wcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresw5100_firmwarewcn3610Snapdragonaqt1000_firmwareqca6564au_firmwaresa6155p_firmwaresa6150p_firmwaresa8145p_firmwarewcn3988_firmwaresa6145p_firmwaresa8155p_firmwarewsa8810_firmwaresa8150p_firmwarewcd9341_firmwareqca6420_firmwareqca6595au_firmwaresw5100p_firmwaresnapdragon_4_gen_1_mobile_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwareqca6584au_firmwareqca6696_firmwareqca6430_firmwareqca6595_firmwareqca6554a_firmwarewcd9385_firmwaresnapdragon_855_mobile_platform_firmwareqca6574_firmwarewcd9370_firmwarewsa8830_firmwaresd855_firmwarewsa8815_firmwarewcn3660b_firmwarewsa8835_firmwareqca6574a_firmwarefastconnect_6200_firmwareqca6574au_firmwaresa8195p_firmwaresnapdragon_695_5g_mobile_platform_firmwarewcn3680b_firmwaresw5100_firmwarewcd9375_firmwarewcn3980_firmwarewcn3610_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-33224
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 8.77%
||
7 Day CHG~0.00%
Published-06 Jun, 2023 | 07:38
Updated-03 Aug, 2024 | 08:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer copy without checking the size of input in Core

Memory corruption in core due to buffer copy without check9ing the size of input while processing ioctl queries.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwareqam8255p_firmwarewcn3991wsa8830wcd9380_firmwaresa6150p_firmwaresa8145p_firmwaresw5100psnapdragon_w5\+_gen_1_wearable_platformwcn785x-5sm8350-ac_firmwaresm8150-acwsa8835wcd9380sa8150p_firmwareqca6420_firmwareqca6595au_firmwaresnapdragon_wear_4100\+_platform_firmwaresm8350snapdragon_wear_4100\+_platformwcn685x-5_firmwarewcn685x-1sm8450qca6430_firmwarewcn3980wcn3998wcd9385_firmwarewcn3660bsd855wsa8815wcn3660b_firmwareqca6574au_firmwarewcn3680b_firmwareqca6595auwcn3998_firmwarewcn785x-5_firmwarewcn3980_firmwarewcn3610_firmwareqca6420snapdragon_w5\+_gen_1_wearable_platform_firmwareaqt1000_firmwaresa6155p_firmwareqcs8155qca6698aqsm8350_firmwarewcn685x-5wcn3988_firmwareqca6430qca6797aq_firmwarewcn785x-1_firmwaresa6145p_firmwareqca6574ausa8155p_firmwaresa8195pwsa8810_firmwarewcd9341_firmwaresm8450_firmwaresw5100wsa8810sa8255p_firmwaresa6155psw5100p_firmwaresm8150-ac_firmwareqca6698aq_firmwaresa6145pwcn3680bsm8350-acwcn685x-1_firmwarewcd9385sm8150_firmwaresa8255pwcd9341qca6696_firmwaresa8145pqca6696qca6797aqaqt1000sa8150psa6150psa8155pwsa8830_firmwaresd855_firmwaresm8150wcn785x-1wcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqcs8155_firmwaresw5100_firmwareqam8255pwcn3610Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-1891
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 9.61%
||
7 Day CHG~0.00%
Published-23 Jan, 2023 | 15:25
Updated-03 Apr, 2025 | 16:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow in the SystemLoadDefaultDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkbook_15-imlthinkbook_14-iml_firmwareyoga_c640-13iml_firmwarethinkbook_15-iml_firmwarethinkbook_14-iil_firmwarethinkbook_14-imlthinkbook_15-iilyoga_c640-13imlyoga_c640-13iml_lte_firmwarethinkbook_14-iilthinkbook_15-iil_firmwareyoga_c640-13iml_lteBIOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-12374
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 24.22%
||
7 Day CHG~0.00%
Published-19 Feb, 2021 | 15:17
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-hns2600bpb24rr1304wftysrr2208wf0zsrr1208wftysr2208wftzsrr1304wf0ysr2312wf0nprhns2600bpbr1304wftyshns2600bpqr2224wfqzsr1000wfhns2600bpblc24rs2600bpqrhns2600bpbrs2600stqhns2600bpblcr2308wftzshns2600bpsrr1208wftysrr2208wf0zsr2208wftzsr2312wf0npr1208wfqysrr2224wftzsrr2208wfqzsrs2600stbr2224wftzsr2312wftzsrr2308wftzsrs2600wf0bmc_firmwarehns2600bps24rhns2600bpqrs2600wfqr2208wfqzshns2600bpshns2600bpq24rhns2600bpb24hns2600bps24r1304wf0ysrhns2600bpq24s2600wfts2600bpbrhns2600bpblc24s2600bpsrr2312wfqzsr2312wftzsIntel(R) Server Boards, Server Systems and Compute Modules
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11183
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 10.13%
||
7 Day CHG~0.00%
Published-21 Jan, 2021 | 09:41
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A process can potentially cause a buffer overflow in the display service allowing privilege escalation by executing code as that service in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100pm8909qfe2550qfe4465fcsdr051pm660pmi8996qbt1500pmi632qln1030mdm9650qpa5373pmk8001pmm855aumdm9250qtc800hmsm8917wtr3905qca9377qpa5460wtr2955wcn3660bqln1021aqqfe4320smb1380qfe4308apq8037qca6595auwcn3615msm8909wqtc800tpm8940sdx20mqca6310pm8937qfe2081fcpm8996qca9367sd821sdm630qcc1110qfe2101smb1360qat3522qfe4455fcwcd9340pm8953smb231qfe3440fcqat3514sdr660wcd9326wcd9335qet4200aqmsm8937smb1358wcd9341pm439pmi8952mdm9655smb1350wtr3950qtc800ssd660sd820sd712wtr3925pmi8937pm8998qfe2080fcsdr052sdw3100wcn3620apq8017qca6564asd450qet4100wcn3990smb1355wcd9330wgr7640sd636qet5100qca6595qca6564aumsm8996aupmi8940pmm8996aurgr7640auqualcomm215qln1035bdqpa4360pm855aqca6574amdm9206qca6174apm660lwtr4905ar8151wtr5975wcn3980qsw8573wsa8815qbt1000qfe4305qca6320wcn3680pmx20pmd9607qfe4309sd835apq8009smb1351qfe4373fcqfe2082fcmsm8920msm8953pmi8998pm660aqpa4340sdx50msdx20pm8916qln1036aqqtc801srsw8577pmd9655qfe4302qca6574ausd710apq8009wqfe4303wsa8810qat3550pm8005wcn3680bpm215apq8096auwtr2965qfe4301pm8004sdw2500msm8940apq8053sd439qet4101pmi8994sdm830smb1357qca9379qln1031Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2025-24153
Matching Score-4
Assigner-Apple Inc.
ShareView Details
Matching Score-4
Assigner-Apple Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 6.03%
||
7 Day CHG~0.00%
Published-27 Jan, 2025 | 21:45
Updated-04 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.3. An app with root privileges may be able to execute arbitrary code with kernel privileges.

Action-Not Available
Vendor-Apple Inc.
Product-macosmacOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-25712
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 8.77%
||
7 Day CHG~0.00%
Published-13 Dec, 2022 | 00:00
Updated-22 Apr, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in camera due to buffer copy without checking size of input in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwarewcd9340_firmwareqca6310qualcomm215_firmwarewsa8835mdm9150_firmwaresdx55msd855_firmwarewcn3998wcn6850_firmwarewsa8810_firmwarewsa8815_firmwarewcn3610_firmwareqca6436qca6426_firmwarewcn3660bwcn3660b_firmwaresd710_firmwareqcs410_firmwaresd205_firmwarewsa8810sdxr1sd210wcd9341_firmwarewsa8830sw5100p_firmwarewsa8815qca6390sda429w_firmwarewcn3680baqt1000_firmwarewsa8835_firmwareqca6430sw5100sd855qca6391wcn3998_firmwarewcd9340wcn6850wcn6851wcn3950wcd9370_firmwaresdxr2_5g_firmwareqca6420_firmwaresda429wqcc5100_firmwaresd210_firmwarewsa8830_firmwarewcn3680b_firmwaresdxr2_5gsd865_5g_firmwarewcd9341wcn3980_firmwarewcn6851_firmwarewcd9326qcs610qcs610_firmwarequalcomm215qca6391_firmwaresd205wcd9326_firmwareqcc5100wcd9380wcn3610qca6335sw5100_firmwareqca6430_firmwaresd865_5gqca6426sd870qca6335_firmwaresdx55m_firmwareaqt1000wcn3990_firmwarewcn3950_firmwarewcn3988mdm9150qca6390_firmwareqca6420wcn3988_firmwareqca6310_firmwaresd710sd870_firmwaresw5100psd845_firmwaresdxr1_firmwareqca6436_firmwaresd845wcd9370qcs410wcn3990wcn3980Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-3742
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.77%
||
7 Day CHG~0.00%
Published-23 Aug, 2023 | 19:42
Updated-09 Oct, 2024 | 19:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A potential vulnerability was discovered in LCFC BIOS for some Lenovo consumer notebook models that could allow a local attacker with elevated privileges to execute arbitrary code due to improper buffer validation.

Action-Not Available
Vendor-Lenovo Group Limited
Product-ideapad_1_15igl7legion_5-17imh05_firmwarev14_g2-itl_firmwareideapad_3-17itl6legion_5-15ith6hslim_7_prox_14iah7_firmwarelegion_5-15imh6ideapad_3_15iau7ideapad_1_15iau7slim_9-14itl05slim_7_pro-14ihu5yoga_slim_7_pro_14iah7ideapad_5-15itl05_firmwareideapad_3-17itl6_firmwareyoga_slim_7_pro-14ihu5_olegion_5-15ith6h_firmwareslim_7_carbon_13iap7v17_g3_iap_firmwarelegion_5_pro-16ith6legion_5-17ith6hv15_g3_iapyoga_slim_7_pro-14itl5ideapad_1_14igl7legion_5_15iah7h_firmwarelegion_5-17ith6_firmwareyoga_slim_9-14itl05_firmwareideapad_3-14igl05_firmwareideapad_3-14itl05_firmwarev14_g2_ijllegion_5p-15imh05h_firmwareideapad_3-14iml05_firmwarelegion_5-15imh6_firmwareideapad_1_14iau7yoga_slim_9_14iap7slim_7_pro-14ihu5_firmwarev15_g1-imllegion_5_pro_16iah7_firmwarev17-iilideapad_1-15ijl7slim_9_14iap7_firmwareyoga_slim_7_carbon_13iap7v17_g3_iapyoga_slim_7_pro_14iap7yoga_slim_7_prox_14iah7_firmwareideapad_3-17iml05ideapad_3-17iil05_firmwareideapad_1_14igl7_firmwareyoga_slim_7_pro-14itl5_firmwareideapad_3-15igl05yoga_slim_9_14iap7_firmwareideapad_3-15itl6v14_g3_iapideapad_1_14iau7_firmwarelegion_7-16ithg6_firmwareideapad_5_15ial7l3-15itl6_firmwareideapad_3-14iml05v15_g3_iap_firmwarelegion_5-17imh05h_firmwareyoga_slim_7_pro-14ihu5_o_firmwarelegion_5_pro_16iah7h_firmwarelegion_5_15iah7hv17_g2-itlideapad_3-15iml05legion_5-17imh05ideapad_3-15iil05_firmwarev15_g2_ijllegion_7_16iax7s14_g3_iap_firmwarelegion_5_15iah7_firmwarev15_g2-itl_firmwarev14_g1-imlyoga_7_14ial7_firmwarelegion_5_pro-16ith6hideapad_3_17iau7v15_g2_ijl_firmwareyoga_slim_7_carbon_13iap7_firmwareideapad_3_14iau7ideapad_3-14igl05legion_5-15imh05hv15-igl_firmwareideapad_3_17iau7_firmwarelegion_5-15imh05v14_g3_iap_firmwareslim_7_prox_14iah7ideapad_gaming_3-15imh05_firmwareslim_7_carbon_13iap7_firmwareideapad_3-15itl05ideapad_1_15igl7_firmwareyoga_7_16iap7legion_7-16ithg6ideapad_3-15iml05_firmwareideapad_3-15iil05ideapad_1_15iau7_firmwareideapad_3-17iml05_firmwarev14-igl_firmwarelegion_5p-15imh05hlegion_5-17ith6legion_5-17imh05hlegion_5p-15imh05ideapad_5-15itl05v15_g2-itllegion_5-17ith6h_firmwarelegion_5_pro-16ith6h_firmwarelegion_7_16iax7_firmwarelegion_5_pro_16iah7slim_7_14iap7yoga_7-15itl5ideapad_3-14itl6ideapad_gaming_3-15imh05s14_g2_itllegion_5p-15imh05_firmwareideapad_creator_5-15imh05yoga_slim_7_pro_14iap7_firmwarev15_g1-iml_firmwares14_g3_iapv15-iglyoga_7_14ial7ideapad_5-15iil05_firmwarelegion_5_15iah7yoga_7_16iap7_firmwarelegion_5-15ith6s540-13itlyoga_slim_7_prox_14iah7v17-iil_firmwareideapad_3_15iau7_firmwarev17_g2-itl_firmwareyoga_slim_9-14itl05ideapad_5_15ial7_firmwarelegion_5_pro_16iah7hideapad_3-15itl05_firmwareideapad_3-15igl05_firmwarethinkbook_15p_g2_ithyoga_7-14itl5yoga_7-14itl5_firmwareideapad_5-15iil05slim_9_14iap7v14_g1-iml_firmwareyoga_7-15itl5_firmwareslim_9-14itl05_firmwarev14-iglideapad_3-15itl6_firmwares540-13itl_firmwarev14_g2-itlideapad_3-14itl6_firmwareyoga_slim_7_pro-14ihu5ideapad_1-15ijl7_firmwarel3-15iml05_firmwarelegion_5-15ith6_firmwares14_g2_itl_firmwareyoga_9_14iap7legion_5-15imh05h_firmwarethinkbook_15p_g2_ith_firmwareyoga_9_14iap7_firmwareslim_7_14iap7_firmwareideapad_1-14ijl7_firmwareyoga_slim_7_pro_14iah7_firmwareideapad_3-14iil05ideapad_creator_5-15imh05_firmwareideapad_3_14iau7_firmwareideapad_3-17iil05v14_g2_ijl_firmwareideapad_3-14iil05_firmwareyoga_7_16iah7_firmwareideapad_3-14itl05ideapad_1-14ijl7l3-15itl6yoga_7_16iah7thinkbook_15p_imh_firmwareyoga_slim_7_pro-14ihu5_firmwarel3-15iml05thinkbook_15p_imhlegion_5_pro-16ith6_firmwarelegion_5-15imh05_firmwareNotebookideapad_gaming_3-15imh05_firmwarelegion_5-17imh05_firmwareslim_7_carbon_13iap7_firmwareideapad_1_15igl7_firmwareideapad_3-15iml05_firmwarev14_g2-itl_firmwareslim_7_prox_14iah7_firmwareideapad_1_15iau7_firmwareideapad_3-17iml05_firmwarev14-igl_firmwareideapad_5-15itl05_firmwareideapad_3-17itl6_firmwarelegion_5-15ith6h_firmwarev17_g3_iap_firmwarelegion_5-17ith6h_firmwarelegion_5_pro-16ith6h_firmwarelegion_7_16iax7_firmwarelegion_5_15iah7h_firmwarelegion_5-17ith6_firmwareyoga_slim_9-14itl05_firmwareideapad_3-14igl05_firmwarelegion_5p-15imh05_firmwareideapad_3-14itl05_firmwareyoga_slim_7_pro_14iap7_firmwarev15_g1-iml_firmwareideapad_5-15iil05_firmwarelegion_5p-15imh05h_firmwareyoga_7_16iap7_firmwareideapad_3-14iml05_firmwarelegion_5-15imh6_firmwarev17-iil_firmwareideapad_3_15iau7_firmwarev17_g2-itl_firmwareslim_7_pro-14ihu5_firmwarelegion_5_pro_16iah7_firmwareideapad_5_15ial7_firmwarelegion_5_pro-16ith6_firmwareideapad_3-15itl05_firmwareideapad_3-15igl05_firmwareyoga_7-14itl5_firmwareyoga_slim_7_prox_14iah7_firmwareideapad_3-17iil05_firmwareideapad_1_14igl7_firmwareyoga_slim_7_pro-14itl5_firmwarev14_g1-iml_firmwareyoga_7-15itl5_firmwareyoga_slim_9_14iap7_firmwareslim_9-14itl05_firmwareideapad_3-15itl6_firmwares540-13itl_firmwareideapad_3-14itl6_firmwareideapad_1_14iau7_firmwareideapad_1-15ijl7_firmwarel3-15iml05_firmwarelegion_7-16ithg6_firmwarelegion_5-15ith6_firmwares14_g2_itl_firmwarel3-15itl6_firmwarev15_g3_iap_firmwarelegion_5-17imh05h_firmwareyoga_slim_7_pro-14ihu5_o_firmwarelegion_5-15imh05h_firmwarethinkbook_15p_g2_ith_firmwarelegion_5_pro_16iah7h_firmwareyoga_9_14iap7_firmwareslim_7_14iap7_firmwareideapad_1-14ijl7_firmwareyoga_slim_7_pro_14iah7_firmwareideapad_3-15iil05_firmwareideapad_creator_5-15imh05_firmwareideapad_3_14iau7_firmwarev14_g2_ijl_firmwareideapad_3-14iil05_firmwareyoga_7_16iah7_firmwares14_g3_iap_firmwarelegion_5_15iah7_firmwarev15_g2-itl_firmwareyoga_7_14ial7_firmwarev15_g2_ijl_firmwareyoga_slim_7_carbon_13iap7_firmwarethinkbook_15p_imh_firmwareyoga_slim_7_pro-14ihu5_firmwarev15-igl_firmwarelegion_5-15imh05_firmwareideapad_3_17iau7_firmwarev14_g3_iap_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-24910
Matching Score-4
Assigner-Talos
ShareView Details
Matching Score-4
Assigner-Talos
CVSS Score-8.2||HIGH
EPSS-3.13% / 86.33%
||
7 Day CHG~0.00%
Published-12 May, 2022 | 17:01
Updated-15 Apr, 2025 | 19:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow vulnerability exists in the httpd parse_ping_result API functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted file can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.

Action-Not Available
Vendor-InHand Networks, Inc.
Product-ir302_firmwareir302InRouter302
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2022-23431
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-6.4||MEDIUM
EPSS-0.02% / 3.06%
||
7 Day CHG~0.00%
Published-11 Feb, 2022 | 17:40
Updated-03 Aug, 2024 | 03:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An improper boundary check in RPMB ldfw prior to SMR Feb-2022 Release 1 allows arbitrary memory write and code execution.

Action-Not Available
Vendor-Google LLCSamsungSamsung Electronics
Product-androidexynosSamsung Mobile Devices with Exynos chipsets
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2018-1000117
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.09% / 25.86%
||
7 Day CHG~0.00%
Published-07 Mar, 2018 | 14:00
Updated-17 Sep, 2024 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Python Software Foundation CPython version From 3.2 until 3.6.4 on Windows contains a Buffer Overflow vulnerability in os.symlink() function on Windows that can result in Arbitrary code execution, likely escalation of privilege. This attack appears to be exploitable via a python script that creates a symlink with an attacker controlled name or location. This vulnerability appears to have been fixed in 3.7.0 and 3.6.5.

Action-Not Available
Vendor-n/aMicrosoft CorporationPython Software Foundation
Product-windowspythonn/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-0115
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.17% / 38.15%
||
7 Day CHG~0.00%
Published-09 Feb, 2022 | 22:04
Updated-05 May, 2025 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aNetApp, Inc.Intel Corporation
Product-core_i7-6870hqxeon_e-2286gatom_c3950core_i3-9100ecore_i3-10100xeon_silver_4109tcore_i3-7300core_i5-1038ng7core_i5-11400core_i9-7900xcore_i7-10510yxeon_d-1548xeon_bronze_3106xeon_platinum_8260yxeon_d-1633nxeon_d-1653nxeon_platinum_8153xeon_e-2246gcore_i5-6350hqcore_i9-9960xcore_i3-6300txeon_e-2374gxeon_gold_5218txeon_w-2123core_i5-11260hxeon_e-2236xeon_gold_5218nxeon_w-1270exeon_d-1531core_i5-6500tcore_i5-7500core_i5-6260uxeon_e-2278gecore_i5-7440hqxeon_platinum_8156core_i7-8709gatom_c3758xeon_d-2177ntxeon_gold_6142fxeon_silver_4214ycore_i9-11900kfxeon_w-10855mxeon_gold_6230txeon_silver_4210rxeon_w-1270xeon_w-3235core_i9-10900txeon_e-2126gcore_i5-8200ycore_i7-10700tecore_i9-10900kxeon_gold_5220rcore_i5-8260ucore_i5-11400fxeon_w-11955mcore_i5-10400txeon_w-1290ecore_i7-1185g7core_i7-9700kfcore_i9-10900xxeon_platinum_9221xeon_d-2142itcore_m7-6y75xeon_w-3335core_i9-11900kcore_i5-10500hxeon_w-11555mrecore_i5-10600kfxeon_e-2146gcore_i3-1005g1core_i7-1068ng7xeon_silver_4112xeon_gold_6140xeon_d-1637core_i5-9400fcore_i3-10100ecore_i7-6800kcore_i7-7560uatom_c3538core_i7-9700txeon_gold_5120xeon_gold_6238core_i5-11600kfcore_i5-7600tcore_i7-4820kxeon_d-1602core_i5-8365uatom_c3508xeon_w-2245core_i5-9600kfxeon_d-2145ntxeon_platinum_8256xeon_gold_6130fxeon_e-2276mxeon_e-2224gcore_i5-8269uxeon_d-2163itcore_i3-1120g4core_i7-3930kcore_i5-11400hcore_i9-11900hxeon_d-1623ncore_i7-1185g7ecore_i7-10810ucore_i3-10300txeon_d-1521core_i3-8100core_i3-8145uecore_i5-1130g7core_i9-11900core_i5-6585rcore_i5-9600kxeon_gold_6144core_i5-8265ucore_i7-10700tcore_i9-9900kfcore_i3-7100core_m5-6y54core_i5-6300hqxeon_gold_5118core_i5-1145g7core_i5-9300hcore_i5-10500ecore_i7-10750hcore_i9-10850kxeon_silver_4114tcore_i5-8500bxeon_d-2143itxeon_silver_4209txeon_e-2226gexeon_gold_6212ucore_i5-6600core_i3-8100hcore_i7-8706gcore_i3-6300core_i9-11900fxeon_silver_4215xeon_gold_6230ncore_i9-10920xcore_i9-11950hatom_c3750xeon_gold_6138pcore_i7-1195g7core_i5-10310ucore_i9-10885hcore_i7-8557ucore_i5-7440eqcore_i3-6320xeon_e-2386gcore_i7-1165g7core_m3-7y32core_i7-11850hexeon_e-2134xeon_w-1290tecore_i5-1145g7ecore_i5-6440eqcore_i5-1030g7core_i9-10980hkxeon_e-2176mxeon_w-11155mlexeon_gold_6130xeon_silver_4210txeon_e-2274gxeon_gold_6136core_i5-6287ucore_i7-8500yxeon_w-3323core_i5-9600tatom_c3558rcore_i9-7960xxeon_w-1370atom_c3808core_i5-9600xeon_d-1559xeon_gold_6134xeon_w-3375xeon_e-2174gcore_i5-8600txeon_d-1537xeon_gold_5218bxeon_gold_6128core_i7-1180g7xeon_e-2176gxeon_e-2288gcore_i3-6100hcore_i7-7500uxeon_gold_6146xeon_w-1370pxeon_gold_6254core_i3-10320xeon_gold_5218rcore_i3-10105fxeon_w-2235core_i3-6098pcore_i5-6400xeon_d-1649nxeon_w-3175xcore_i7-10875hxeon_w-3225core_i3-7101tecore_i7-7700xeon_d-1540core_i3-11100hecore_i5-10400hxeon_gold_6246rcore_i5-7300hqxeon_d-1513nxeon_w-10885mxeon_gold_6126xeon_d-1527core_i9-9940xcore_i9-9900xcore_i5-6600kcore_i9-7940xcore_i7-9700exeon_e-2254mecore_i7-9700tecore_i7-6700txeon_gold_6248rxeon_silver_4214xeon_w-2125xeon_platinum_9222core_i3-10105tcore_i5-11300hcore_i5-6500texeon_gold_5220sxeon_platinum_8260core_i5-6500core_i3-1000g4core_i3-9100hlcore_i9-10900kfcore_i3-10100tatom_c3858xeon_d-2146ntxeon_e-2144gcore_i9-9980hkxeon_w-11555mlecore_i5-11500hexeon_e-2244gcore_i3-7100tcore_i3-6102exeon_w-1390txeon_silver_4216core_i5-1140g7core_i7-11700kfcore_i7-10610ucore_i7-6770hqxeon_platinum_8180xeon_platinum_8276lxeon_gold_6138tcore_i7-7740xcore_i7-11375hcore_i7-7y75core_i7-8559ucore_i5-9500eatom_c3850core_i5-11500txeon_e-2124gcore_i7-4930kcore_i5-9400core_i7-4960xcore_i7-5960xcore_i7-6600uxeon_gold_6138core_i7-1185grecore_i3-10325xeon_gold_6138fxeon_e-2356gcore_i7-8700xeon_d-1557core_i3-7130ucore_i5-8400atom_c3436lxeon_w-3245mxeon_e-2334core_i7\+8700core_i7-9850hatom_c3708xeon_w-1350core_i5-7600core_i9-10980xecore_i7-6500ucore_i5-1035g1xeon_w-11865mlecore_i7-11850hxeon_w-1290xeon_e-2186gxeon_silver_4210core_i3-10110uxeon_gold_6234atom_c3336core_i7-4930mxxeon_w-1350pcore_i9-10900xeon_w-1250core_i5-9400tcore_i5-7360ucore_i5-7300ucore_i7-11800hcore_i3-10300core_i5-6600tcore_i7-8565uxeon_gold_6154xeon_silver_4110core_i7-7700katom_c3830xeon_platinum_8176core_i7-10870hcore_i3-10100fcore_i7-10510uxeon_bronze_3104xeon_w-1290pcore_i5-8310yxeon_gold_5217core_i5-6440hqcore_i7-6850kxeon_gold_5120txeon_e-2324gxeon_w-3245core_i7-6660ucore_i9-7980xecore_i3-6100exeon_gold_6210ucore_i5-7200uxeon_gold_5115core_i7-9700fxeon_w-3345core_i5-10210ucore_i7-6820hqxeon_d-1528xeon_w-2295xeon_e-2234core_i3-9100tcore_i5-10500core_i5-8400bcore_i3-7100hcore_i7-8850hxeon_gold_5215core_i3-6100ucore_i9-9900kscore_i9-7920xxeon_w-11865mrecore_i5-11600kcore_i9-10900tecore_i9-8950hkcore_i5-6360ucore_i3-6157ucore_i5-9500fcore_i3-10100yxeon_e-2378core_i7-7820xcore_i3-1115g4ecore_i5-10600tcore_i5-7640xcore_i7-7800xxeon_w-3275mxeon_gold_6250lcore_i5-9400hxeon_gold_6209ucore_i9-9920xxeon_platinum_8253xeon_gold_6252ncore_i7-7660ucore_i3-9320xeon_platinum_8158core_i7-7700hqatom_c3308xeon_platinum_8280core_i5-6402pcore_m3-7y30xeon_w-11155mrexeon_gold_6252xeon_w-2135core_i3-10105core_i5-11400tcore_i7-11700kcore_i7-4940mxcore_i7-8550uxeon_e-2276mlxeon_gold_6246xeon_silver_4214rcore_i9-10940xcore_i7-9700core_i7-6700hqcore_i3-8300core_i7-9850hexeon_gold_6230rcore_i7-10700kfcore_i5-8400tcore_i5-7500txeon_d-2187ntxeon_silver_4116tcore_i7-1065g7xeon_d-1518core_i7-9800xxeon_silver_4208core_i5-6267ucore_i3-1000g1xeon_gold_6126txeon_w-2225xeon_silver_4116xeon_e-2276mecore_i5-7y54xeon_w-1250ecore_i5-7400core_i7-6950xfas\/aff_biosxeon_platinum_8160fxeon_platinum_8164core_i7-6567uxeon_platinum_8176fxeon_gold_5215lcore_i5-7287uxeon_platinum_8168core_i7-3970xcore_i7-3960xcore_i7-11600hcore_i7-7920hqcore_i7-10700core_i5-1145grecore_i3-7020uxeon_d-1533nxeon_gold_6240lxeon_w-3265mxeon_gold_6248core_i5-1135g7xeon_w-2195xeon_e-2136core_i5-9300hfxeon_w-1270pcore_i3-1115g4xeon_gold_6258rxeon_platinum_9282core_i3-8145ucore_i3-9300core_i5-10400xeon_d-2173itxeon_d-2161icore_i7-7567uxeon_w-1250pcore_i7-8700kcore_i5-1155g7core_i3-9300tcore_i7-7820hqcore_i7-7820eqcore_i7-9700kxeon_d-2123itxeon_platinum_8160tcore_i3-8109ucore_i5-8365uexeon_gold_6142core_i3-1110g4xeon_bronze_3206rxeon_gold_6148core_i7-3820xeon_w-3275xeon_gold_6240core_i3-7320core_i7-10700ecore_i5-8350ucore_i7-3940xmxeon_gold_5220xeon_gold_6126fcore_i3-10100tecore_m5-6y57xeon_e-2388gcore_i7-11390hxeon_platinum_8268xeon_e-2226gcore_i5-7y57core_i7-6700texeon_gold_6240rcore_i7-3920xmcore_i5-7260uxeon_e-2278gxeon_silver_4215rcore_i9-10900ecore_i3-9100core_i7-9750hxeon_e-2124core_i5-8250ucore_i5-8600core_i9-11980hkxeon_w-3265core_i5-10500tecore_i5-11500core_i3-6100tecore_i7-11700xeon_platinum_8160xeon_gold_5119tcore_i7-8700bcore_i5-10500txeon_gold_6148fcore_i5-10600core_i5-10310yxeon_w-1250texeon_gold_6208ucore_i3-9100teatom_c3338core_i5-8259uxeon_gold_6242core_i7-10700kxeon_e-2336xeon_d-1627xeon_e-2186mxeon_e-2286mcore_i9-9880hcore_i7-6650ucore_i7-11370hcore_i5-7442eqcore_i7-8665uecore_i3-8130ucore_i3-7167ucore_i3-8300tcore_i5-11500hcore_i5-1035g4core_i5-11600tcore_i7-8650ucore_i5-10200hcore_i9-9900kcore_i7-8705gxeon_platinum_8276xeon_d-1529xeon_gold_5220tcore_i7-5930kcore_i5-10400fcore_i7-1160g7core_i7-7600uxeon_gold_6244xeon_gold_6242rcore_i3-7100exeon_w-2275xeon_w-2265core_i5-9500xeon_gold_6226rcore_i3-7101ecore_i9-9900xeon_bronze_3204core_i9-9820xxeon_d-1567xeon_w-3365core_i7-9850hlcore_i5-8400hcore_i5-6300ucore_m3-6y30core_i7-9750hfxeon_d-2141ixeon_w-2175xeon_silver_4108core_i3-10110ycore_i5-1035g7core_i7-7820hkxeon_e-2254mlxeon_w-11855mcore_i5-8305gcore_i3-6100xeon_gold_6240ycore_i3-9350kxeon_gold_6238lxeon_w-1390cloud_backupcore_i3-1115grecore_i5-11600core_i5-7400tcore_i7-11700fcore_i3-6100tcore_i7-8750hcore_i7-8665ucore_i3-10305txeon_d-2183itcore_i5-8300hcore_i3-8140ucore_i3-8350kcore_i5-10600kcore_i7-8086kxeon_gold_5222core_i7-10850hxeon_d-1523nxeon_gold_6256core_i5-9500teatom_c3958xeon_gold_6130tatom_c3338rxeon_d-1520core_i3-8100bcore_i3-6167ucore_i5-8279uxeon_platinum_8280lcore_m3-8100ycore_i5-7267ucore_i5-8600kcore_i3-7100uxeon_d-1543ncore_i5-6442eqcore_i7-8700txeon_silver_4114xeon_d-1541core_i7-11700txeon_d-1622xeon_platinum_9242core_i7-6700kcore_i7-6970hqxeon_w-2223core_i7-6822eqcore_i3-7300txeon_gold_6238tatom_c3955core_i5-8500core_i9-11900tcore_i5-8210ycore_i7-6785rcore_i7-6560ucore_i7-1060g7core_i5-8257ucore_i7-8569ucore_i7-5820kcore_i9-9900tcore_i7-6900kcore_i7-7700tcore_i9-9980xeatom_c3558core_i5-6685rxeon_w-2133xeon_gold_6250core_i3-9350kfxeon_platinum_8260lxeon_platinum_8270xeon_w-1290tcore_i5-8500tcore_i7-8809gxeon_gold_6226core_i5-11320hxeon_d-1577xeon_gold_6132xeon_e-2314core_i5-6400tcore_i3-10305xeon_d-2166ntcore_i3-7350kxeon_w-1390pcore_i5-10505xeon_d-1539core_i7-6700core_i7-6820eqcore_i7-6920hqcore_i5-7600kcore_i7-6820hkxeon_w-2255xeon_gold_6262vcore_i3-6006ucore_i7-10710ucore_i5-10210ycore_i5-10300hxeon_w-1270texeon_e-2224xeon_gold_5218xeon_w-2145xeon_gold_6238rcore_i3-9100fxeon_platinum_8170core_i9-10900fcore_i3-1125g4xeon_e-2278gelxeon_d-1553ncore_i5-1030g4xeon_e-2378gcore_i3-8100tcore_i5-9500txeon_w-3223xeon_w-2155xeon_gold_6152core_i3-7102exeon_gold_6150xeon_e-2276gcore_i5-6200uxeon_gold_6222vcore_i7-10700fxeon_d-1571xeon_gold_5122atom_c3758rxeon_gold_6230Intel(R) Processors
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-8710
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.19% / 41.55%
||
7 Day CHG~0.00%
Published-13 Aug, 2020 | 02:31
Updated-04 Aug, 2024 | 10:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the bootloader for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow a privileged user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-compute_module_hns2600bpblc24rserver_system_r1304wt2gsrserver_system_lsvrp_firmwarecompute_module_hns2600tpfrserver_system_r2208wt2ysrserver_board_s2600wftserver_system_r2312wftzsrserver_system_r1000sp_firmwareserver_board_s2600kprserver_system_r1304wf0ysserver_system_r1304wf0ysrserver_system_r1304sposhbnserver_board_s2600kpfserver_system_lsvrp4304es6xx1server_board_s2600cwtserver_board_s2600kpcompute_module_hns2600bpbserver_board_s2600stbcompute_module_hns2600kprserver_system_r1208wttgsrserver_board_s2600cw2rserver_board_s2600wfqrcompute_module_hns2600tp24rserver_system_r2308wftzsserver_system_r2308wttysserver_system_r1000wf_firmwareserver_board_s2600wftrserver_system_r1304wt2gscompute_module_hns2600tprserver_system_r2208wf0zsserver_board_s2600kptrserver_board_s2600st_firmwareserver_system_r1208sposhorrcompute_module_hns2600tp_firmwareserver_board_s1200splserver_board_s2600cw2srserver_system_r1208wt2gsserver_board_s2600tpserver_system_r2208wttyc1rserver_board_s2600stqrcompute_module_hns2600bpblc24server_board_s2600cw2scompute_module_hns2600kp_firmwareserver_system_vrn2208wfaf83server_board_s2600cwtrserver_board_s1200spsserver_board_s2600bpqserver_system_r2208wt2ysserver_system_r1208wttgsserver_system_r1304wttgsserver_system_r2208wttysrserver_system_r1304sposhbnrserver_system_r2208wfqzsrserver_board_s2600tpfserver_board_s2600cwtsserver_system_lr1304sp_firmwareserver_system_r2312wf0nprserver_board_s2600wttrserver_board_s2600wt2server_system_r1208wfqysrserver_system_vrn2208wfhy6server_board_s2600stqserver_system_r2224wftzsserver_board_s2600wf0rserver_system_r2208wfqzsserver_system_nb2208wfqnfviserver_system_r2208wftzsserver_system_r2224wftzsrcompute_module_hns2600bpq24rserver_system_r2224wttysserver_board_s1200sp_firmwareserver_system_lr1304spcfg1rserver_system_lr1304spcfg1server_system_mcb2208wfaf5compute_module_hns2600bps24server_board_s2600bpsserver_board_s2600wt_firmwareserver_board_s2600bpqrserver_system_r2000wt_firmwareserver_system_r1208wt2gsrserver_system_vrn2208wfaf82compute_module_hns2600bpb24rserver_system_r1208wftysserver_system_r2000wf_firmwareserver_board_s2600cwserver_system_r2308wftzsrserver_system_lnetcnt3ycompute_module_s2600tp_firmwarecompute_module_hns2600bps24rserver_system_r1304wftysrserver_system_lsvrp4304es6xxrcompute_module_hns2600bpsrserver_board_s2600wt2rserver_system_mcb2208wfhy2server_board_s2600tpfrcompute_module_hns2600bpblcrserver_board_s2600cwtsrserver_system_r2224wfqzsserver_system_r2308wttysrcompute_module_hns2600tpfserver_system_r2312wftzsserver_system_vrn2208wfaf81server_board_s2600stbrcompute_module_hns2600bpqrserver_system_r2224wttysrserver_system_r2312wttyscompute_module_hns2600bpbrserver_system_r1208sposhorserver_board_s2600bp_firmwareserver_board_s2600bpbrserver_system_r1000wt_firmwareserver_board_s2600wttserver_board_s2600wf0compute_module_hns2600kpserver_system_r2312wfqzsserver_system_mcb2208wfaf6server_system_r1304wftysserver_system_r2208wttysserver_system_r1304sposhorrserver_system_vrn2208waf6compute_module_hns2600bp_firmwareserver_system_r1304sposhorcompute_module_hns2600tpcompute_module_hns2600kpfrcompute_module_hns2600bpqserver_board_s1200sporserver_board_s2600bpbserver_system_mcb2208wfaf4server_board_s1200splrserver_system_lr1304spcfsgx1compute_module_hns2600kpfcompute_module_hns2600bpblcserver_system_r2208wttyc1server_board_s2600cw2server_board_s1200sposerver_board_s2600wfqserver_board_s2600bpsrserver_system_r2312wf0npserver_system_r1304wttgsrserver_system_r2312wttysrserver_board_s2600kp_firmwareserver_system_r1208wttgsbppserver_board_s1200spsrcompute_module_hns2600bpsserver_system_r2208wf0zsrserver_board_s2600kpfrcompute_module_hns2600bpb24server_system_r2208wftzsrserver_system_r1208wftysrserver_board_s2600tprcompute_module_hns2600tp24srserver_board_s2600wf_firmwarecompute_module_hns2600bpq24Intel(R) Server Boards, Server Systems and Compute Modules Advisory
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-43526
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 6.95%
||
7 Day CHG~0.00%
Published-06 May, 2024 | 14:32
Updated-15 Jan, 2025 | 16:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Audio

Memory corruption while querying module parameters from Listen Sound model client in kernel from user space.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-Snapdragonqam8255p_firmwaresa8620p_firmwaresa6155p_firmwareqca8337_firmwaresa6150p_firmwareqcn6274_firmwaresnapdragon_x72_5g_modem-rf_systemsa8775p_firmwaresa8650p_firmwaresrv1h_firmwareqcn6224_firmwaresa6145p_firmwaresa8155p_firmwaresa7255p_firmwarefastconnect_7800_firmwaresa8255p_firmwareqamsrv1m_firmwaresrv1m_firmwareqam8650p_firmwaresa8770p_firmwareqam8775p_firmwareqca6696_firmwareqfw7114_firmwareqca6391_firmwareqamsrv1h_firmwarewcd9340_firmwareqcc710_firmwareqam8295p_firmwaresa9000p_firmwareqca6574au_firmwaresa8195p_firmwareqca8081_firmwareqfw7124_firmwaresa8295p_firmwarear8035_firmware
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-43581
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 9.78%
||
7 Day CHG~0.00%
Published-08 Nov, 2023 | 22:25
Updated-04 Sep, 2024 | 18:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow was reported in the Update_WMI module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkcentre_m70q_firmwarethinkcentre_m80t_gen_3ideacentre_aio_3-27itl6_firmwarethinkstation_p340_workstationthinkcentre_m70s_firmwarethinkcentre_m90q_gen_2thinkcentre_m70t_gen_3thinkcentre_m90q_tiny_firmwarethinkcentre_neo_30a_27_gen_3_firmwarethinkcentre_m70a_gen_3ideacentre_g5-14imb05_firmwarethinkstation_p330_workstationthinkcentre_m70qideacentre_5_14iab7_firmwareideacentre_aio_3-24alc6thinkstation_p340_workstation_firmwarev55t_gen_2_13acnloq_17irb8_firmwarethinkcentre_m90q_gen_3ideacentre_5_14irb8_firmwarethinkcentre_neo_30a_27_gen_3thinkcentre_m90t_gen_3_firmwarethinkcentre_m630ethinkcentre_m625qideacentre_aio_3-24imb05_firmwareyoga_aio_7_27arh7_firmwarethinkstation_p520_workstation_firmwareyoga_aio_7-27arh6v50t-13imbthinkstation_p360_workstationthinkcentre_m70a_gen_3_firmwarethinkcentre_m90a_pro_gen_3_firmwareloq_17irb8thinkstation_p350_workstationideacentre_mini_5_01iaq7thinkstation_p520c_workstationthinkstation_p350_workstation_firmwareideacentre_5-14iob6v30a-22itlthinkstation_p330_workstation_2nd_genv50a-24imb_firmwareideacentre_gaming_5_17acn7_firmwarethinkcentre_m70c_firmwarev55t_gen_2_13acn_firmwarethinkcentre_m90tthinkstation_p330_workstation_2nd_gen_firmwarethinkcentre_neo_50a_24_gen_4_firmwarethinkcentre_neo_30a_22_gen_4ideacentre_5-14iob6_firmwarelegion_t7_34irz8_firmwareideacentre_aio_3-22itl6_firmwarethinkcentre_m70s_gen_3_firmwarethinkedge_se30_firmwarethinkcentre_m80q_gen_3_firmwarethinkcentre_m920z_all-in-one_firmwarethinkcentre_neo_30a_27_gen_4legion_t5_26irb8v50a-22imbthinkstation_p350_tiny_workstationv50a-24imbthinkcentre_neo_30a_24_gen_3thinkcentre_m90sthinkstation_p358_workstation_firmwarethinkcentre_m70q_gen_2_firmwarev50s-07imbideacentre_creator_5-14iob6thinkcentre_m90a_gen_3thinkcentre_m75s_gen_2ideacentre_5-14acn6_firmwareideacentre_aio_3-24imb05ideacentre_gaming_5-14acn6thinkcentre_m80tthinkcentre_m70tideacentre_5-14imb05thinkcentre_m90a_gen_2_firmwarethinkcentre_m90a_pro_gen_3thinkcentre_m90a_firmwarethinkcentre_m625q_firmwareyoga_aio_7_27arh7ideacentre_aio_5_24iah7ideacentre_aio_3_21itl7ideacentre_aio_5_27iah7_firmwareideacentre_aio_3-27imb05thinkstation_p348_workstation_firmwareideacentre_aio_3-24itl6_firmwarethinkstation_p920_workstationideacentre_aio_3_22iap7_firmwarethinkstation_p330_workstation_firmwarethinkcentre_m75t_gen_2_firmwarethinkstation_p360_ultra_workstationideacentre_aio_3-22iil5yoga_aio_7-27arh6_firmwareideacentre_aio_5_24iah7_firmwarethinkcentre_neo_70t_gen_3_firmwarethinkcentre_m90a_gen_3_firmwareideacentre_aio_3_24iap7_firmwareideacentre_aio_3-24iil5ideacentre_gaming_5-14iob6thinkcentre_m90q_tinythinkcentre_neo_50t_gen_3thinkcentre_m70t_firmwarelegion_t7-34imz5_firmwareideacentre_mini_5_01iaq7_firmwareideacentre_g5-14imb05thinkcentre_neo_30a_27_gen_4_firmwareideacentre_aio_3-24iil5_firmwareideacentre_t540-15ama_gthinkcentre_neo_70t_gen_3ideacentre_aio_3-22itl6thinkstation_p358_workstationideacentre_aio_3_27iap7_firmwarethinkstation_p350_tiny_workstation_firmwarethinkstation_p360_ultra_workstation_firmwarethinkcentre_m90t_firmwarev30a-24imlthinkcentre_m80sthinkcentre_m70q_gen_2thinkcentre_m75s_gen_2_firmwarelegion_t7-34iaz7thinkcentre_m80q_firmwarelegion_t5_26iab7_firmwarelegion_t5_26iab7ideacentre_aio_3-27itl6thinkcentre_m90s_firmwarethinkcentre_m630e_firmwareideacentre_aio_3-22imb05v50t-13iob_firmwarethinkcentre_neo_30a_22_gen_3_firmwareideacentre_mini_5-01imh05thinkcentre_m80t_gen_3_firmwareideacentre_aio_3_22iap7ideacentre_gaming_5_17acn7ideacentre_aio_3_21itl7_firmwarethinkstation_p340_tiny_workstationthinkcentre_neo_30a_22_gen_3thinkcentre_m90s_gen_3thinkstation_p320_workstationthinkcentre_neo_50t_gen_3_firmwarethinkstation_p348_workstationideacentre_t540-15ama_g_firmwareideacentre_aio_3_27iap7ideacentre_g5-14amr05_firmwarethinkcentre_m75n_firmwarethinkcentre_m80qthinkedge_se30ideacentre_5_14iab7ideacentre_mini_5-01imh05_firmwarelegion_t7_34irz8thinkcentre_m75nthinkstation_p920_workstation_firmwarelegion_t7-34imz5v30a-24iml_firmwarethinkcentre_m70t_gen_3_firmwarethinkstation_p520_workstationv50t-13imh_firmwarethinkcentre_m920z_all-in-onethinkcentre_neo_30a_24_gen_3_firmwarethinkstation_p520c_workstation_firmwareideacentre_3-07ada05thinkcentre_m70cthinkcentre_neo_30a_24_gen_4v50t-13iobthinkstation_p360_tiny_workstation_firmwareideacentre_aio_3-22iil5_firmwarethinkstation_p720_workstationthinkcentre_m75q_gen_2thinkcentre_m90q_gen_3_firmwarethinkcentre_m90athinkcentre_neo_50a_24_gen_4thinkcentre_m80s_gen_3v30a-24itl_firmwareideacentre_aio_3-22imb05_firmwareideacentre_c5-14imb05thinkcentre_m90s_gen_3_firmwarethinkcentre_m70s_gen_3ideacentre_aio_3_24iap7thinkcentre_m90q_gen_2_firmwarethinkcentre_m80q_gen_3v30a-24itlv50a-22imb_firmwarethinkstation_p360_tiny_workstationthinkcentre_m70sthinkcentre_neo_50a_24_gen_3_firmwarev50s-07imb_firmwarev30a-22imlthinkcentre_neo_30a_24_gen_4_firmwareideacentre_aio_3-24itl6ideacentre_c5-14imb05_firmwareideacentre_aio_3-27imb05_firmwarethinkcentre_m80s_gen_3_firmwarelegion_t5_26irb8_firmwarev30a-22iml_firmwareideacentre_3-07ada05_firmwarev30a-22itl_firmwarethinkcentre_m75q_gen_2_firmwarethinkstation_p360_workstation_firmwarethinkstation_p340_tiny_workstation_firmwareideacentre_5-14imb05_firmwarev50t-13imb_firmwareideacentre_gaming_5_17iab7ideacentre_3-07imb05_firmwareideacentre_5_14irb8thinkstation_p720_workstation_firmwareideacentre_g5-14amr05ideacentre_aio_3-24alc6_firmwareideacentre_gaming_5-14iob6_firmwarethinkcentre_m80t_firmwarethinkstation_p320_workstation_firmwarethinkcentre_m90a_gen_2ideacentre_5-14acn6thinkcentre_neo_50a_24_gen_3thinkcentre_neo_30a_22_gen_4_firmwarethinkcentre_m80s_firmwareideacentre_aio_5_27iah7ideacentre_3-07imb05legion_t7-34iaz7_firmwareideacentre_gaming_5_17iab7_firmwareideacentre_gaming_5-14acn6_firmwarethinkcentre_m75t_gen_2ideacentre_creator_5-14iob6_firmwarethinkcentre_m90t_gen_3v50t-13imhDesktop BIOSdesktop_bios
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-43577
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 9.78%
||
7 Day CHG~0.00%
Published-08 Nov, 2023 | 22:38
Updated-02 Aug, 2024 | 19:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow was reported in the ReFlash module in some Lenovo Desktop products that may allow a local attacker with elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkcentre_m70q_firmwarethinkcentre_m80t_gen_3ideacentre_aio_3-27itl6_firmwarethinkstation_p340_workstationthinkcentre_m70s_firmwarethinkcentre_m90q_gen_2thinkcentre_m70t_gen_3thinkcentre_m90q_tiny_firmwarethinkcentre_neo_30a_27_gen_3_firmwarethinkcentre_m70a_gen_3ideacentre_g5-14imb05_firmwarethinkstation_p330_workstationthinkcentre_m70qideacentre_5_14iab7_firmwareideacentre_aio_3-24alc6thinkstation_p340_workstation_firmwarev55t_gen_2_13acnloq_17irb8_firmwarethinkcentre_m90q_gen_3ideacentre_5_14irb8_firmwarethinkcentre_neo_30a_27_gen_3thinkcentre_m90t_gen_3_firmwarethinkcentre_m630ethinkcentre_m625qideacentre_aio_3-24imb05_firmwareyoga_aio_7_27arh7_firmwarethinkstation_p520_workstation_firmwareyoga_aio_7-27arh6v50t-13imbthinkstation_p360_workstationthinkcentre_m70a_gen_3_firmwarethinkcentre_m90a_pro_gen_3_firmwareloq_17irb8thinkstation_p350_workstationideacentre_mini_5_01iaq7thinkstation_p520c_workstationthinkstation_p350_workstation_firmwareideacentre_5-14iob6v30a-22itlthinkstation_p330_workstation_2nd_genv50a-24imb_firmwareideacentre_gaming_5_17acn7_firmwarethinkcentre_m70c_firmwarev55t_gen_2_13acn_firmwarethinkcentre_m90tthinkstation_p330_workstation_2nd_gen_firmwarethinkcentre_neo_50a_24_gen_4_firmwarethinkcentre_neo_30a_22_gen_4ideacentre_5-14iob6_firmwarelegion_t7_34irz8_firmwareideacentre_aio_3-22itl6_firmwarethinkcentre_m70s_gen_3_firmwarethinkedge_se30_firmwarethinkcentre_m80q_gen_3_firmwarethinkcentre_m920z_all-in-one_firmwarethinkcentre_neo_30a_27_gen_4legion_t5_26irb8v50a-22imbthinkstation_p350_tiny_workstationv50a-24imbthinkcentre_neo_30a_24_gen_3thinkcentre_m90sthinkstation_p358_workstation_firmwarethinkcentre_m70q_gen_2_firmwarev50s-07imbideacentre_creator_5-14iob6thinkcentre_m90a_gen_3thinkcentre_m75s_gen_2ideacentre_5-14acn6_firmwareideacentre_aio_3-24imb05ideacentre_gaming_5-14acn6thinkcentre_m80tthinkcentre_m70tideacentre_5-14imb05thinkcentre_m90a_gen_2_firmwarethinkcentre_m90a_pro_gen_3thinkcentre_m90a_firmwarethinkcentre_m625q_firmwareyoga_aio_7_27arh7ideacentre_aio_5_24iah7ideacentre_aio_3_21itl7ideacentre_aio_5_27iah7_firmwareideacentre_aio_3-27imb05thinkstation_p348_workstation_firmwareideacentre_aio_3-24itl6_firmwarethinkstation_p920_workstationideacentre_aio_3_22iap7_firmwarethinkstation_p330_workstation_firmwarethinkcentre_m75t_gen_2_firmwarethinkstation_p360_ultra_workstationideacentre_aio_3-22iil5yoga_aio_7-27arh6_firmwareideacentre_aio_5_24iah7_firmwarethinkcentre_neo_70t_gen_3_firmwarethinkcentre_m90a_gen_3_firmwareideacentre_aio_3_24iap7_firmwareideacentre_aio_3-24iil5ideacentre_gaming_5-14iob6thinkcentre_m90q_tinythinkcentre_neo_50t_gen_3thinkcentre_m70t_firmwarelegion_t7-34imz5_firmwareideacentre_mini_5_01iaq7_firmwareideacentre_g5-14imb05thinkcentre_neo_30a_27_gen_4_firmwareideacentre_aio_3-24iil5_firmwareideacentre_t540-15ama_gthinkcentre_neo_70t_gen_3ideacentre_aio_3-22itl6thinkstation_p358_workstationideacentre_aio_3_27iap7_firmwarethinkstation_p350_tiny_workstation_firmwarethinkstation_p360_ultra_workstation_firmwarethinkcentre_m90t_firmwarev30a-24imlthinkcentre_m80sthinkcentre_m70q_gen_2thinkcentre_m75s_gen_2_firmwarelegion_t7-34iaz7thinkcentre_m80q_firmwarelegion_t5_26iab7_firmwarelegion_t5_26iab7ideacentre_aio_3-27itl6thinkcentre_m90s_firmwarethinkcentre_m630e_firmwareideacentre_aio_3-22imb05v50t-13iob_firmwarethinkcentre_neo_30a_22_gen_3_firmwareideacentre_mini_5-01imh05thinkcentre_m80t_gen_3_firmwareideacentre_aio_3_22iap7ideacentre_gaming_5_17acn7ideacentre_aio_3_21itl7_firmwarethinkstation_p340_tiny_workstationthinkcentre_neo_30a_22_gen_3thinkcentre_m90s_gen_3thinkstation_p320_workstationthinkcentre_neo_50t_gen_3_firmwarethinkstation_p348_workstationideacentre_t540-15ama_g_firmwareideacentre_aio_3_27iap7ideacentre_g5-14amr05_firmwarethinkcentre_m75n_firmwarethinkcentre_m80qthinkedge_se30ideacentre_5_14iab7ideacentre_mini_5-01imh05_firmwarelegion_t7_34irz8thinkcentre_m75nthinkstation_p920_workstation_firmwarelegion_t7-34imz5v30a-24iml_firmwarethinkcentre_m70t_gen_3_firmwarethinkstation_p520_workstationv50t-13imh_firmwarethinkcentre_m920z_all-in-onethinkcentre_neo_30a_24_gen_3_firmwarethinkstation_p520c_workstation_firmwareideacentre_3-07ada05thinkcentre_m70cthinkcentre_neo_30a_24_gen_4v50t-13iobthinkstation_p360_tiny_workstation_firmwareideacentre_aio_3-22iil5_firmwarethinkstation_p720_workstationthinkcentre_m75q_gen_2thinkcentre_m90q_gen_3_firmwarethinkcentre_m90athinkcentre_neo_50a_24_gen_4thinkcentre_m80s_gen_3v30a-24itl_firmwareideacentre_aio_3-22imb05_firmwareideacentre_c5-14imb05thinkcentre_m90s_gen_3_firmwarethinkcentre_m70s_gen_3ideacentre_aio_3_24iap7thinkcentre_m90q_gen_2_firmwarethinkcentre_m80q_gen_3v30a-24itlv50a-22imb_firmwarethinkstation_p360_tiny_workstationthinkcentre_m70sthinkcentre_neo_50a_24_gen_3_firmwarev50s-07imb_firmwarev30a-22imlthinkcentre_neo_30a_24_gen_4_firmwareideacentre_aio_3-24itl6ideacentre_c5-14imb05_firmwareideacentre_aio_3-27imb05_firmwarethinkcentre_m80s_gen_3_firmwarelegion_t5_26irb8_firmwarev30a-22iml_firmwareideacentre_3-07ada05_firmwarev30a-22itl_firmwarethinkcentre_m75q_gen_2_firmwarethinkstation_p360_workstation_firmwarethinkstation_p340_tiny_workstation_firmwareideacentre_5-14imb05_firmwarev50t-13imb_firmwareideacentre_gaming_5_17iab7ideacentre_3-07imb05_firmwareideacentre_5_14irb8thinkstation_p720_workstation_firmwareideacentre_g5-14amr05ideacentre_aio_3-24alc6_firmwareideacentre_gaming_5-14iob6_firmwarethinkcentre_m80t_firmwarethinkstation_p320_workstation_firmwarethinkcentre_m90a_gen_2ideacentre_5-14acn6thinkcentre_neo_50a_24_gen_3thinkcentre_neo_30a_22_gen_4_firmwarethinkcentre_m80s_firmwareideacentre_aio_5_27iah7ideacentre_3-07imb05legion_t7-34iaz7_firmwareideacentre_gaming_5_17iab7_firmwareideacentre_gaming_5-14acn6_firmwarethinkcentre_m75t_gen_2ideacentre_creator_5-14iob6_firmwarethinkcentre_m90t_gen_3v50t-13imhDesktop BIOS
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-28580
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.89%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:03
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in WLAN Host

Memory corruption in WLAN Host while setting the PMK length in PMK length in internal cache.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sw5100pqcs410_firmwaresa6150p_firmwaresa6155p_firmwareqam8295p_firmwareqcs610_firmwarewcd9370qca8081_firmwarear8035_firmwareqca6696wsa8830_firmwarewcd9340_firmwareqfw7124_firmwarewcd9341_firmwareqcc710_firmwarewsa8815_firmwaresa8195p_firmwarewcd9370_firmwareqca8337_firmwareqca8337wcn3660bqca6574au_firmwaresa8195pqca6595auwcd9340qam8295pwcd9341qca6574auwcn3950wsa8810_firmwarewcn3988wcn3980_firmwareqcn6274wcn3660b_firmwareqfw7124snapdragon_x75_5g_modem-rf_systemwsa8835qca6595au_firmwareqca6391_firmwaresw5100p_firmwaresa8295p_firmwareqca6696_firmwarewcd9380_firmwaresa6150pqcs410sa8155p_firmwareqca8081wsa8815video_collaboration_vc1_platform_firmwaresa8155pwcn3680b_firmwarewsa8830qcn6274_firmwaresa6145pqcc710sw5100_firmwarear8035qfw7114_firmwarefastconnect_6900fastconnect_7800_firmwareqca6391video_collaboration_vc1_platformqcn6224qfw7114wcn3950_firmwarefastconnect_6900_firmwaresa8295psnapdragon_8_gen_1_mobile_platformwcd9380sa6145p_firmwarefastconnect_7800sa8145p_firmwarewcn3680bsa8150psnapdragon_8_gen_1_mobile_platform_firmwaresa8150p_firmwarewcn3988_firmwaresa6155pvideo_collaboration_vc3_platform_firmwaresa8145pwsa8835_firmwarewsa8810snapdragon_x75_5g_modem-rf_system_firmwarewcn3980sw5100video_collaboration_vc3_platformqcn6224_firmwareqcs610Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2022-1892
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 9.61%
||
7 Day CHG~0.00%
Published-23 Jan, 2023 | 15:31
Updated-02 Apr, 2025 | 14:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow in the SystemBootManagerDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-yoga_s730-13imlideapad_3-17ada05_firmwareideapad_s940-14iilthinkbook_14p_g2_ach500w_gen_3ideapad_3-14ada05s145-15api_firmwareideapad_5_15aba7v14_g2-alcyoga_c640-13iml_firmwareideapad_slim_1-11ast-05_firmwareyoga_c940-15irh_firmwarev14_g2-alc_firmwareideapad_5_15aba7_firmware100w_gen_3_firmwareideapad_flex_5_16alc7_firmware14w_gen_2v130-15ikbflex_5-15iil05s145-14ast_firmware300e_2nd_gen_firmwareyoga_s730-13iml_firmwarev14-ada_firmwareideapad_1-14ada05yoga_c940-15irhthinkbook_13s_g2_are_firmwarethinkbook_14s-iml_firmware13w_yoga_firmwareideapad_1-14igl05thinkbook_16p_g2_achflex_5-15iil05_firmwareyoga_c640-13iml_lte_firmwareflex_5-15itl05_firmwareideapad_3-17alc6legion_s7-15arh5s540-13api_firmwarev130-15ikb_firmwares145-15ast_firmwarethinkbook_14-iil_firmwareideapad_3-15alc6ideapad_3-15ada05ideapad_slim_1-14ast-05_firmwareflex_5-15alc05ideapad_3-15ada6100e_2nd_genthinkbook_14s_g2_itl300w_gen_3ideapad_3-17ada6_firmware100e_2nd_gen_firmwareideapad_5-15alc05ideapad_3-17ada05flex_5-14are05s145-15astthinkbook_14-iil300e_2nd_genflex_5-14alc05yoga_c640-13iml_ltelegion_s7-15ach6_firmware730s-13iml_firmwareyoga_slim_7_pro-14ach5_firmwarethinkbook_13s_g3_acn_firmwareyoga_slim_7_pro-14ach5_ov15_g2-alc_firmwarelegion_s7-15arh5_firmwares145-15apiyoga_s940-14iilideapad_slim_1-14ast-05yoga_slim_7_pro-14ach5ideapad_3-14alc6_firmwarethinkbook_14s-imllegion_s7-15imh5thinkbook_14-iml_firmwarethinkbook_15-iml_firmware300w_gen_3_firmwarelegion_s7-15imh5_firmwarethinkbook_13s_g2_itllegion_s7-15ach6500w_gen_3_firmwarethinkbook_13s_g2_areideapad_3-14ada6ideapad_3-15ada6_firmware730s-13imlthinkbook_15-iil_firmwareideapad_3-17ada6ideapad_slim_1-11ast-05v15-ada_firmwareideapad_1-14igl05_firmwarethinkbook_16p_g2_ach_firmwareyoga_slim_7_pro-14arh5ideapad_1-11ada05_firmwarethinkbook_13s-iml_firmwareflex_5-15itl05thinkbook_13s-imlv15-adaideapad_flex_5_16alc714w_gen_2_firmwareideapad_flex_5_14alc7ideapad_1-11ada05ideapad_5-15alc05_firmwareflex_5-14iil05yoga_s940-14iil_firmwares145-14api_firmwarethinkbook_15-imlyoga_slim_7_pro-14ach5_o_firmwareyoga_slim_7_pro-14arh5_firmware100w_gen_3ideapad_3-14alc6thinkbook_14s_g2_itl_firmwarethinkbook_15-iilv15_g2-alcflex_3-11ada05s145-14astthinkbook_13s_g3_acnflex_5-14alc05_firmwareflex_3-11ada05_firmwarethinkbook_14p_g2_ach_firmwareideapad_1-14ada05_firmwareideapad_3-14ada05_firmwareflex_5-15alc05_firmwareflex_5-14itl05_firmwarev14-adaideapad_3-15alc6_firmwareideapad_3-14ada6_firmwareflex_5-14iil05_firmwareideapad_1-11igl05ideapad_3-15ada05_firmwareideapad_3-17alc6_firmwarethinkbook_13s_g2_itl_firmwareyoga_9-15imh5flex_5-14itl05ideapad_1-11igl05_firmwares540-13apiideapad_flex_5_14alc7_firmwarethinkbook_14-imlideapad_s940-14iil_firmwareflex_5-14are05_firmwareyoga_9-15imh5_firmwares145-14api13w_yogayoga_c640-13imlBIOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-12465
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.17% / 38.61%
||
7 Day CHG~0.00%
Published-29 Apr, 2020 | 18:52
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.

Action-Not Available
Vendor-n/aNetApp, Inc.Linux Kernel Organization, Inc
Product-linux_kernelcloud_backupsolidfire_\&_hci_management_nodeactive_iq_unified_managerhci_baseboard_management_controllerhci_compute_nodesolidfire_baseboard_management_controlleraff_baseboard_management_controllersteelstore_cloud_integrated_storagen/a
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-0977
Matching Score-4
Assigner-Trellix
ShareView Details
Matching Score-4
Assigner-Trellix
CVSS Score-6.7||MEDIUM
EPSS-0.18% / 40.38%
||
7 Day CHG~0.00%
Published-03 Apr, 2023 | 15:39
Updated-11 Feb, 2025 | 14:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A heap-based overflow vulnerability in Trellix Agent (Windows and Linux) version 5.7.8 and earlier, allows a remote user to alter the page heap in the macmnsvc process memory block resulting in the service becoming unavailable.

Action-Not Available
Vendor-Microsoft CorporationMusarubra US LLC (Trellix)Linux Kernel Organization, Inc
Product-windowslinux_kernelagentTrellix Agent
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-4028
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 9.78%
||
7 Day CHG~0.00%
Published-17 Aug, 2023 | 16:48
Updated-08 Oct, 2024 | 13:50
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow has been identified in the SystemUserMasterHddPwdDxe driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-ideapad_flex_5_16iau7ideapad_flex_5_14iau7_firmwarethinkbook_14s_g2_itl_firmwarethinkbook_13s_g2_itlthinkbook_13s_g2_areflex_5-15alc05thinkbook_14s_g2_itlideapad_flex_5_16iau7_firmwareideapad_flex_5_16abr8thinkbook_13s_g3_acnflex_7_14iru8flex_5-14alc05_firmwareideapad_1-14igl05_firmwareflex_7_14iru8_firmwarethinkbook_13s_g4_iap_firmwarethinkbook_13x_g2_iapideapad_flex_5_16alc7_firmwareflex_5-14are05ideapad_1-14ada05_firmwareideapad_1-11ada05_firmwareideapad_flex_5_16iru8ideapad_flex_5_16abr8_firmwareflex_5-14alc05flex_5-15iil05flex_5-15itl05ideapad_flex_5_14iau7flex_5-15alc05_firmwareflex_5-14itl05_firmwareideapad_flex_5_14abr8_firmwarethinkbook_13s_g3_acn_firmwareideapad_flex_5_14iru8_firmwareflex_5-14iil05_firmwareideapad_1-11igl05ideapad_flex_5_14iru8ideapad_flex_5_16alc7thinkbook_13s_g2_itl_firmwareyoga_9-15imh513w_yoga_gen_2ideapad_flex_5_14abr813w_yoga_gen_2_firmwareideapad_1-14ada05flex_5-14itl05thinkbook_13s_g2_are_firmwareideapad_1-11igl05_firmwareideapad_flex_5_14alc713w_yoga_firmwareideapad_1-11ada05ideapad_1-14igl05ideapad_flex_5_14alc7_firmwarethinkbook_13x_g2_iap_firmwareyoga_9-15imh5_firmwareflex_5-14are05_firmwareflex_5-15iil05_firmwareideapad_flex_5_16iru8_firmwareflex_5-14iil05flex_5-15itl05_firmware13w_yogathinkbook_13s_g4_iapLenovo Notebookflex_5-15itl05ideapad_flex_5_14iau7ideapad_5-14alc05ideapad_flex_5_16iau7ideapad_1-11igl05ideapad_flex_5_14iru8ideapad_flex_5_16alc7thinkbook_13s_g2_itlyoga_9-15imh5thinkbook_13s_g2_are13w_yoga_gen_2flex_5-15alc05ideapad_flex_5_14abr8thinkbook_14s_g2_itlideapad_1-14ada05ideapad_flex_5_16abr8flex_5-14itl05thinkbook_13s_g3_acnflex_7_14iru8ideapad_flex_5_14alc7ideapad_1-11ada05ideapad_1-14igl05ideapad_5-15alc05thinkbook_13x_g2_iapflex_7_14iau7_firmwareflex_5-14are05flex_5-14iil05ideapad_flex_5_16iru813w_yogathinkbook_13s_g4_iapflex_5-15iil05
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-33077
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.60%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 05:47
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in HLOS

Memory corruption in HLOS while converting from authorization token to HIDL vector.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sw5100pqcs410_firmwaresa6150p_firmwaresd865_5gsxr1120qcs8155_firmwaresnapdragon_xr1_platformqcs610_firmwarewcd9335sxr2130_firmwaresrv1mqca8081_firmwarewcd9370ar8035_firmwareqca6696wcd9340_firmwarewcd9341_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6320sa4150p_firmwareqcc710_firmwareqca6426wcn3610qcn9074sa4150pwsa8815_firmwaresa8195p_firmwareqca8337_firmwareqca8337qca6426_firmwareqca6574au_firmwareqam8295pwcd9341qca6574ausnapdragon_855_mobile_platformwcn3950wsa8810_firmwaresnapdragon_xr2_5g_platformsa9000p_firmwaresrv1hsnapdragon_835_mobile_pc_platform_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwarewcn3660b_firmwaresnapdragon_670_mobile_platform_firmwarefastconnect_6800_firmwaresnapdragon_710_mobile_platform_firmwaresa8295p_firmwaresd835_firmwaresa4155p_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psa8770pc-v2x_9150qca6584auqca6320_firmwareqcn6274_firmwareqcc710sw5100_firmwaresxr1120_firmwareqca6310_firmwarefastconnect_6800qfw7114_firmwarefastconnect_7800_firmwarefastconnect_6900video_collaboration_vc1_platformqfw7114snapdragon_x55_5g_modem-rf_systemfastconnect_6900_firmwareqca6310qam8255p_firmwarewcd9380sa6145p_firmwareqam8255psnapdragon_xr2_5g_platform_firmwaresa8150psnapdragon_8_gen_1_mobile_platform_firmwaresa6155psnapdragon_835_mobile_pc_platformwsa8810qam8650psnapdragon_865\+_5g_mobile_platformsa9000psrv1h_firmwaresw5100video_collaboration_vc3_platformaqt1000snapdragon_865_5g_mobile_platform_firmwarec-v2x_9150_firmwaresa6155p_firmwarewcd9326_firmwareqam8295p_firmwaresrv1m_firmwaresd855sd835wcn3990_firmwaresnapdragon_870_5g_mobile_platform_firmwareqfw7124_firmwareqca6698aq_firmwareqca6436_firmwaresnapdragon_wear_4100\+_platform_firmwarewcn3610_firmwaresa8255psnapdragon_855\+\/860_mobile_platform_firmwareqca6420snapdragon_865\+_5g_mobile_platform_firmwareqca6430wcd9370_firmwaresdx55_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3660bsxr2130sa8195pwcd9340qamsrv1msnapdragon_auto_5g_modem-rf_gen_2qam8650p_firmwaresnapdragon_855_mobile_platform_firmwareqca6420_firmwareaqt1000_firmwarewcn3988qca6584au_firmwaresd855_firmwareqcn6274qca6436qfw7124sa8775psnapdragon_x75_5g_modem-rf_systemwcd9335_firmwareqca6391_firmwarewcn3980_firmwarewsa8835qca6430_firmwaresnapdragon_870_5g_mobile_platformsw5100p_firmwaresa8775p_firmwareqamsrv1hqca6696_firmwaresnapdragon_865_5g_mobile_platformwcd9380_firmwaresa6150pwcd9326qcs410sa8155p_firmwareqca8081wsa8815sa8155pwsa8830qam8775psa6145pqcn9074_firmwaresa8255p_firmwarear8035sdx55qamsrv1m_firmwaresa8650p_firmwareqca6391qcn6224qca6698aqwcn3950_firmwaresa8770p_firmwaresa8295psnapdragon_670_mobile_platformsnapdragon_8_gen_1_mobile_platformsnapdragon_xr1_platform_firmwarefastconnect_6200sd670fastconnect_7800sa8145p_firmwaresa8650pqam8775p_firmwaresd865_5g_firmwaresnapdragon_710_mobile_platformwcn3680bqcs8155sa8150p_firmwaresnapdragon_855\+\/860_mobile_platformsnapdragon_w5\+_gen_1_wearable_platformwcn3988_firmwareqamsrv1h_firmwarevideo_collaboration_vc3_platform_firmwaresa8145pwcn3990snapdragon_wear_4100\+_platformwsa8835_firmwaresd670_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn3980fastconnect_6200_firmwarewsa8830_firmwarewcn3680b_firmwareqcn6224_firmwareqcs610Snapdragonsnapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-34419
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 9.74%
||
7 Day CHG~0.00%
Published-17 Aug, 2023 | 16:49
Updated-02 Aug, 2024 | 16:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow has been identified in the SetupUtility driver in some Lenovo Notebook products which may allow an attacker with local access and elevated privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-legion_pro_7_16irx8hlegion_7-16ithg6legion_5_15arh7_firmwarelegion_pro_7_16irx8h_firmwarelegion_5-17ach6hlegion_5-15ith6hlegion_5_pro_16arh7legion_5-15ach6legion_5-15ach6a_firmwarelegion_7-16ithg6_firmwarelegion_5-15ach6h_firmwarelegion_5_pro_16arh7hlegion_5_pro_16arh7h_firmwarelegion_5-15ith6_firmwarelegion_5-17ith6legion_s7_16arha7legion_5_pro-16ach6hlegion_5-17ach6legion_5-15ith6h_firmwarelegion_5-17ach6_firmwarelegion_7-16arha7thinkbook_15p_g2_ith_firmwarelegion_5_pro_16iah7h_firmwarelegion_5_pro-16ith6legion_5_15iah7hlegion_5-17ith6hlegion_5_pro-16ith6h_firmwarelegion_5-17ith6h_firmwarelegion_5_pro_16iah7legion_5_15arh7h_firmwarelegion_pro_7_16irx8_firmwarelegion_pro_7_16irx8legion_pro_5_16irx8_firmwarethinkbook_16p_g3_arhlegion_5_15iah7h_firmwarelegion_5-15ach6alegion_5-17ith6_firmwarelegion_5_pro-16ach6legion_5_15iah7_firmwarelegion_5_15iah7legion_5_pro_16arh7_firmwarelegion_5-15ith6legion_pro_5_16irx8thinkbook_16p_g3_arh_firmwarethinkbook_15p_g2_ithlegion_5_15arh7legion_5_pro-16ith6hlegion_5_pro-16ach6h_firmwarelegion_5-15ach6_firmwarelegion_s7_16arha7_firmwarelegion_5-17ach6h_firmwarelegion_5_pro_16iah7_firmwarelegion_5_pro_16iah7hlegion_5_pro-16ach6_firmwarelegion_7-16arha7_firmwarelegion_7-16achg6_firmwarelegion_5-15ach6hlegion_5_pro-16ith6_firmwarelegion_5_15arh7hlegion_7-16achg6Lenovo Notebook
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-32859
Matching Score-4
Assigner-MediaTek, Inc.
ShareView Details
Matching Score-4
Assigner-MediaTek, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 9.62%
||
7 Day CHG~0.00%
Published-04 Dec, 2023 | 03:46
Updated-17 Oct, 2024 | 16:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In meta, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08000473; Issue ID: ALPS08000473.

Action-Not Available
Vendor-Google LLCMediaTek Inc.
Product-mt6855mt8175mt6873mt6893mt8675mt6886mt8395mt8788mt6983mt8188tmt8666mt8167mt6765mt6883mt8390mt6835mt8768mt8789mt6761mt8797mt6889mt8321mt6768mt8362amt8786mt8766mt6985mt8167smt8188mt6833mt6885mt6877mt6781mt8365mt8195mt6853mt6895mt8168mt6789androidmt8185mt6779mt6785mt6879mt8173MT6761, MT6765, MT6768, MT6779, MT6781, MT6785, MT6789, MT6833, MT6835, MT6853, MT6855, MT6873, MT6877, MT6879, MT6883, MT6885, MT6886, MT6889, MT6893, MT6895, MT6983, MT6985, MT8167, MT8167S, MT8168, MT8173, MT8175, MT8185, MT8188, MT8188T, MT8195, MT8321, MT8362A, MT8365, MT8390, MT8395, MT8666, MT8675, MT8766, MT8768, MT8786, MT8788, MT8789, MT8797mt8797
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-33069
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.60%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 05:47
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in Audio

Memory corruption in Audio while processing the calibration data returned from ACDB loader.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwareqcs410_firmwaresa6150p_firmwaresd865_5gsnapdragon_429_mobile_platform_firmwareqcs610_firmwarewcd9335sxr2130_firmwaresrv1mqca8081_firmwarewcd9370ar8035_firmwareqca6696wcd9340_firmwaresnapdragon_888_5g_mobile_platformwcd9341_firmwareqca6320sd888_firmwareqcc710_firmwareqca6426wcn6740_firmwarefastconnect_6700qca6564auwcn3610qcn9074wsa8815_firmwaresa8195p_firmwareqca8337_firmwareqca8337qca6426_firmwaresnapdragon_1200_wearable_platform_firmwareqca9377_firmwareqca6574au_firmwareqam8295pwcd9341qca6574ausnapdragon_855_mobile_platformwcn3950wsa8810_firmwaresnapdragon_xr2_5g_platformsnapdragon_429_mobile_platformsa9000p_firmwaresrv1hsnapdragon_835_mobile_pc_platform_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computewcn3660b_firmwaresnapdragon_780g_5g_mobile_platformfastconnect_6800_firmwaresa8295p_firmwaresd835_firmwarevideo_collaboration_vc1_platform_firmwaresnapdragon_778g\+_5g_mobile_platformsa8770psnapdragon_780g_5g_mobile_platform_firmwarec-v2x_9150qca6584auqca6320_firmwareqcn6274_firmwaresd888qcc710wcn6740qca6310_firmwarefastconnect_6800qfw7114_firmwaresnapdragon_x5_lte_modem_firmwarefastconnect_7800_firmwarefastconnect_6900video_collaboration_vc1_platformqfw7114snapdragon_782g_mobile_platform_firmwarewcd9385_firmwaresnapdragon_x55_5g_modem-rf_systemfastconnect_6900_firmwareqca6310qam8255p_firmwarewcd9380sa6145p_firmwareqam8255psnapdragon_888_5g_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwaresa8150psnapdragon_778g_5g_mobile_platformmsm8996au_firmwaresa6155psnapdragon_835_mobile_pc_platformqca6564au_firmwarewsa8810qam8650psnapdragon_865\+_5g_mobile_platformsa9000psrv1h_firmwarevideo_collaboration_vc3_platformaqt1000sm7315_firmwaresnapdragon_865_5g_mobile_platform_firmwarec-v2x_9150_firmwaresa6155p_firmwarewcd9326_firmwareqam8295p_firmwaresrv1m_firmwaresd855sd835wcd9330_firmwarewcn3990_firmwaresm7315snapdragon_870_5g_mobile_platform_firmwareqfw7124_firmwareqca6564a_firmwareqca6436_firmwareqca6698aq_firmwaresnapdragon_wear_4100\+_platform_firmwarewcd9385mdm9650_firmwareqca9367_firmwarewcd9330snapdragon_7c\+_gen_3_compute_firmwarewcn3610_firmwaresa8255psnapdragon_855\+\/860_mobile_platform_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwareqca6420snapdragon_865\+_5g_mobile_platform_firmwareqca6430wcd9370_firmwaremdm9650qca9367snapdragon_x55_5g_modem-rf_system_firmwarewcn3660bqca6574asxr2130wcn3620_firmware9206_lte_modem_firmwaresa8195pwcd9340qamsrv1msnapdragon_820_automotive_platform_firmwaresnapdragon_auto_5g_modem-rf_gen_2sm7325pqam8650p_firmwaresnapdragon_855_mobile_platform_firmwareqca6420_firmwareaqt1000_firmwaresdm429wqca6584au_firmwaresd855_firmwareqcn6274qca6436qfw7124sa8775psnapdragon_1200_wearable_platformsnapdragon_x75_5g_modem-rf_systemqca6391_firmwarewcd9335_firmwarewsa8835qca6430_firmwaresnapdragon_870_5g_mobile_platformsa8775p_firmwaresnapdragon_782g_mobile_platformqamsrv1hqca6696_firmwaresnapdragon_865_5g_mobile_platformwcd9380_firmwaresa6150pwcd9326qcs410sa8155p_firmwareqca8081qca6564awsa8815mdm9628sa8155pwcn3980_firmwareqam8775pqca9377mdm9628_firmwarewsa8830sa6145pqcn9074_firmwaresa8255p_firmware9206_lte_modemsmart_audio_200_platform_firmwarear8035qca6574a_firmwareqamsrv1m_firmwaremsm8996ausa8650p_firmwarewcn3620wcd9375_firmwareqca6391qcn6224snapdragon_x5_lte_modemsnapdragon_778g_5g_mobile_platform_firmwareqca6698aqwcn3950_firmwaresa8770p_firmwaresa8295psmart_audio_200_platformfastconnect_6200fastconnect_7800sa8145p_firmwaresa8650pqam8775p_firmwaresd865_5g_firmwaresm7325p_firmwarewcn3680bsnapdragon_888\+_5g_mobile_platformwcd9375sa8150p_firmwaresnapdragon_855\+\/860_mobile_platformfastconnect_6700_firmwareqamsrv1h_firmwarevideo_collaboration_vc3_platform_firmwaresa8145pwcn3990snapdragon_wear_4100\+_platformsnapdragon_888\+_5g_mobile_platform_firmwarewsa8835_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn3980snapdragon_820_automotive_platformfastconnect_6200_firmwarewsa8830_firmwarewcn3680b_firmwareqcn6224_firmwareqcs610Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-33068
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 3.48%
||
7 Day CHG~0.00%
Published-06 Feb, 2024 | 05:47
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input in Audio

Memory corruption in Audio while processing IIR config data from AFE calibration block.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwareqcs410_firmwaresa6150p_firmwaresd865_5gsnapdragon_429_mobile_platform_firmwareqcs610_firmwarewcd9335sxr2130_firmwaresrv1mqca8081_firmwarewcd9370ar8035_firmwareqca6696wcd9340_firmwaresnapdragon_888_5g_mobile_platformwcd9341_firmwareqca6320sd888_firmwareqcc710_firmwareqca6426wcn6740_firmwarefastconnect_6700qca6564auwcn3610qcn9074wsa8815_firmwaresa8195p_firmwareqca8337_firmwareqca8337qca6426_firmwaresnapdragon_1200_wearable_platform_firmwareqca9377_firmwareqca6574au_firmwareqam8295pwcd9341qca6574ausnapdragon_855_mobile_platformwcn3950wsa8810_firmwaresnapdragon_xr2_5g_platformsnapdragon_429_mobile_platformsa9000p_firmwaresrv1hsnapdragon_835_mobile_pc_platform_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computewcn3660b_firmwaresnapdragon_780g_5g_mobile_platformfastconnect_6800_firmwaresa8295p_firmwaresd835_firmwarevideo_collaboration_vc1_platform_firmwaresnapdragon_778g\+_5g_mobile_platformsa8770psnapdragon_780g_5g_mobile_platform_firmwarec-v2x_9150qca6584auqca6320_firmwareqcn6274_firmwaresd888qcc710wcn6740qca6310_firmwarefastconnect_6800qfw7114_firmwaresnapdragon_x5_lte_modem_firmwarefastconnect_7800_firmwarefastconnect_6900video_collaboration_vc1_platformqfw7114snapdragon_782g_mobile_platform_firmwarewcd9385_firmwaresnapdragon_x55_5g_modem-rf_systemfastconnect_6900_firmwareqca6310qam8255p_firmwarewcd9380sa6145p_firmwareqam8255psnapdragon_888_5g_mobile_platform_firmwaresnapdragon_xr2_5g_platform_firmwaresa8150psnapdragon_778g_5g_mobile_platformmsm8996au_firmwaresa6155psnapdragon_835_mobile_pc_platformqca6564au_firmwarewsa8810qam8650psnapdragon_865\+_5g_mobile_platformsa9000psrv1h_firmwarevideo_collaboration_vc3_platformaqt1000sm7315_firmwaresnapdragon_865_5g_mobile_platform_firmwarec-v2x_9150_firmwaresa6155p_firmwarewcd9326_firmwareqam8295p_firmwaresrv1m_firmwaresd855sd835wcd9330_firmwarewcn3990_firmwaresm7315snapdragon_870_5g_mobile_platform_firmwareqfw7124_firmwareqca6564a_firmwareqca6436_firmwareqca6698aq_firmwaresnapdragon_wear_4100\+_platform_firmwarewcd9385mdm9650_firmwareqca9367_firmwarewcd9330snapdragon_7c\+_gen_3_compute_firmwarewcn3610_firmwaresa8255psnapdragon_855\+\/860_mobile_platform_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwareqca6420snapdragon_865\+_5g_mobile_platform_firmwareqca6430wcd9370_firmwaremdm9650qca9367snapdragon_x55_5g_modem-rf_system_firmwarewcn3660bqca6574asxr2130wcn3620_firmware9206_lte_modem_firmwaresa8195pwcd9340qamsrv1msnapdragon_820_automotive_platform_firmwaresnapdragon_auto_5g_modem-rf_gen_2sm7325pqam8650p_firmwaresnapdragon_855_mobile_platform_firmwareqca6420_firmwareaqt1000_firmwaresdm429wqca6584au_firmwaresd855_firmwareqcn6274qca6436qfw7124sa8775psnapdragon_1200_wearable_platformsnapdragon_x75_5g_modem-rf_systemqca6391_firmwarewcd9335_firmwarewsa8835qca6430_firmwaresnapdragon_870_5g_mobile_platformsa8775p_firmwaresnapdragon_782g_mobile_platformqamsrv1hqca6696_firmwaresnapdragon_865_5g_mobile_platformwcd9380_firmwaresa6150pwcd9326qcs410sa8155p_firmwareqca8081qca6564awsa8815mdm9628sa8155pwcn3980_firmwareqam8775pqca9377mdm9628_firmwarewsa8830sa6145pqcn9074_firmwaresa8255p_firmware9206_lte_modemsmart_audio_200_platform_firmwarear8035qca6574a_firmwareqamsrv1m_firmwaremsm8996ausa8650p_firmwarewcn3620wcd9375_firmwareqca6391qcn6224snapdragon_x5_lte_modemsnapdragon_778g_5g_mobile_platform_firmwareqca6698aqwcn3950_firmwaresa8770p_firmwaresa8295psmart_audio_200_platformfastconnect_6200fastconnect_7800sa8145p_firmwaresa8650pqam8775p_firmwaresd865_5g_firmwaresm7325p_firmwarewcn3680bsnapdragon_888\+_5g_mobile_platformwcd9375sa8150p_firmwaresnapdragon_855\+\/860_mobile_platformfastconnect_6700_firmwareqamsrv1h_firmwarevideo_collaboration_vc3_platform_firmwaresa8145pwcn3990snapdragon_wear_4100\+_platformsnapdragon_888\+_5g_mobile_platform_firmwarewsa8835_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn3980snapdragon_820_automotive_platformfastconnect_6200_firmwarewsa8830_firmwarewcn3680b_firmwareqcn6224_firmwareqcs610Snapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2023-33024
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 11.08%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-02 Aug, 2024 | 15:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Radio Interface Layer

Memory corruption while sending SMS from AP firmware.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sa6150p_firmware8998sa8145p_firmwareqca83378098qfw7124wcn785x-5qcn6224_firmwaresa8150p_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwareqca6426wcn685x-1wcn3990_firmwaresm8250-abwcn3998qam8295pwcn3660bqam8295p_firmware8998_firmwareqca6320_firmwaresnapdragon_x55_5g_modem-rf_systemqca6574au_firmwarewcn3680b_firmwareqca6595auwcn3998_firmwareqca8081_firmwareqfw7114wcn3610_firmwareqca6420qca6436_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa6155p_firmwareqca6310qca6698aqsa4155p_firmwaresm8250_firmwaresm8250-acwcn3988_firmwareqca6430sa6145p_firmwarewcd9340sa8195pwsa8810_firmwareqcn6224sw5100qca6436snapdragon_x75_5g_modem-rf_systemsa6155pwcd9335qca8081qca6698aq_firmwarewcn685x-1_firmwaresm8150_firmwaresxr2130_firmwarewcd9341qca6696_firmwareqca6390ar8035aqt1000sa8150pqcc710_firmwaresm8250-ac_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwaresm8150wcn3988wsa8815_firmwarewsa8835_firmwaresa8195p_firmwaresa8295p_firmwaresa4150pwcn785x-1wcn3610wcn3991qca8337_firmwarewcd9380_firmwarewcn3990sw5100psd865_5gsnapdragon_w5\+_gen_1_wearable_platformsm8150-acwsa8835snapdragon_auto_5g_modem-rfqcn6274wcd9380snapdragon_wear_4100\+_platform_firmwaresxr2130snapdragon_wear_4100\+_platformwcn685x-5_firmwareqca6310_firmwareqca6430_firmwarewcd9335_firmwareqfw7114_firmwarewcn3980wcd9340_firmwaresd855wsa8815qca6320snapdragon_xr2_5g_platform_firmwareqca6426_firmwarewcn3660b_firmwaresd835wcn785x-5_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresm8250-ab_firmwareqca6391wcn3980_firmwaresa8295paqt1000_firmwareqcn6274_firmwaresnapdragon_xr2_5g_platformsnapdragon_x75_5g_modem-rf_system_firmware8098_firmwarewcn685x-5wcn785x-1_firmwareqca6574ausa8155p_firmwarewcd9341_firmwarewsa8810sw5100p_firmwaresm8150-ac_firmwaresa6145pwcn3680bsd835_firmwareqcc710sa8145pqca6696qca6391_firmwaresa4150p_firmwaresa6150psa8155psm8250sw5100_firmwareqfw7124_firmwaresa4155par8035_firmwareSnapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-49829
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.02% / 2.13%
||
7 Day CHG~0.00%
Published-06 May, 2025 | 08:32
Updated-09 May, 2025 | 19:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Buffer Copy Without Checking Size of Input (`Classic Buffer Overflow`) in Camera

Memory corruption can occur during context user dumps due to inadequate checks on buffer length.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcd9380_firmwaresnapdragon_429_mobile_firmwarefastconnect_7800_firmwarewcn3620_firmwarewsa8835wcn3620sdm429w_firmwarewsa8830wsa8830_firmwarewsa8835_firmwarewcd9380snapdragon_8_gen_1_mobile_firmwaresnapdragon_429_mobilefastconnect_6900sdm429wfastconnect_6900_firmwaresnapdragon_8_gen_1_mobilewcn3660b_firmwarefastconnect_7800wcn3660bSnapdragon
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-29202
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
ShareView Details
Matching Score-4
Assigner-Hewlett Packard Enterprise (HPE)
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 21.58%
||
7 Day CHG~0.00%
Published-25 May, 2021 | 13:24
Updated-03 Aug, 2024 | 22:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 (iLO 4); HPE SimpliVity 380 Gen9; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers; HPE SimpliVity 380 Gen10; HPE SimpliVity 2600; HPE SimpliVity 380 Gen10 G; HPE SimpliVity 325; HPE SimpliVity 380 Gen10 H version(s): Prior to version 2.78.

Action-Not Available
Vendor-n/aHP Inc.
Product-proliant_dl360_gen10_serverproliant_dl325_gen10_plus_serverproliant_dl385_gen10_serverproliant_dl580_gen10_serverproliant_dl560_gen10_serverproliant_xl270d_gen10_serverproliant_bl460c_gen10_server_bladesimplivity_2600proliant_dl385_gen10_plus_serverintegrated_lights-out_4proliant_xl170r_gen10_serverproliant_ml350_gen10_serverproliant_dl120_gen10_serverproliant_dl380_gen10_serverproliant_xl450_gen10_serversimplivity_380_gen10_gproliant_ml30_gen10_serverproliant_xl230k_gen10_serverproliant_xl190r_gen10_serverproliant_ml110_gen10_serverintegrated_lights-out_5simplivity_380_gen9proliant_dl160_gen10_serversimplivity_380_gen10proliant_dl180_gen10_serverproliant_dl325_gen10_serverproliant_dl20_gen10_serversimplivity_325simplivity_380_gen10_hHPE Integrated Lights-Out 4 (iLO 4) For HPE Gen9 servers; HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-25469
Matching Score-4
Assigner-Samsung Mobile
ShareView Details
Matching Score-4
Assigner-Samsung Mobile
CVSS Score-6||MEDIUM
EPSS-0.02% / 3.46%
||
7 Day CHG~0.00%
Published-06 Oct, 2021 | 17:07
Updated-03 Aug, 2024 | 20:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A possible stack-based buffer overflow vulnerability in Widevine trustlet prior to SMR Oct-2021 Release 1 allows arbitrary code execution.

Action-Not Available
Vendor-Google LLCSamsungSamsung Electronics
Product-androidexynosSamsung Mobile Devices
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CWE ID-CWE-787
Out-of-bounds Write
CVE-2021-22301
Matching Score-4
Assigner-Huawei Technologies
ShareView Details
Matching Score-4
Assigner-Huawei Technologies
CVSS Score-6.7||MEDIUM
EPSS-0.03% / 7.64%
||
7 Day CHG~0.00%
Published-05 Feb, 2021 | 23:56
Updated-03 Aug, 2024 | 18:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Mate 30 10.0.0.203(C00E201R7P2) have a buffer overflow vulnerability. After obtaining the root permission, an attacker can exploit the vulnerability to cause buffer overflow.

Action-Not Available
Vendor-n/aHuawei Technologies Co., Ltd.
Product-mate_30mate_30_firmwareHUAWEI Mate 30
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2021-1966
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.06% / 18.52%
||
7 Day CHG~0.00%
Published-20 Oct, 2021 | 06:31
Updated-03 Aug, 2024 | 16:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible buffer overflow due to lack of length check of source and destination buffer before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-fsm10055wcn3991_firmwarewsa8830sm7250sa6150p_firmwaresa8145p_firmwareqcs610fsm10056qca8337sm7250_firmwarecsra6620fsm10055_firmwarewcn3950_firmwaresa8150p_firmwaresd765g_firmwareqca6420_firmwareqca6595au_firmwareqca6390_firmwaresa6155sd690_5gwcd9370csra6620_firmwarecsra6640_firmwareqcs6125_firmwarewcn3998sd_8cx_firmwarewcd9385_firmwarewcn3950sa8155qca6574au_firmwaresdx55_firmwareqca6595ausa6155_firmwarewcd9375_firmwarewcn3998_firmwarewcn3999_firmwareqca6420sa6155p_firmwarewcn3999qcs6125sa8155_firmwareqcs405qca6430wcn3988_firmwaresa6145p_firmwarewcd9340sa8195pwsa8810_firmwaresd765gsd765_firmwarefsm10056_firmwarewcn6851wcd9335sa6155pwcd9385wcd9341qca6696_firmwaresd750gsd870_firmwareqca6390ar8035sd_8cxaqt1000sa8150psd750g_firmwarewcd9375wsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988wcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwareqcm6125_firmwarewcn3991qca8337_firmwarewcd9380_firmwaresd865_5gqca6595sdx55m_firmwarewsa8835qca6574sd665_firmwarewcd9380qcs410qca6574asd690_5g_firmwareqca6430_firmwarewcd9335_firmwarewcn3980qca6574_firmwarewcd9340_firmwaresd855wsa8815wcn6850sd665sd_8c_firmwaresd765qca6574a_firmwaresd768g_firmwarewcn3980_firmwareqca6391sdx55maqt1000_firmwarear8031_firmwarewcn6851_firmwareqca6574ausa8155p_firmwarewcd9341_firmwareqcm6125wsa8810sd870qcs610_firmwaresd_8csa6145psd768gar8031qca6595_firmwareqcs405_firmwaresa8145pqca6696qca6391_firmwarewcd9370_firmwaresa6150psdx55sa8155pcsra6640qcs410_firmwarear8035_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2024-30164
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.04% / 10.78%
||
7 Day CHG~0.00%
Published-28 May, 2024 | 16:44
Updated-13 Feb, 2025 | 15:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Amazon AWS Client VPN has a buffer overflow that could potentially allow a local actor to execute arbitrary commands with elevated permissions. This is resolved in 3.11.1 on Windows, 3.9.1 on macOS, and 3.12.1 on Linux. NOTE: although the macOS resolution is the same as for CVE-2024-30165, this vulnerability on macOS is not the same as CVE-2024-30165.

Action-Not Available
Vendor-n/aApple Inc.CODESYS GmbHMicrosoft Corporation
Product-n/awindowslinuxmacos
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
  • Previous
  • 1
  • 2
  • Next
Details not found