Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2026-44636

Summary
Assigner-GitHub_M
Assigner Org ID-a0819718-46f1-4df5-94e2-005712e83aaa
Published At-14 May, 2026 | 20:01
Updated At-16 May, 2026 | 03:56
Rejected At-
Credits

libsixel: integer overflow in encoder

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixel_encode_highcolor's allocation size calculation can lead to a heap buffer overflow. The public sixel_encode entry point validates only that width and height are greater than zero, with no upper bound. width and height are multiplied as plain int when computing the allocation size for paletted_pixels and normalized_pixels. Any caller that asks libsixel to encode a pixel buffer with width times height greater than INT_MAX (about 2.15 billion) will hit a wrapped allocation size; under the right wrap, the malloc succeeds with a buffer much smaller than the encoder expects, and the encoder writes past the end of the heap allocation. This vulnerability is fixed in 1.8.7-r2.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:GitHub_M
Assigner Org ID:a0819718-46f1-4df5-94e2-005712e83aaa
Published At:14 May, 2026 | 20:01
Updated At:16 May, 2026 | 03:56
Rejected At:
▼CVE Numbering Authority (CNA)
libsixel: integer overflow in encoder

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixel_encode_highcolor's allocation size calculation can lead to a heap buffer overflow. The public sixel_encode entry point validates only that width and height are greater than zero, with no upper bound. width and height are multiplied as plain int when computing the allocation size for paletted_pixels and normalized_pixels. Any caller that asks libsixel to encode a pixel buffer with width times height greater than INT_MAX (about 2.15 billion) will hit a wrapped allocation size; under the right wrap, the malloc succeeds with a buffer much smaller than the encoder expects, and the encoder writes past the end of the heap allocation. This vulnerability is fixed in 1.8.7-r2.

Affected Products
Vendor
saitoha
Product
libsixel
Versions
Affected
  • >= 1.4.4, < 1.8.7-r2
Problem Types
TypeCWE IDDescription
CWECWE-122CWE-122: Heap-based Buffer Overflow
CWECWE-190CWE-190: Integer Overflow or Wraparound
Type: CWE
CWE ID: CWE-122
Description: CWE-122: Heap-based Buffer Overflow
Type: CWE
CWE ID: CWE-190
Description: CWE-190: Integer Overflow or Wraparound
Metrics
VersionBase scoreBase severityVector
3.17.4HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Version: 3.1
Base score: 7.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/saitoha/libsixel/security/advisories/GHSA-hx93-w8p2-ffh5
x_refsource_CONFIRM
Hyperlink: https://github.com/saitoha/libsixel/security/advisories/GHSA-hx93-w8p2-ffh5
Resource:
x_refsource_CONFIRM
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions

Configurations

Workarounds

Exploits

Credits

Timeline
EventDate
Replaced By

Rejected Reason

References
HyperlinkResource
https://github.com/saitoha/libsixel/security/advisories/GHSA-hx93-w8p2-ffh5
exploit
Hyperlink: https://github.com/saitoha/libsixel/security/advisories/GHSA-hx93-w8p2-ffh5
Resource:
exploit
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:security-advisories@github.com
Published At:14 May, 2026 | 20:17
Updated At:16 May, 2026 | 01:16

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, signed integer overflow in sixel_encode_highcolor's allocation size calculation can lead to a heap buffer overflow. The public sixel_encode entry point validates only that width and height are greater than zero, with no upper bound. width and height are multiplied as plain int when computing the allocation size for paletted_pixels and normalized_pixels. Any caller that asks libsixel to encode a pixel buffer with width times height greater than INT_MAX (about 2.15 billion) will hit a wrapped allocation size; under the right wrap, the malloc succeeds with a buffer much smaller than the encoder expects, and the encoder writes past the end of the heap allocation. This vulnerability is fixed in 1.8.7-r2.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.17.4HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 3.1
Base score: 7.4
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches

saitoha
saitoha
>>libsixel>>Versions from 1.4.4(inclusive) to 1.8.7-r2(exclusive)
cpe:2.3:a:saitoha:libsixel:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-122Secondarysecurity-advisories@github.com
CWE-190Secondarysecurity-advisories@github.com
CWE ID: CWE-122
Type: Secondary
Source: security-advisories@github.com
CWE ID: CWE-190
Type: Secondary
Source: security-advisories@github.com
Evaluator Description

Evaluator Impact

Evaluator Solution

Vendor Statements

References
HyperlinkSourceResource
https://github.com/saitoha/libsixel/security/advisories/GHSA-hx93-w8p2-ffh5security-advisories@github.com
Vendor Advisory
https://github.com/saitoha/libsixel/security/advisories/GHSA-hx93-w8p2-ffh5134c704f-9b21-4f2e-91b3-4a467353bcc0
Vendor Advisory
Hyperlink: https://github.com/saitoha/libsixel/security/advisories/GHSA-hx93-w8p2-ffh5
Source: security-advisories@github.com
Resource:
Vendor Advisory
Hyperlink: https://github.com/saitoha/libsixel/security/advisories/GHSA-hx93-w8p2-ffh5
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

540Records found

CVE-2025-9300
Matching Score-8
Assigner-VulDB
ShareView Details
Matching Score-8
Assigner-VulDB
CVSS Score-4.8||MEDIUM
EPSS-0.22% / 13.13%
||
7 Day CHG~0.00%
Published-21 Aug, 2025 | 13:02
Updated-24 Apr, 2026 | 13:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
saitoha libsixel img2sixel encoder.c sixel_debug_print_palette stack-based overflow

A vulnerability was found in saitoha libsixel up to 1.10.3. Affected by this issue is the function sixel_debug_print_palette of the file src/encoder.c of the component img2sixel. The manipulation results in stack-based buffer overflow. The attack must be initiated from a local position. The exploit has been made public and could be used. The patch is identified as 316c086e79d66b62c0c4bc66229ee894e4fdb7d1. Applying a patch is advised to resolve this issue.

Action-Not Available
Vendor-saitohasaitoha
Product-libsixellibsixel
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE ID-CWE-121
Stack-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-19637
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.24% / 65.81%
||
7 Day CHG~0.00%
Published-08 Dec, 2019 | 03:00
Updated-24 Apr, 2026 | 12:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_decode_raw_impl at fromsixel.c.

Action-Not Available
Vendor-saitohan/a
Product-libsixeln/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-19636
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.24% / 65.81%
||
7 Day CHG~0.00%
Published-08 Dec, 2019 | 03:00
Updated-24 Apr, 2026 | 12:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libsixel 1.8.2. There is an integer overflow in the function sixel_encode_body at tosixel.c.

Action-Not Available
Vendor-saitohan/a
Product-libsixeln/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-19638
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-1.21% / 64.95%
||
7 Day CHG~0.00%
Published-08 Dec, 2019 | 03:00
Updated-24 Apr, 2026 | 12:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in libsixel 1.8.2. There is a heap-based buffer overflow in the function load_pnm at frompnm.c, due to an integer overflow.

Action-Not Available
Vendor-saitohan/a
Product-libsixeln/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-44637
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-7.1||HIGH
EPSS-0.16% / 5.56%
||
7 Day CHG~0.00%
Published-14 May, 2026 | 20:02
Updated-15 May, 2026 | 17:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
libsixel: integer overflow in parser

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. From to 1.8.7-r1, a signed integer overflow in the SIXEL parser's image-buffer doubling loop can lead to an out-of-bounds heap write in sixel_decode_raw_impl. context->pos_x grows by repeat_count on every sixel character with no upper bound check. Once pos_x approaches INT_MAX, the expression "pos_x + repeat_count" used to size the image buffer overflows signed int. Depending on how the overflow wraps, the resize check that should reject oversized buffers can be bypassed, after which a subsequent write computes a large attacker-influenced offset into image->data and writes past the allocation. Reachable from any caller that decodes attacker-supplied SIXEL data, including img2sixel. This vulnerability is fixed in 1.8.7-r2.

Action-Not Available
Vendor-saitohasaitoha
Product-libsixellibsixel
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-787
Out-of-bounds Write
CVE-2026-33019
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-7.1||HIGH
EPSS-0.26% / 17.02%
||
7 Day CHG~0.00%
Published-14 Apr, 2026 | 21:49
Updated-23 Apr, 2026 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
libsixel: Integer overflow leads to Out-of-bounds Read in img2sixel

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow leading to an out-of-bounds heap read in the --crop option handling of img2sixel, where positive coordinates up to INT_MAX are accepted without overflow-safe bounds checking. In sixel_encoder_do_clip(), the expression clip_w + clip_x overflows to a large negative value when clip_x is INT_MAX, causing the bounds guard to be skipped entirely, and the unclamped coordinate is passed through sixel_frame_clip() to clip(), which computes a source pointer far beyond the image buffer and passes it to memmove(). An attacker supplying a specially crafted crop argument with any valid image can trigger an out-of-bounds read in the heap, resulting in a reliable crash and potential information disclosure. This issue has been fixed in version 1.8.7-r1.

Action-Not Available
Vendor-saitohasaitoha
Product-libsixellibsixel
CWE ID-CWE-125
Out-of-bounds Read
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2026-33020
Matching Score-6
Assigner-GitHub, Inc.
ShareView Details
Matching Score-6
Assigner-GitHub, Inc.
CVSS Score-7.1||HIGH
EPSS-0.21% / 10.58%
||
7 Day CHG~0.00%
Published-14 Apr, 2026 | 21:53
Updated-23 Apr, 2026 | 14:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
libsixel: Integer Overflow in write_png_to_file() leads to Heap-based Buffer Overflow

libsixel is a SIXEL encoder/decoder implementation derived from kmiya's sixel. Versions 1.8.7 and prior contain an integer overflow which leads to a heap buffer overflow via sixel_frame_convert_to_rgb888() in frame.c, where allocation size and pointer offset computations for palettised images (PAL1, PAL2, PAL4) are performed using int arithmetic before casting to size_t. For images whose pixel count exceeds INT_MAX / 4, the overflow produces an undersized heap allocation for the conversion buffer and a negative pointer offset for the normalization sub-buffer, after which sixel_helper_normalize_pixelformat() writes the full image data starting from the invalid pointer, causing massive heap corruption confirmed by ASAN. An attacker providing a specially crafted large palettised PNG can corrupt the heap of the victim process, resulting in a reliable crash and potential arbitrary code execution. This issue has been fixed in version 1.8.7-r1.

Action-Not Available
Vendor-saitohasaitoha
Product-libsixellibsixel
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2019-20205
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-8.8||HIGH
EPSS-1.04% / 60.31%
||
7 Day CHG~0.00%
Published-01 Jan, 2020 | 22:30
Updated-24 Apr, 2026 | 12:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

libsixel 1.8.4 has an integer overflow in sixel_frame_resize in frame.c.

Action-Not Available
Vendor-saitohan/a
Product-libsixeln/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2021-0876
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.09% / 0.61%
||
7 Day CHG~0.00%
Published-19 Apr, 2023 | 00:00
Updated-05 Feb, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In PVRSRVBridgePhysmemNewRamBackedLockedPMR of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270400229

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-0409
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.25% / 16.08%
||
7 Day CHG~0.00%
Published-10 Nov, 2020 | 12:48
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In create of FileMap.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.0 Android-8.1 Android-9Android ID: A-156997193

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2022-22089
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.12% / 2.09%
||
7 Day CHG~0.00%
Published-16 Sep, 2022 | 05:25
Updated-03 Aug, 2024 | 03:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory corruption in audio while playing record due to improper list handling in two threads in Snapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm8475_firmwaresm7450_firmwareqca8337_firmwarewcd9380_firmwaresdx65_firmwarewsa8830sw5100pwcn7851qca8337wsa8832_firmwarewcn6856_firmwaresdx65wcn3988_firmwarewsa8835wcd9380sw5100wsa8832wcn6855sw5100p_firmwareqca8081wcd9370wcn6856wcn7851_firmwarewcn6855_firmwarewcd9385wcn3980wcn6750wcd9385_firmwarear8035wcd9375wcd9370_firmwarewcn6750_firmwaresd_8_gen1_5g_firmwarewsa8830_firmwarewcn3988wsa8835_firmwaresm7450sw5100_firmwareqca8081_firmwaresm8475wcd9375_firmwaresm8475p_firmwarewcn3980_firmwarear8035_firmwaresm8475pSnapdragon Connectivity, Snapdragon Mobile, Snapdragon Wearables
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-55697
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.33% / 25.09%
||
7 Day CHG~0.00%
Published-14 Oct, 2025 | 17:01
Updated-26 Feb, 2026 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Azure Local Elevation of Privilege Vulnerability

Heap-based buffer overflow in Azure Local allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2025windows_server_2022_23h2Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2025Windows Server 2025 (Server Core installation)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2020-14363
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.57% / 43.61%
||
7 Day CHG~0.00%
Published-11 Sep, 2020 | 18:02
Updated-04 Aug, 2024 | 12:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow vulnerability leading to a double-free was found in libX11. This flaw allows a local privileged attacker to cause an application compiled with libX11 to crash, or in some cases, result in arbitrary code execution. The highest threat from this flaw is to confidentiality, integrity as well as system availability.

Action-Not Available
Vendor-The X11 ProjectFedora ProjectX.Org Foundation
Product-libx11fedoralibX11
CWE ID-CWE-416
Use After Free
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-13974
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.57% / 43.37%
||
7 Day CHG~0.00%
Published-09 Jun, 2020 | 04:06
Updated-04 Aug, 2024 | 12:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in this case.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-13603
Matching Score-4
Assigner-Zephyr Project
ShareView Details
Matching Score-4
Assigner-Zephyr Project
CVSS Score-6.9||MEDIUM
EPSS-0.23% / 14.25%
||
7 Day CHG~0.00%
Published-24 May, 2021 | 21:40
Updated-16 Sep, 2024 | 23:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow in memory allocating functions

Integer Overflow in memory allocating functions. Zephyr versions >= 1.14.2, >= 2.4.0 contain Integer Overflow or Wraparound (CWE-190). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-94vp-8gc2-rm45

Action-Not Available
Vendor-Zephyr Project
Product-zephyrzephyr
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-12362
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.36% / 28.21%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 00:00
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncIntel Corporation
Product-graphics_driverslinux_kernelIntel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-0033
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.4||HIGH
EPSS-0.16% / 5.58%
||
7 Day CHG~0.00%
Published-16 Feb, 2024 | 00:08
Updated-16 Dec, 2024 | 19:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In multiple functions of ashmem-dev.cpp, there is a possible missing seal due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-11306
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.18% / 8.20%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 06:20
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Possible integer overflow in RPMB counter due to lack of length check on user provided data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-wcn3991_firmwarewsa8830sd678sm6250p_firmwareqcs610qcs2290_firmwareqca6431_firmwaresd7c_firmwarewcd9360_firmwareqcs4290wcn3950_firmwaresd765g_firmwareqca6420_firmwareqcs2290qca6390_firmwaresd690_5gsd730_firmwarewcd9370sd_675_firmwaresd675_firmwareqca6426wcn3990_firmwareqca9984_firmwarewcn3998sd_8cx_firmwarewcd9371_firmwaresdxr2_5g_firmwarewcd9385_firmwaresm4125sd720gwcn3950whs9410qsm8350_firmwaresd662qsm8350sd460_firmwareqca6574au_firmwaresdx55_firmwarewcd9375_firmwarewcn3998_firmwarewcn3999_firmwaresm7250p_firmwareqca6420qca6436_firmwarewcd9360sd778gsa6155p_firmwarewhs9410_firmwarewcn3999sdxr2_5gsd662_firmwareqcs405qca6430wcn3988_firmwareqca6421sd778g_firmwaresm6250wcd9340sa8195psdm830_firmwarewsa8810_firmwaresd765gsd765_firmwareqca6436wcn6851sa6155pqcs4290_firmwarewcd9385wcd9341qca6431wcd9371sd750gsd870_firmwareqca6390ar8035sd_8cxaqt1000sd750g_firmwarewcd9375sm6250_firmwarewcn3910_firmwarewsa8830_firmwaresd855_firmwaresd865_5g_firmwarewcn3988sd888_5g_firmwarewcn6850_firmwarewsa8815_firmwarewsa8835_firmwaresa8195p_firmwarewcn6750_firmwareqcm2290_firmwarewcn3991wcd9380_firmwarewcn3990sd_675sd865_5gqca6595sdx24sdx55m_firmwarewcn6856_firmwaresd888wsa8835wcd9380sd888_5gsm6250pqcs410sd690_5g_firmwarewcn6855_firmwaresm7325psdx24_firmwareqca6430_firmwarewcn3980wcn6750wcd9340_firmwaresd855sm4125_firmwaresm7325p_firmwaresd7cwcn3910wcn6850wsa8815sd_8c_firmwaresd765qca6426_firmwareqca9984sd768g_firmwarewcn3980_firmwaresd730sd460qca6391sdx55mqca6421_firmwareaqt1000_firmwaresd678_firmwareqcm4290sd480_firmwarewcn6851_firmwareqca6574auwcd9341_firmwareqcm4290_firmwaresd480sd870wcn6855wsa8810qcs610_firmwarewcn6856qsm8250sd_8csd768gqca6595_firmwareqcs405_firmwareqca6391_firmwarewcd9370_firmwaresdx55sd888_firmwaresd675sm7250psdm830sd720g_firmwareqcs410_firmwarear8035_firmwareqcm2290qsm8250_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-54894
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 33.78%
||
7 Day CHG~0.00%
Published-09 Sep, 2025 | 17:00
Updated-20 Feb, 2026 | 16:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Local Security Authority Subsystem Service Elevation of Privilege Vulnerability

Local Security Authority Subsystem Service Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_server_2022windows_11_22h2windows_11_24h2windows_10_22h2windows_10_1607windows_10_21h2windows_11_23h2windows_server_2008windows_server_2012windows_server_2016windows_server_2019windows_server_2025windows_server_2022_23h2windows_10_1809Windows Server 2025Windows Server 2008 R2 Service Pack 1Windows 11 Version 23H2Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows Server 2012 R2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 Service Pack 2Windows Server 2012Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2021-0880
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.09% / 0.72%
||
7 Day CHG~0.00%
Published-19 Apr, 2023 | 00:00
Updated-06 Feb, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In PVRSRVBridgeRGXKickTA3D of the PowerVR kernel driver, a missing size check means there is a possible integer overflow that could allow out-of-bounds heap access. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-270396792

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-54091
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.42% / 33.81%
||
7 Day CHG~0.00%
Published-09 Sep, 2025 | 17:01
Updated-20 Feb, 2026 | 16:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Hyper-V Elevation of Privilege Vulnerability

Integer overflow or wraparound in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1507windows_server_2022windows_11_22h2windows_11_24h2windows_10_22h2windows_10_1607windows_10_21h2windows_11_23h2windows_server_2012windows_server_2016windows_server_2019windows_server_2025windows_server_2022_23h2windows_10_1809Windows Server 2025Windows 11 Version 23H2Windows Server 2012 (Server Core installation)Windows 10 Version 1809Windows Server 2022, 23H2 Edition (Server Core installation)Windows 11 version 22H3Windows Server 2016 (Server Core installation)Windows 10 Version 22H2Windows Server 2019Windows Server 2022Windows 10 Version 1607Windows 11 Version 24H2Windows Server 2025 (Server Core installation)Windows Server 2019 (Server Core installation)Windows Server 2016Windows 11 version 22H2Windows Server 2012 R2Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2012Windows Server 2012 R2 (Server Core installation)
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-12367
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.26% / 17.99%
||
7 Day CHG~0.00%
Published-17 Feb, 2021 | 13:50
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in some Intel(R) Graphics Drivers before version 26.20.100.8476 may allow a privileged user to potentially enable an escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-graphics_driversIntel(R) Graphics Drivers
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-11131
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.19% / 8.41%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Possible buffer overflow in WMA message processing due to integer overflow occurs when processing command received from user space' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8053, APQ8096AU, MDM9206, MDM9250, MDM9628, MDM9640, MDM9650, MSM8996AU, QCS405, SDA845, SDX20, SDX20M, WCD9330

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-mdm9206mdm9250_firmwaremdm9640_firmwareapq8096auwcd9330msm8996au_firmwareqcs405_firmwaresda845_firmwaresdx20mdm9628mdm9206_firmwaremdm9628_firmwaremdm9650qcs405apq8053apq8096au_firmwaremsm8996aumdm9650_firmwaresdx20_firmwaremdm9250sdx20m_firmwareapq8009_firmwareapq8009wcd9330_firmwareapq8053_firmwaresda845sdx20mmdm9640Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-53723
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.45% / 36.56%
||
7 Day CHG+0.03%
Published-12 Aug, 2025 | 17:10
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Hyper-V Elevation of Privilege Vulnerability

Numeric truncation error in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_1809windows_10_22h2windows_server_2012windows_server_2019windows_10_1507windows_server_2022_23h2windows_10_21h2windows_11_23h2windows_server_2022windows_server_2016windows_server_2025windows_11_24h2windows_10_1607windows_11_22h2Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2012Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2012 R2Windows Server 2025 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows 11 version 22H3Windows Server 2019Windows 10 Version 1607Windows Server 2022Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows 11 Version 24H2Windows Server 2016Windows 10 Version 1809
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-197
Numeric Truncation Error
CVE-2023-35312
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.49% / 39.15%
||
7 Day CHG-0.01%
Published-11 Jul, 2023 | 17:03
Updated-28 Feb, 2025 | 21:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability

Microsoft VOLSNAP.SYS Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows 10 Version 22H2Windows 10 Version 21H2Windows Server 2016 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows Server 2019Windows Server 2012Windows 10 Version 1809Windows Server 2008 R2 Service Pack 1Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 11 version 21H2Windows Server 2022Windows Server 2012 R2Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2016Windows Server 2019 (Server Core installation)Windows 10 Version 1607
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-35632
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-6.54% / 93.04%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 18:10
Updated-01 Jan, 2025 | 02:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_server_2012windows_server_2008windows_10_1507windows_10_22h2windows_server_2019windows_10_1607Windows 10 Version 1607Windows 10 Version 1507Windows 10 Version 21H2Windows Server 2008 R2 Service Pack 1Windows Server 2019 (Server Core installation)Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows Server 2012 R2Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows Server 2012Windows Server 2012 (Server Core installation)Windows Server 2019Windows Server 2012 R2 (Server Core installation)Windows 10 Version 22H2Windows Server 2016
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-11245
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.20% / 10.29%
||
7 Day CHG~0.00%
Published-07 Apr, 2021 | 07:55
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unintended reads and writes by NS EL2 in access control driver due to lack of check of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfs2580qpm5679_firmwareqpm5620_firmwareqdm2307qca6431_firmwareqfs2530qpm8870_firmwareqpa8802wcd9360_firmwareqpm6585_firmwarepm6125qat3519qbt2000_firmwareqat5522_firmwarewcn3950_firmwarepm8150aqtc800hqdm5670sdr8250_firmwareqcs2290qpa5581_firmwarepm7150lqpa8821pm8998_firmwaresmr546_firmwareqdm5671wtr5975_firmwareqpm4650_firmwareqat3518sd8cqpa5580_firmwaresdr425_firmwarewcn3998smr526_firmwarewcn3950sm4125qpa5460pm640a_firmwarewgr7640_firmwareqdm2305_firmwareqpm5670_firmwareqsw8574_firmwaresd460_firmwareqdm5652sd6905gqpa4360_firmwareqca6574au_firmwareqpm8870wcd9375_firmwarewcn3998_firmwareqpm5679qbt2000pm855pqca6420wcd9360pm6150awhs9410_firmwaresdr735gqpa5460_firmwarewcn3999pm8150bqdm3301_firmwareqsm7250sd662_firmwareqcs405qca6430qat3522pmr735awcd9340sdm830_firmwaresd765gqdm2308_firmwaresdr660qca6436wcn6851sa6155pqpa6560sdr865qdm5620_firmwarewcd9341smr545qca6431qln5020sd870_firmwaresd750gpmm855au_firmwarewcn3910_firmwareqpm5657pm6350qdm5621qtc800swsa8830_firmwaresd855_firmwareqet6105qdm5650wcn3988pm640p_firmwarewtr3925sa8195p_firmwaresmb1390wcn6750_firmwareqat5516_firmwarepm6150lsd8885gpm855l_firmwareqpa8686_firmwareqpm6585qtc410swcn3991wcd9380_firmwaresmb1355qln4650qpa8801sdr735g_firmwarewgr7640qet5100qdm5671_firmwareqpa8801_firmwarepm8150l_firmwareqat5533_firmwaresdx55m_firmwarepm8005_firmwaresdxr25gqpa8673_firmwarepm6150qet4101_firmwaresmb1354_firmwarepm7250bqln4642_firmwareqpa8842wcd9380smb1355_firmwarepm7250b_firmwarepmd9655_firmwaresmb1351_firmwarepm855p_firmwaresdr735pm7250smb1395qpa8803sdx24_firmwaresmr526wtr5975qca6430_firmwarepmk8003qtc801s_firmwarewcn3980qat3522_firmwaresdxr25g_firmwareqdm2301wcd9340_firmwarewsa8815wcn6850wcn3910qdm5621_firmwareqdm2301_firmwareqca6426_firmwarepm8350_firmwareqca9984pm8009wcn3980_firmwaresdx55mqca6421_firmwarepm8008qtm525_firmwareqat3518_firmwareqsw8574pmi8998sd6905g_firmwareqpm5621_firmwarepm855lwcn6851_firmwareqdm5670_firmwareqpa6560_firmwaresd8655gqpa8802_firmwarepm7150a_firmwarepm8150b_firmwareqpm5621qpm6582smr545_firmwarepm8009_firmwareqdm2310_firmwarepm4250_firmwareqfs2580_firmwareqcm4290_firmwaresd480sd870sd8885g_firmwarepm8150lpmi8998_firmwareqdm5677pm8005qsm8250pm855_firmwarepm4250pm855b_firmwareqca6595_firmwareqcs405_firmwareqpm6582_firmwarewtr2965qca6391_firmwarepm640l_firmwarewcd9370_firmwareqln4650_firmwareqat3516_firmwaresdx55sd675qet4101qat3555_firmwareqat3516qpa8803_firmwareqpm5658pm855bar8035_firmwareqcm2290qsm8250_firmwareqpm5658_firmwarewcn3991_firmwareqdm5652_firmwarewsa8830qet6110_firmwareqln5030pm6125_firmwareqcs2290_firmwareqbt1500pm4125qpa5581pmi632qpa2625_firmwarepmr735b_firmwarepmx24_firmwareqbt1500_firmwareqet5100_firmwareqet6100_firmwareqcs4290qet6100pmm855ausdr660gsd765g_firmwareqpa8686qca6420_firmwareqca6390_firmwaresmb1396pm7150awcd9370sd675_firmwarepm8350sdr425pmr525_firmwareqca6426wcn3990_firmwareqca9984_firmwarepmi632_firmwarewcd9385_firmwareqdm5650_firmwarewhs9410qat5516pm7250_firmwareqdm5620sd662qpa8821_firmwaresdr660g_firmwarepmk8002_firmwarepm3003asdx55_firmwareqat5533wcn3999_firmwaresm7250p_firmwareqca6436_firmwareqsm7250_firmwaresmb1354pm7150l_firmwareqdm2305sa6155p_firmwareqpm8820qat5515_firmwareqln5020_firmwarepm855qpm8830_firmwarepm8250qfs2530_firmwarewcn3988_firmwarepmx55pm8150c_firmwareqca6421qdm3301qpa8842_firmwareqat3519_firmwaresa8195psdr735_firmwarewsa8810_firmwareqpm5677qat5515sd765_firmwareqdm5677_firmwarepm6350_firmwarepm8004_firmwaresdr8150_firmwareqcs4290_firmwarewcd9385qtc800h_firmwareqpm5620qat3550_firmwareqln5040_firmwarepm4125_firmwareqca6390wcd9375sd750g_firmwareaqt1000ar8035qpa8673qdm2310pmm8195auqln5030_firmwareqln4642qpm5677_firmwarewsa8815_firmwarewtr3925_firmwaresmr525_firmwarepm8998smb1396_firmwarewcn6850_firmwareqpm8820_firmwarewsa8835_firmwaresmr546pmx24qet6110qln5040qcm2290_firmwareqpm8895qpm5670wcn3990pmx55_firmwareqca6595sdx24qpm8830qdm2307_firmwareqat5522wsa8835pm8150cpmr735bqpm5657_firmwareqpa4360pmk8003_firmwaresdr660_firmwaresmb1390_firmwareqdm5679_firmwaresmr525wcn6750pm6150l_firmwarepmr525pm8150a_firmwareqpm4650qtm525sd855sm4125_firmwaresd8cxpm6150a_firmwarepm6150_firmwaresd765pm640psd768g_firmwaresdr865_firmwareqat3555pm8250_firmwaresd460qca6391sd8cx_firmwaresmb1351aqt1000_firmwaresd8c_firmwareqpm8895_firmwarewtr2965_firmwareqcm4290pm640asdr8150sd480_firmwareqtc801ssmb1395_firmwarepmd9655qca6574auqet6105_firmwarepm8008_firmwaresd8655g_firmwarewcd9341_firmwarewsa8810qtc410s_firmwarepmr735a_firmwareqdm2308qat3550qdm5679sdr8250sd768gpm3003a_firmwareqtc800s_firmwarepm8004pm640lpmk8002qpa2625pmm8195au_firmwaresm7250psdm830qpa5580Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-35304
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.43% / 34.68%
||
7 Day CHG+0.01%
Published-11 Jul, 2023 | 17:03
Updated-01 Jan, 2025 | 01:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2019Windows 10 Version 22H2Windows Server 2016
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-35644
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-6.25% / 92.77%
||
7 Day CHG~0.00%
Published-12 Dec, 2023 | 18:10
Updated-01 Jan, 2025 | 03:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Sysmain Service Elevation of Privilege Vulnerability

Windows Sysmain Service Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_11_23h2Windows Server 2022Windows 10 Version 21H2Windows 11 version 22H3Windows 11 version 22H2Windows 11 Version 23H2Windows Server 2019 (Server Core installation)Windows Server 2022, 23H2 Edition (Server Core installation)Windows 10 Version 1809Windows 11 version 21H2Windows Server 2019Windows 10 Version 22H2
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-35305
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.43% / 34.68%
||
7 Day CHG+0.01%
Published-11 Jul, 2023 | 17:03
Updated-01 Jan, 2025 | 01:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Kernel Elevation of Privilege Vulnerability

Windows Kernel Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_10_1809windows_server_2016windows_11_21h2windows_10_22h2windows_server_2022windows_11_22h2windows_server_2019windows_10_1607Windows Server 2022Windows 10 Version 1607Windows 10 Version 21H2Windows 11 version 22H2Windows Server 2019 (Server Core installation)Windows 10 Version 1809Windows Server 2016 (Server Core installation)Windows 11 version 21H2Windows Server 2019Windows 10 Version 22H2Windows Server 2016
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2023-35337
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.44% / 35.37%
||
7 Day CHG+0.01%
Published-11 Jul, 2023 | 17:02
Updated-01 Jan, 2025 | 01:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Win32k Elevation of Privilege Vulnerability

Win32k Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_10_21h2windows_11_22h2windows_11_21h2windows_10_22h2windows_server_2022Windows Server 2022Windows 10 Version 21H2Windows 11 version 22H2Windows 11 version 21H2Windows 10 Version 22H2
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2022-1891
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-6.7||MEDIUM
EPSS-0.34% / 26.41%
||
7 Day CHG~0.00%
Published-23 Jan, 2023 | 15:25
Updated-03 Apr, 2025 | 16:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A buffer overflow in the SystemLoadDefaultDxe driver in some Lenovo Notebook products may allow an attacker with local privileges to execute arbitrary code.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkbook_15-imlthinkbook_14-iml_firmwareyoga_c640-13iml_firmwarethinkbook_15-iml_firmwarethinkbook_14-iil_firmwarethinkbook_14-imlthinkbook_15-iilyoga_c640-13imlyoga_c640-13iml_lte_firmwarethinkbook_14-iilthinkbook_15-iil_firmwareyoga_c640-13iml_lteBIOS
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
CVE-2020-11235
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.17% / 6.81%
||
7 Day CHG~0.00%
Published-09 Jun, 2021 | 05:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow might occur while parsing unified command due to lack of check of input data received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qfe3100qfe2080fc_firmwareqca9377_firmwareqpm5679_firmwarepmd9607_firmwareqca1023qfs2530qpm8870_firmwareqln1030pm6125mdm9645msm8992_firmwarewcn3950_firmwarepm8150aqdm5670qpm5541_firmwareqpa5581_firmwareqpa8821mdm8215qcs6125_firmwarepm456_firmwarewcn3998wcd9371_firmwarewcn3950mdm9206_firmwareqsw8573_firmwarewcn3660bsmb2351_firmwarepm855pwtr4605_firmwarepm6150aqca9367_firmwareipq8072_firmwaresa8155_firmwareipq8068qat3522qfe4455fcpmr735asdm830_firmwaresd765gsdr660qfe1045_firmwareqfe3345qfs2630_firmwaresdr865mdm9250_firmwareqdm5620_firmwareqca6696_firmwareqln5020mdm8215_firmwarepmm855au_firmwaresd_8cxpmm8920auqcn5501_firmwaresa8150pqfe3340sd660sd712pm640p_firmwareqcn5121wcn6750_firmwarepm6150lpm855l_firmwareqca6428_firmwareqtc410sipq4018_firmwareqca4531_firmwareqfe3335_firmwareqpa8801ipq8078qat5533_firmwareipq8173sdx55m_firmwareqpa8673_firmwaresd670_firmwareqfs2630pmm8996auqpm5579_firmwaresmb1380_firmwarepmk8350_firmwareqcn5024pm855p_firmwaresd690_5g_firmwaresmb1381pm7250wtr4905sdx24_firmwareqca9985qcn9012_firmwareqdm2301qca9890_firmwareqfe2101_firmwareqca6584_firmwareqdm5621_firmwareqpm6375sd_8c_firmwareipq6028ipq8064pmp8074qca1990wcn3980_firmwaresd730qfe3320_firmwarepm8008pm8350b_firmwaremdm9225pme605_firmwarepme605apq8064au_firmwaremdm9225mipq8078_firmwareqcn5054qln1021aq_firmwareqcs603qca6164_firmwareqln4640_firmwareqca9980qpm6582qcn9024_firmwareapq8084_firmwareqca9886_firmwarear8031wtr2965qca6164qca6391_firmwarepmx20_firmwareqca4024qat3516_firmwareapq8053qcn5021_firmwareqca9379pm855bsmb2351qpa5581qfe1040_firmwarecsrb31024qca9563_firmwaremdm9628_firmwaremdm9650qbt1500_firmwareqpm5870_firmwarepmk8001qet6100pmd9635_firmwaresmb1394_firmwareapq8009_firmwaresd690_5gmdm9310_firmwaresd675_firmwareipq8072qca6426qca9984_firmwareqca9377qpm5641sdxr2_5g_firmwarewtr2955rgr7640au_firmwarepm7250_firmwareqdm5620ipq8074aqca9982qcn5122_firmwareqat5533qcn6023_firmwaresm7250p_firmwarewcn3610_firmwareqsm7250_firmwareqpm6670pm7150l_firmwareqca6584aupm855pm8250qcn5052mdm9235m_firmwaremdm9607_firmwaremdm9655_firmwareqfs2530_firmwareqat3519_firmwareqpm5677qat5515qca9982_firmwareqtc800h_firmwarepmk7350_firmwareqpm5620mdm9625sd750g_firmwareaqt1000sm6250_firmwareqln4642msm8994ipq5010_firmwareipq8074a_firmwaremdm9625msd888_5g_firmwaresmr525_firmwarewsa8815_firmwareqpm8820_firmwareapq8017qpm6621_firmwaremdm9630_firmwarewtr2955_firmwareqbt1000_firmwarepm8019qca6595smb1398_firmwareqca9896_firmwareipq8065_firmwarepm8150cpmr735bsd665_firmwareqcn5154qpm5577_firmwareqdm5679_firmwareqca6310_firmwareapq8094_firmwarepm6150l_firmwaremdm9615qca6574_firmwareqcn5502_firmwaresd665pm6150a_firmwarepmd9607mdm9310wtr2965_firmwarecsrb31024_firmwareqfs2608qcn9070_firmwareqln1036aqipq6028_firmwareipq8072a_firmwareqca9889_firmwaresd710mdm9607mdm9645_firmwareqln1035bd_firmwaresdx20m_firmwareqca6564_firmwarewcn6740smb1350_firmwarepmk8002apq8096au_firmwareqcn9022sdm830smb1357qpa5580pm8018_firmwareqpm5579qfe2550qcn5550qdm2307qca6431_firmwareqpa8802wcd9360_firmwareqpm6585_firmwareqat3519qbt2000_firmwareipq8078asa8150p_firmwaresdr8250_firmwareqcn5064csra6620_firmwareqln1020csra6640_firmwarepmc1000hqat3518qca9987_firmwaresmr526_firmwareipq8076apm640a_firmwarewgr7640_firmwareqca4020qca6428qdm5652qcn5164_firmwareipq8071sa6155_firmwarewcd9360sdx20mqca6438_firmwareqpa8675_firmwarewtr1625lqpa5460_firmwarewcn3999qsm7250pm8996ipq4029_firmwareipq6010sd662_firmwareqdm2308_firmwareqca4020_firmwareqca6436wcn6851sa6155pqcs603_firmwarepmc7180ipq8068_firmwarepmi8952mdm9655qca6431qca9988_firmwarewcn3910_firmwareqfe1922sd855_firmwareqdm5650qfe2080fcsdr052sa8195p_firmwaresmb1390qca9898ipq4028qpa8686_firmwarewcd9380_firmwareqca7500_firmwarepm8350bhs_firmwarewgr7640csr6030qat5568qca7550_firmwareqdm5671_firmwareqpa8801_firmwareqtm527_firmwarepm8005_firmwareqca9558pm7250b_firmwarepmd9655_firmwaresmb1351_firmwaremdm9230pm8996_firmwareipq4019_firmwaresmb358sar8151smr526qca8072_firmwareqca6174pmk8003qca6430_firmwareqtc801s_firmwareqat3522_firmwarewcn3980qsw8573qcs605qbt1000mdm9225_firmwaresd7cwcn3910qca9986_firmwaresmb1394qca6426_firmwarepm8350_firmwarepm8009ipq8064_firmwareqat3518_firmwaresd821_firmwarepmi8998qfe2520ar8031_firmwarepm855lpmd9635qcn5502pm8150b_firmwaresd_636_firmwareqca9880pm670sd210_firmwarepm8005qcn3018qdm2302sdxr1apq8096auqcs405_firmwarepmi8996_firmwareqln4650_firmwareqet5100mqca9378a_firmwarepm8952qca9531_firmwareqat3516qpm5658ar8035_firmwareqpm5658_firmwareqcn5024_firmwarewcn3991_firmwareqdm5652_firmwareqfe4465fcqcn9070pmi632qca9378pm8350bh_firmwarepmr735b_firmwaresmb1360_firmwareqca9880_firmwarepm670l_firmwaresdr660gqfe2340ipq8069_firmwaresd730_firmwarewcd9370sdr425qcn9000_firmwareipq5018qca9369ar8151_firmwaresd_8cx_firmwareqpm5541qat5516qcn5124_firmwarepm8350bhqca6320_firmwarewcn3680b_firmwareqca6595auipq5010qdm2305sa6155p_firmwareqca6310pm8937qpm2630qca9990sdxr2_5gsmb1398qcn5501msm8994_firmwaresa6145p_firmwaresdr675ipq8071aipq8071a_firmwarewcd9385qat3550_firmwareqln5040_firmwarepm4125_firmwarear8035pm8019_firmwareapq8064auqca6694_firmwareqdm2310qfe2550_firmwareqcn9100_firmwareqln5030_firmwarepm8952_firmwaresd820smb1396_firmwarecsr6030_firmwarepmx24qfe1055qca8072qln5040qpm8895sdr845qtm527qfe3440fc_firmwarepmk8350qdm3302_firmwarepmc7180_firmwareqca9558_firmwaremsm8996aupm8994_firmwareqfe1035qpm5657_firmwaresd888_5gsm6250pqln1035bdpm855asdr660_firmwarepm8909_firmwareipq4018qca6574aqpm4640mdm9635mqet5100m_firmwareipq8076_firmwareqpm4650sa515mipq8076qfe1922_firmwareqca9887qca9378_firmwaresdr865_firmwareqfe4465fc_firmwarepm8250_firmwaresd460qca6391sdxr1_firmwaremdm9626pm660asdx50mpm640apm8916qdm4650ipq8074_firmwareqca6574ausa8155p_firmwareqsw6310qcm6125qpm2630_firmwaresmb231_firmwareqdm2308qat3550wcn6856sd835_firmwareqtc800s_firmwaresa6150pqcn9022_firmwareqpa8688_firmwareipq8070aqcn9072_firmwaresm7250psd720g_firmwareqpm4621_firmwareqca9896ipq4029sd850qln4640qfs2580mdm9640_firmwaresm6250p_firmwareipq4028_firmwareqfe4455fc_firmwareqca8337qdm5579ar9380ipq8173_firmwareqfs2608_firmwareqpa8688qcn5124qat5522_firmwaresc8180x\+sdx55qca6595au_firmwaresa6155pm7150lpm8998_firmwaresd_455_firmwareapq8076wtr5975_firmwareqpa5580_firmwareqcn6024_firmwaresd720gsm4125wtr1605pmm8920au_firmwareqsw8574_firmwaresd460_firmwaremdm9230_firmwarepm8953_firmwareqpa4360_firmwareqca8081_firmwareqfe2520_firmwarewcn3998_firmwareqca6420apq8053_firmwareqca9986qpm6670_firmwareipq8070_firmwareipq8065ipq8078a_firmwarepm660_firmwarepm8150bqca0000qfe2101qca6430wcd9340mdm9625_firmwaresmb1358qca9888_firmwarewcd9371smb1350qfe1055_firmwareqcn5154_firmwarewtr3950pm6350qdm5621ar7420_firmwareqtc800sqat3514_firmwaremdm9330_firmwareqca9992_firmwaresd865_5g_firmwaresd660_firmwareqcn5022_firmwareqcn7606_firmwareqat5516_firmwareqca9985_firmwarewcn3991qca9980_firmwarepm8150l_firmwarepm6150smb1354_firmwaremsm8976_firmwareqca6574qpa8842csr8811_firmwaresdr052_firmwarewcd9380qfe3100_firmwareqca9379_firmwareqpa8803pmd9645ipq6018_firmwarewcd9340_firmwarewsa8815wcn6850pmp8074_firmwareqdm2301_firmwaremdm9215_firmwaresd835pm660l_firmwarepm6250_firmwarewcn6740_firmwareqtm525_firmwareqcn5064_firmwareqca9890qpm5621_firmwareqca6234rsw8577qpa6560_firmwareqca9994qpa8802_firmwareqpm5621sd670ipq8174_firmwarepm8009_firmwareqfs2580_firmwarewcn6855qcn7605_firmwarepm8150lpmi8998_firmwaresa6145ppm660a_firmwareqca1023_firmwareqpm5577sdm630_firmwaresd820_firmwarepm8150wcd9370_firmwaresdx55csra6640pm8350bhsqat3555_firmwarepmi8994qpa8803_firmwareqca6234_firmwareqln1031qcn7606qpm5870pm8909qcn5500qfe1040wsa8830pm660qca9561qet6110_firmwareqdm5579_firmwareqpm6325pm6125_firmwareqbt1500qfe2340_firmwaresd_636pmx24_firmwareqca9378aqca9992pmm855aumdm9250qca6420_firmwaresmb1396pm7150apm8350qca6564qpa4361_firmwarepm8350c_firmwareqpa5461_firmwarewcn3990_firmwareqca4531wcd9385_firmwareqdm5650_firmwareqpa4340_firmwarewcd9326_firmwarewhs9410wcn3615_firmwaresdr845_firmwareqln1021aqsmb1380pmk8002_firmwareapq8094qsw6310_firmwaresa8155qca6584qdm4650_firmwareqln1031_firmwarepmm6155au_firmwaresdx55_firmwarewcn3615qfe1952qpm4641qat5515_firmwareipq8174qpm8830_firmwareqca9367qfe2082fc_firmwareapq8092sdm630qdm4643wcn3988_firmwarepmx55qpm4641_firmwareqcn9074pm8150c_firmwareqca6421qdm3301qpa8842_firmwaresa8195psdr735_firmwarepm8953qca6694qca7550qat3514wcd9326wcd9335pm6350_firmwareqcn6023pm8004_firmwaresdr8150_firmwareqpm4630qca6390qca9898_firmwarewcd9375msm8976sc8180x\+sdx55_firmwareqpm5677_firmwareapq8092_firmwaresdx20_firmwarewtr3925_firmwarepm8998pmk7350qln1020_firmwaremdm9235mpm670a_firmwareqcm6125_firmwareqca9882wtr1625l_firmwarepmx55_firmwaresd865_5gpm8150_firmwareqpm8830pmm8996au_firmwareqat5522qca9369_firmwareqpa4360pmk8003_firmwareqca8075_firmwareqpa4361ipq6005_firmwaremdm9206qpm4640_firmwarewcn6855_firmwarepm8350csmr525qca9888ipq8070a_firmwarepmr525pm8150a_firmwarewtr3950_firmwareqca9886qln1036aq_firmwarepm6150_firmwareqca6175asd765wtr3925lpmx20qca6574a_firmwareqpm4630_firmwareqat3555sd850_firmwareapq8009qpa5461qfe2082fcpm670_firmwareqtc801smdm9626_firmwareqca9531qpm5641_firmwareqfe3320qcn5122pm8008_firmwareqpm6621pmr735a_firmwarepmx50pm8018qfe3345_firmwareqcn5022sdr8250sd768gqln1030_firmwarepm8004pm640lqca8075qcn6024sd845mdm9615_firmwareipq6000_firmwaremdm9330qca6175a_firmwaresa6150p_firmwarepmi8996qpm5620_firmwareqfe1045qca9561_firmwareqca4024_firmwarepm855a_firmwareqtc800hqca6335qcs605_firmwaresd_675_firmwarewtr3905qdm5671qfe2330qpm4650_firmwaresdr425_firmwaremdm9628qpa5460qdm2305_firmwareqpm5670_firmwaresd710_firmwareqca6574au_firmwaremdm9630qpm8870wcd9375_firmwareqpm5679qbt2000pmx50_firmwarewhs9410_firmwaresdr735gqdm3301_firmwareqca7500qcs6125smb1360qcs405qca1990_firmwareqfe3440fcrsw8577_firmwareqcn3018_firmwareqpa6560sdr675_firmwarewcd9341sm7350_firmwareqdm4643_firmwarepm8937_firmwareqet4100_firmwaresd750gqdm3302qpm5657wtr1605_firmwareqpm5875_firmwarewsa8830_firmwarewcn3988qca6438wtr3925qet4100wcn3610mdm9640ipq5018_firmwareqpm6585qca8337_firmwaresmb1355ipq8072aqln4650qtc800t_firmwaremsm8996au_firmwaresdr735g_firmwarewcd9330ipq8076a_firmwareqet5100mdm9225m_firmwareqca6564auwcn6856_firmwareqcn5164pm8994qet4101_firmwarepm7250bqln4642_firmwarepmk8001_firmwareqca7520_firmwaresmb1355_firmwareqcn5054_firmwareqet4200aq_firmwaresdx50m_firmwaresdr735smb1395pm660lsmb358s_firmwarewtr5975wcd9335_firmwareqcn5052_firmwarepm7350c_firmwareqca6335_firmwareqca6320mdm9650_firmwarewcn3660b_firmwareqca9984qcn9024qpa8675qcn5550_firmwaresdr051_firmwaresdx55mwcd9330_firmwarepm670aqca6421_firmwarewtr3905_firmwareqsw8574wcn6851_firmwareqdm5670_firmwareipq8070pm7150a_firmwareqca9887_firmwarewtr3925l_firmwarepmc1000h_firmwareqca6564a_firmwareqdm2310_firmwarepmd9645_firmwareqcn5121_firmwareqdm5677ipq6018pm855_firmwarepmm6155aupm855b_firmwareqca6595_firmwareqpm6582_firmwareqpm6375_firmwarepm640l_firmwareqpm5875sa8155psd675wtr4605qet4101pm670lqfe2330_firmwarepmm8155au_firmwaresdr051qln5030qca7520pm4125qpa2625_firmwarepm456sd7c_firmwareqfe2081fc_firmwarecsra6620qet5100_firmwareqca9987qfe1100_firmwareqcn9072qpm4621qet6100_firmwaresd765g_firmwareqpa8686smb1358_firmwareqca6390_firmwareipq6000qca6174_firmwareqcn5152_firmwareqca0000_firmwarepmr525_firmwareqca6584au_firmwareapq8076_firmwareqfe3340_firmwarepmi632_firmwareqcn7605qca9563sd662qpa8821_firmwareqfe1952_firmwaresdr660g_firmwarepm3003awcn3999_firmwareqca6436_firmwareqtc800tsm7350smb1354qca6564au_firmwareqpm8820qfe2081fcqln5020_firmwaresa515m_firmwareapq8084sd821msm8992sm6250sd712_firmwareapq8017_firmwarewsa8810_firmwaresmb231qfe1100sd765_firmwareqdm5677_firmwareqca8081qet4200aqqca6174a_firmwareqpm6325_firmwareqdm2302_firmwarepmm8155aucsr8811qpa8673ipq4019sd210wcn6850_firmwarewsa8835_firmwareqca6564aqca9988qet6110pmi8952_firmwaremdm9635m_firmwareqpm5670wcn3990qcn9000sd_675mdm9625m_firmwarear9380_firmwaresdx24qcn9012pmi8994_firmwarepm8350bqdm2307_firmwarewsa8835rgr7640aupm8916_firmwareqca9889qca6174asmb1390_firmwareipq8074qca9994_firmwarewcn6750pm8956_firmwarepm7350cqtm525wtr6955ar7420qfe3335sd855sm4125_firmwarewtr6955_firmwarepm640pqcn5021ipq8069qcn5152sd768g_firmwaresmb1351smb1357_firmwareipq6005aqt1000_firmwareqcn9100qpm8895_firmwareqpa4340qfe1035_firmwareqca9882_firmwaresdr8150sdx20smb1395_firmwaremdm9215sd_455pmd9655wcd9341_firmwarewsa8810qtc410s_firmwareqcn5500_firmwareqat5568_firmwarewtr4905_firmwareqdm5679sd_8cwcn3680bipq6010_firmwarepm3003a_firmwareqca6696smb1381_firmwaresd845_firmwareqpa2625qca9990_firmwareipq8071_firmwareqcn9074_firmwarepm8956pm6250Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-11127
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.20% / 9.90%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Integer overflow can cause a buffer overflow due to lack of table length check in the extensible boot Loader during the validation of security metadata while processing objects to be loaded' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9205, QCM4290, QCS405, QCS410, QCS4290, QCS610, QSM8250, SA415M, SA515M, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SC8180X, SC8180X+SDX55, SC8180XP, SDA640, SDA845, SDA855, SDM1000, SDM640, SDM830, SDM845, SDM850, SDX24, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sm6115_firmwaresm7250sa6150p_firmwaresm6250p_firmwareqcs610sdm640sdm845sm7250_firmwaresdx24sdx55m_firmwaresm6115p_firmwaresm7150_firmwaresm6150qcs4290sa8150p_firmwaresm7150sm6250psa6155qcs410sda640_firmwaresc8180xsxr2130sdx50m_firmwaresm6115sm7150psdx24_firmwaresda845_firmwaresa415msm4250sc8180xpsm4125sm7225sa515msda855mdm9205sm6115psm4125_firmwaresa8155sdx55_firmwaresa6155_firmwaresdm1000sm7250p_firmwaresxr2130psda855_firmwaresdx55msm6150p_firmwaresda845sm6350sm7125sdm850_firmwaresm4250p_firmwaresa6155p_firmwaresxr2130p_firmwaresda640sa515m_firmwareqcm4290sdx50msa8155_firmwaresm8250_firmwaresc8180x_firmwaresa415m_firmwareqcs405sm6350_firmwaresa6145p_firmwaresc7180_firmwaresm4250_firmwaresm6250sa8155p_firmwaresa8195psdm830_firmwareqcm4290_firmwaresa6155pqcs610_firmwareqsm8250sa6145pqcs4290_firmwaresm8150_firmwaresxr2130_firmwaresm7150p_firmwaresm4250pqcs405_firmwaresc7180mdm9205_firmwaresc8180xp_firmwaresa8150psm7125_firmwaresm6250_firmwaresa6150psdx55sm6150_firmwaresa8155psm8250sm8150p_firmwaresm7225_firmwaresm8150sdm850sdm1000_firmwaresm7250psdm830sa8195p_firmwaresdm640_firmwareqcs410_firmwaresm8150psm6150pqsm8250_firmwaresdm845_firmwareSnapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-53149
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.70% / 49.14%
||
7 Day CHG~0.00%
Published-12 Aug, 2025 | 17:10
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel Streaming WOW Thunk Service Driver Elevation of Privilege Vulnerability

Heap-based buffer overflow in Kernel Streaming WOW Thunk Service Driver allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_server_2008windows_10_21h2windows_server_2022_23h2windows_10_1809windows_10_1507windows_server_2012windows_server_2025windows_11_22h2windows_server_2016windows_11_24h2windows_server_2019windows_10_22h2windows_server_2022windows_10_1607windows_11_23h2Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2012Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2008 Service Pack 2Windows Server 2008 R2 Service Pack 1Windows Server 2012 R2Windows Server 2025 (Server Core installation)Windows Server 2008 Service Pack 2 (Server Core installation)Windows Server 2016Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows 11 version 22H3Windows Server 2019Windows 10 Version 1607Windows Server 2022Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows 11 Version 24H2Windows Server 2008 R2 Service Pack 1 (Server Core installation)Windows 10 Version 1809
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2020-11205
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.20% / 9.90%
||
7 Day CHG~0.00%
Published-12 Nov, 2020 | 10:00
Updated-04 Aug, 2024 | 11:28
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

u'Possible integer overflow to heap overflow while processing command due to lack of check of packet length received' in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile in QSM8350, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155P, SA8195P, SDX55M, SM8250, SM8350, SM8350P, SXR2130, SXR2130P

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sa6145psm8350p_firmwaresa6155p_firmwaresm8350psxr2130p_firmwaresa6150p_firmwaresxr2130_firmwaresxr2130psm8350_firmwaresdx55m_firmwaresm8250_firmwaresa8150psa6150pqsm8350_firmwaresa8155psm8250sa6145p_firmwaresa8155p_firmwareqsm8350sa8195psa8150p_firmwaresa8195p_firmwaresa6155sm8350sa6155_firmwaresa6155psdx55msxr2130Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-0408
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.19% / 9.02%
||
7 Day CHG~0.00%
Published-14 Oct, 2020 | 13:05
Updated-04 Aug, 2024 | 06:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In remove of String16.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-156999009

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-33107
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.89% / 55.42%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-28 Oct, 2025 | 13:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Known KEV||Action Due Date - 2023-12-26||Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Integer Overflow or Wraparound in Graphics Linux

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-msm8996auqcs8155snapdragon_626_mobile_platform_firmwarewcn3990_firmwareaqt1000_firmwaresnapdragon_865\+_5g_mobile_platformqca6426_firmwareqcs6490snapdragon_750g_5g_mobile_platform_firmwarerobotics_rb5_platformsnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_wear_2100_platform_firmwareqcs5430sa8150p_firmwaresnapdragon_685_4g_mobile_platform_firmwaresnapdragon_778g\+_5g_mobile_platformsnapdragon_wear_3100_platformwcd9385qcn6024_firmwarewsa8835_firmwareqcn9074_firmwaresnapdragon_429_mobile_platformsnapdragon_208_processorwcn3680_firmwaremsm8108wcd9341_firmwarear8035_firmwareqca6698aq_firmwarewcn3660bqualcomm_205_mobile_platformqam8775p_firmwaresm8550pqcs8155_firmwaresnapdragon_480\+_5g_mobile_platformqca6391snapdragon_8\+_gen_2_mobile_platform_firmwarefastconnect_6900sa8145p_firmwareqca8081_firmwaresa9000pqam8295p_firmwarevision_intelligence_200_platformqca8081snapdragon_425_mobile_platform_firmwaresa8770psnapdragon_480\+_5g_mobile_platform_firmwareqca6574qca6431snapdragon_690_5g_mobile_platformsnapdragon_778g_5g_mobile_platform_firmwareqca6436_firmwaresmart_audio_400_platform_firmwaresnapdragon_730_mobile_platform_firmwaresa8775pwsa8830qcs5430_firmwareqcm6490qcs8550_firmwaresnapdragon_695_5g_mobile_platformqcs8250_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwarewcd9340snapdragon_w5\+_gen_1_wearable_platform_firmwareqcs8550snapdragon_212_mobile_platform_firmwaresnapdragon_660_mobile_platform_firmwareqca6564aqualcomm_215_mobile_platform_firmwareqcm6125_firmwaresnapdragon_210_processorsd730snapdragon_425_mobile_platformqcs4490qca6430sa8775p_firmwareqca6420_firmwaresm8550p_firmwaresnapdragon_695_5g_mobile_platform_firmwaresnapdragon_765_5g_mobile_platformsd888snapdragon_665_mobile_platformapq8064au_firmwaresd660_firmwarewcd9326_firmwaremsm8608_firmwarewcd9380_firmwaresnapdragon_855_mobile_platform_firmwaresnapdragon_auto_5g_modem-rf_firmwaresnapdragon_429_mobile_platform_firmwareqcs4290snapdragon_765g_5g_mobile_platform_firmwaresnapdragon_xr1_platform_firmwaresnapdragon_xr2\+_gen_1_platform_firmwareqca6595auqcn9012_firmwaresnapdragon_720g_mobile_platform_firmwareqcm4490snapdragon_xr1_platformsa8255psnapdragon_632_mobile_platform_firmwaresm6250qcm6490_firmwarewcd9395_firmwareqrb5165nsm7250p_firmwaresd855snapdragon_439_mobile_platform_firmwareqcm6125snapdragon_678_mobile_platformmsm8996au_firmwaresm7325pwsa8845_firmwareqcm4290snapdragon_636_mobile_platform_firmwarefastconnect_6200qcn9011_firmwaresa6150p_firmwaresnapdragon_888_5g_mobile_platformwcd9370_firmwaresnapdragon_480_5g_mobile_platformwcn6740snapdragon_678_mobile_platform_firmwaresnapdragon_730_mobile_platformqcs6125_firmwarefastconnect_6900_firmwaresnapdragon_662_mobile_platformsw5100pwsa8810_firmwareqca9377snapdragon_210_processor_firmwareqcs7230snapdragon_208_processor_firmwaresnapdragon_8_gen_2_mobile_platformsa8150psnapdragon_x20_lte_modem_firmwaresa4155psnapdragon_670_mobile_platform_firmwareqca6174a_firmwaresnapdragon_x24_lte_modem_firmwaresnapdragon_x12_lte_modem_firmwaresd626_firmwarewcn3620wcn3610_firmwaremsm8608snapdragon_8\+_gen_1_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresnapdragon_888\+_5g_mobile_platform_firmwaresnapdragon_ar2_gen_1_platformwsa8810sm4125_firmwaresmart_display_200_platform_firmwaresdm429w_firmwarec-v2x_9150snapdragon_685_4g_mobile_platformflight_rb5_5g_platform_firmwaresnapdragon_782g_mobile_platformqcn9024mdm9250_firmwarewcd9395wcn3680brobotics_rb3_platform_firmwaresnapdragon_670_mobile_platformar8031snapdragon_665_mobile_platform_firmwarecsra6620_firmwaresnapdragon_845_mobile_platform_firmwaresnapdragon_750g_5g_mobile_platformqcm4325_firmwaresm7315wcd9341flight_rb5_5g_platformqca6335robotics_rb3_platformar8035qcm2290_firmwareqcm8550wsa8832_firmwarewcn3680sd_675qca9377_firmwaresa8195p_firmwaresa6150psnapdragon_auto_4g_modemsdm429wwcn3988_firmwarewcn3660b_firmwaresa8155psnapdragon_778g_5g_mobile_platformsnapdragon_732g_mobile_platform_firmwaressg2125p_firmwaresdx55_firmwareqca6696_firmwarerobotics_rb5_platform_firmwaresnapdragon_460_mobile_platformwsa8832wcn3950_firmwarewcd9375sxr1120_firmwareqca6564video_collaboration_vc3_platformsnapdragon_675_mobile_platform_firmwareqcs2290qrb5165msm4125apq8017_firmwaresnapdragon_855\+\/860_mobile_platform_firmwaresnapdragon_855\+\/860_mobile_platformwcn3610qcs4290_firmwaresnapdragon_865_5g_mobile_platform_firmwarewcd9390_firmwareaqt1000sm7325p_firmwareqsm8250sd_675_firmwarewsa8815wcd9370sd865_5g_firmwaresmart_audio_200_platform_firmwaresnapdragon_636_mobile_platformwsa8815_firmwaresnapdragon_626_mobile_platformsnapdragon_8_gen_1_mobile_platformqualcomm_205_mobile_platform_firmwaresnapdragon_820_automotive_platform_firmwaresnapdragon_x65_5g_modem-rf_systemwcn3988snapdragon_625_mobile_platformqrb5165m_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcd9335snapdragon_662_mobile_platform_firmwaresnapdragon_4_gen_2_mobile_platformsd675qca6335_firmwaresnapdragon_xr2_5g_platform_firmwaresd_8_gen1_5gcsrb31024_firmwarefastconnect_6800msm8909w_firmwareqca6421_firmwaresd888_firmwareqca6574_firmwareqca6698aqsxr1230psxr2230psa8155wsa8845h_firmwaresnapdragon_675_mobile_platformmdm9650snapdragon_auto_5g_modem-rfsnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_x50_5g_modem-rf_systemqam8650pqca6320_firmwareqrb5165n_firmwaresd670_firmwaremsm8209sg4150p_firmwaresnapdragon_212_mobile_platformwcn6740_firmwaressg2125pwcd9371wcn3615sd855_firmwareqcn9012qca6420qca6430_firmwarewsa8845sw5100p_firmwaresnapdragon_439_mobile_platformvision_intelligence_300_platform_firmwaresxr1120fastconnect_7800_firmwareqca6391_firmwareqsm8250_firmwaresm7315_firmwaresnapdragon_855_mobile_platformcsra6640sa4150psa8255p_firmwareqca6595sd660snapdragon_765_5g_mobile_platform_firmwaresnapdragon_730g_mobile_platform_firmwarewcn3615_firmwaresnapdragon_888\+_5g_mobile_platformfastconnect_6700msm8209_firmwareqam8295psa6155snapdragon_x12_lte_modemar8031_firmwaresmart_audio_200_platformwsa8840snapdragon_xr2_5g_platformwcd9385_firmwaresnapdragon_680_4g_mobile_platformqam8775pqcm2290sdx20msnapdragon_8\+_gen_2_mobile_platformcsra6640_firmwarewsa8830_firmwareqcs6125qam8255p_firmwaresnapdragon_x24_lte_modemsg4150psd626snapdragon_660_mobile_platformqca6797aq_firmwaressg2115p_firmwareqcs410fastconnect_6800_firmwarevideo_collaboration_vc5_platformsnapdragon_4_gen_1_mobile_platform_firmwarefastconnect_6200_firmwareqcs4490_firmwaresnapdragon_780g_5g_mobile_platformqca6421snapdragon_auto_4g_modem_firmwaresd835_firmwaresnapdragon_wear_4100\+_platformsnapdragon_690_5g_mobile_platform_firmwaresnapdragon_wear_4100\+_platform_firmwaresnapdragon_680_4g_mobile_platform_firmwaresm6250_firmwaresg8275psnapdragon_845_mobile_platformqam8255psa8155p_firmwareqca6310_firmwareqca6595au_firmwaresa6155pqcs410_firmwareqcm4490_firmwaresnapdragon_ar2_gen_1_platform_firmwarewcn3910_firmwaresd670msm8108_firmwaresnapdragon_7c\+_gen_3_computeqca6426wsa8845hsw5100_firmwareqcn6024qcs610apq8064auapq8017mdm9650_firmwarewcn3910snapdragon_x20_lte_modemqcs7230_firmwarevision_intelligence_300_platformqca6574a_firmwaresnapdragon_732g_mobile_platformsxr2130snapdragon_625_mobile_platform_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcd9326qca6797aqsnapdragon_768g_5g_mobile_platformsnapdragon_8_gen_2_mobile_platform_firmwareqam8650p_firmwaresxr1230p_firmwaresnapdragon_710_mobile_platformwcn3620_firmwaresd730_firmwaresnapdragon_8\+_gen_1_mobile_platformqualcomm_215_mobile_platformwcn3980_firmwaresa8770p_firmwaresa8295p_firmwaresnapdragon_wear_2500_platformwcn3680b_firmwaresd835snapdragon_x55_5g_modem-rf_systemqcm4290_firmwaresd_8_gen1_5g_firmwareqca8337snapdragon_820_automotive_platformqcs610_firmwareqca6564_firmwaresnapdragon_630_mobile_platformsnapdragon_835_mobile_pc_platform_firmwaresxr2230p_firmwaresnapdragon_632_mobile_platformsnapdragon_870_5g_mobile_platformsmart_audio_400_platformqca6310qca6595_firmwaresmart_display_200_platformqcn9011qca6574au_firmwareqcm8550_firmwarewsa8835sdx20m_firmwaresa8155_firmwaresa6145pwcd9335_firmwaremsm8909wsnapdragon_865\+_5g_mobile_platform_firmwarewcd9390snapdragon_wear_2500_platform_firmwaresa4150p_firmwareqca6174asa9000p_firmwareqcm4325wcd9340_firmwareqcs6490_firmwaresa8195pssg2115pwcn3980video_collaboration_vc3_platform_firmwarevideo_collaboration_vc5_platform_firmwaresa6155_firmwaresdx55sa8295pfastconnect_6700_firmwareqcm5430_firmwareqca6564a_firmwareqcm5430qcs2290_firmwarevision_intelligence_400_platform_firmwaresg8275p_firmwarewcd9375_firmwaresnapdragon_768g_5g_mobile_platform_firmware315_5g_iot_modemsnapdragon_765g_5g_mobile_platformwcd9380qca6574ausa4155p_firmwaresa6145p_firmwarevideo_collaboration_vc1_platformsnapdragon_xr2\+_gen_1_platformsw5100qcn9024_firmwarevision_intelligence_100_platformcsra6620c-v2x_9150_firmwarewcn3990snapdragon_x50_5g_modem-rf_system_firmwareqca6436snapdragon_720g_mobile_platformcsrb31024snapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_870_5g_mobile_platform_firmwaresa6155p_firmwareqca6431_firmwareqcs8250sm7250pvision_intelligence_100_platform_firmwareqca8337_firmwaresd865_5gsxr2130_firmwaresd675_firmwarefastconnect_7800video_collaboration_vc1_platform_firmwaresnapdragon_460_mobile_platform_firmware315_5g_iot_modem_firmwareqca6564au_firmwareqca6696snapdragon_782g_mobile_platform_firmwarevision_intelligence_200_platform_firmwarevision_intelligence_400_platformqca6320snapdragon_865_5g_mobile_platformsnapdragon_wear_2100_platformqca6574asnapdragon_4_gen_1_mobile_platformsnapdragon_480_5g_mobile_platform_firmwaresnapdragon_730g_mobile_platformwsa8840_firmwareqca6564ausnapdragon_888_5g_mobile_platform_firmwarewcd9371_firmwaresnapdragon_710_mobile_platform_firmwaresnapdragon_835_mobile_pc_platformsnapdragon_w5\+_gen_1_wearable_platformsnapdragon_630_mobile_platform_firmwaresa8145pqcn9074wcn3950mdm9250snapdragon_wear_3100_platform_firmwareSnapdragonsnapdragon_780g_5g_mobile_platform_firmwaresnapdragon_626_mobile_platform_firmwarewcn3990_firmwareaqt1000_firmwareqca6320_firmwareqca6426_firmwareqrb5165n_firmwaresd670_firmwaresg4150p_firmwaresnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_x65_5g_modem-rf_system_firmwarewcn6740_firmwaresd855_firmwaresnapdragon_wear_2100_platform_firmwareqca6430_firmwaresa8150p_firmwaresw5100p_firmwareqcn6024_firmwareqcn9074_firmwarewsa8835_firmwarevision_intelligence_300_platform_firmwarefastconnect_7800_firmwareqca6391_firmwareqsm8250_firmwaresm7315_firmwarear8035_firmwareqca6698aq_firmwareqcs8155_firmwarewcd9341_firmwaresa8255p_firmwarewcn3680_firmwareqam8775p_firmwaresa8145p_firmwareqca8081_firmwareqam8295p_firmwaresnapdragon_425_mobile_platform_firmwarewcn3615_firmwaresnapdragon_778g_5g_mobile_platform_firmwareqca6436_firmwaremsm8209_firmwaresmart_audio_400_platform_firmwareqcs5430_firmwarear8031_firmwareqcs8550_firmwareqcs8250_firmwarewcd9385_firmwarewsa8830_firmwarequalcomm_video_collaboration_vc1_platform_firmwarecsra6640_firmwaresnapdragon_212_mobile_platform_firmwarequalcomm_video_collaboration_vc3_platform_firmwaresnapdragon_660_mobile_platform_firmwarequalcomm_215_mobile_platform_firmwareqcm6125_firmwareqam8255p_firmwaresa8775p_firmwareqca6420_firmwareqca6797aq_firmwaresm8550p_firmwaresnapdragon_695_5g_mobile_platform_firmwaressg2115p_firmwarefastconnect_6800_firmwareapq8064au_firmwaresnapdragon_4_gen_1_mobile_platform_firmwarefastconnect_6200_firmwaresd660_firmwarewcd9326_firmwaremsm8608_firmwareqcs4490_firmwarewcd9380_firmwaresnapdragon_auto_4g_modem_firmwaresnapdragon_855_mobile_platform_firmwaresd835_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_680_4g_mobile_platform_firmwaresm6250_firmwaresnapdragon_auto_5g_modem-rf_firmwaresnapdragon_429_mobile_platform_firmwaresa8155p_firmwareqca6310_firmwaresnapdragon_xr1_platform_firmwareqca6595au_firmwareqcs410_firmwareqcn9012_firmwaresnapdragon_720g_mobile_platform_firmwareqcm4490_firmwaresnapdragon_ar2_gen_1_platform_firmwarewcn3910_firmwaresnapdragon_632_mobile_platform_firmwareqcm6490_firmwaremsm8108_firmwarewcd9395_firmwaresm7250p_firmwaresw5100_firmwaresnapdragon_439_mobile_platform_firmwaremsm8996au_firmwaremdm9650_firmwarewsa8845_firmwaresnapdragon_636_mobile_platform_firmwarewcd9370_firmwareqcn9011_firmwaresa6150p_firmwareqcs7230_firmwareqca6574a_firmwarewsa8845h_firmwareqcs6125_firmwarefastconnect_6900_firmwaresnapdragon_625_mobile_platform_firmwaresnapdragon_x55_5g_modem-rf_system_firmwaresnapdragon_8_gen_2_mobile_platform_firmwaresxr1230p_firmwareqam8650p_firmwarewsa8810_firmwarequalcomm_video_collaboration_vc5_platform_firmwarewcn3620_firmwaresnapdragon_210_processor_firmwaresnapdragon_208_processor_firmwaresnapdragon_x20_lte_modem_firmwaresd730_firmwaresnapdragon_670_mobile_platform_firmwareqca6174a_firmwaresnapdragon_x24_lte_modem_firmwaresnapdragon_x12_lte_modem_firmwaresd626_firmwarewcn3980_firmwaresa8770p_firmwarewcn3610_firmwarewcn3680b_firmwareqcm4290_firmwaresd_8_gen1_5g_firmwareqcs610_firmwaresnapdragon_4_gen_2_mobile_platform_firmwareqca6564_firmwaresnapdragon_835_mobile_pc_platform_firmwaresxr2230p_firmwaresm4125_firmwaresdm429w_firmwareqca6595_firmwareflight_rb5_5g_platform_firmwareqca6574au_firmwaremdm9250_firmwareqcm8550_firmwaresdx20m_firmwaresa8155_firmwarewcd9335_firmwarerobotics_rb3_platform_firmwaresnapdragon_wear_2500_platform_firmwaresa4150p_firmwaresnapdragon_665_mobile_platform_firmwarecsra6620_firmwaresnapdragon_845_mobile_platform_firmwaresa9000p_firmwareqcm4325_firmwarewcd9340_firmwareqcm2290_firmwaresa6155_firmwarewsa8832_firmwareqca9377_firmwarefastconnect_6700_firmwareqcm5430_firmwareqca6564a_firmwareqcs2290_firmwaresa8195p_firmwarevision_intelligence_400_platform_firmwaresg8275p_firmwarewcd9375_firmwarewcn3660b_firmwarewcn3988_firmwaresdx55_firmwaressg2125p_firmwaresa4155p_firmwareqca6696_firmwarerobotics_rb5_platform_firmwaresa6145p_firmwareqcn9024_firmwarewcn3950_firmwarec-v2x_9150_firmwaresxr1120_firmwaresnapdragon_x50_5g_modem-rf_system_firmwaresnapdragon_675_mobile_platform_firmwaresa6155p_firmwaresnapdragon_8_gen_1_mobile_platform_firmwareapq8017_firmwareqca6431_firmwareqca8337_firmwareqcs4290_firmwaresd675_firmwaresnapdragon_865_5g_mobile_platform_firmwaresxr2130_firmwaresm7325p_firmwarewcd9390_firmware315_5g_iot_modem_firmwaresnapdragon_460_mobile_platform_firmwaresd_675_firmwareqca6564au_firmwaresd865_5g_firmwaresmart_audio_200_platform_firmwarewsa8815_firmwarequalcomm_205_mobile_platform_firmwaresnapdragon_820_automotive_platform_firmwaresnapdragon_480_5g_mobile_platform_firmwaresnapdragon_662_mobile_platform_firmwareqrb5165m_firmwarewsa8840_firmwareqca6335_firmwaresnapdragon_xr2_5g_platform_firmwaresnapdragon_888_5g_mobile_platform_firmwarewcd9371_firmwarecsrb31024_firmwaremsm8909w_firmwareqca6421_firmwareqca6574_firmwaresd888_firmwaresnapdragon_710_mobile_platform_firmwaresnapdragon_630_mobile_platform_firmwaresa8295p_firmwareqcs6490_firmwaresnapdragon_wear_3100_platform_firmwareMultiple Chipsets
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2025-53155
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-0.45% / 36.57%
||
7 Day CHG+0.03%
Published-12 Aug, 2025 | 17:10
Updated-26 Feb, 2026 | 17:49
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Hyper-V Elevation of Privilege Vulnerability

Heap-based buffer overflow in Windows Hyper-V allows an authorized attacker to elevate privileges locally.

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_24h2windows_10_1507windows_server_2019windows_server_2025windows_10_22h2windows_server_2016windows_server_2012windows_10_1607windows_server_2022_23h2windows_11_22h2windows_server_2022windows_10_21h2windows_11_23h2windows_10_1809Windows Server 2019 (Server Core installation)Windows 10 Version 21H2Windows 10 Version 22H2Windows 11 Version 23H2Windows Server 2012Windows Server 2022, 23H2 Edition (Server Core installation)Windows Server 2012 R2Windows Server 2025 (Server Core installation)Windows Server 2012 R2 (Server Core installation)Windows 11 version 22H2Windows 11 version 22H3Windows Server 2019Windows 10 Version 1607Windows Server 2022Windows 10 Version 1507Windows Server 2012 (Server Core installation)Windows Server 2025Windows Server 2016 (Server Core installation)Windows 11 Version 24H2Windows Server 2016Windows 10 Version 1809
CWE ID-CWE-122
Heap-based Buffer Overflow
CVE-2020-0346
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.16% / 5.35%
||
7 Day CHG~0.00%
Published-17 Sep, 2020 | 20:52
Updated-04 Aug, 2024 | 05:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In Mediaserver, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege if integer sanitization were not enabled (which it is by default), with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-147002762

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2024-0018
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-8.4||HIGH
EPSS-0.12% / 2.40%
||
7 Day CHG~0.00%
Published-16 Feb, 2024 | 19:33
Updated-16 Dec, 2024 | 19:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In convertYUV420Planar16ToY410 of ColorConverter.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

Action-Not Available
Vendor-Google LLC
Product-androidAndroidandroid
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33018
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-7.8||HIGH
EPSS-0.11% / 1.52%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow to Buffer Overflow in User Identity Module

Memory corruption while using the UIM diag command to get the operators name.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-sdm429w_firmwaresnapdragon_x20_lte_modemsd865_5gmdm9215_firmwaresnapdragon_xr1_platformqca8081_firmwaresm7250-absnapdragon_x50_5g_modem-rf_systemwcd9340_firmwarewcd9395_firmwareqcn6024sdm845qcc710_firmwareqca6426sc8180x-abwcn3610sm7325-ae_firmwarewsa8832_firmwareqca8337qca6426_firmwarewcd9395qca6574au_firmwarewcn785x-59207_lte_modem_firmwarewcd9341sd626_firmwaresnapdragon_x12_lte_modemsnapdragon_1100_wearable_platformwsa8810_firmwaresd730_firmwarewsa8845h_firmwaresdm670qcs5430sm8150-acsm6375_firmwaresd835_firmwaresnapdragon_4_gen_2_mobile_platform_firmwaresm7150-acqcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresm6375msm8108sm7250-aa_firmwaresc8180xp-acvideo_collaboration_vc1_platformwcd9385_firmwareqca6421qca6310snapdragon_630_mobile_platformwcd9360apq8053-aa_firmwaresa6155psm7150-ac_firmwareqca6564au_firmwaresd820mdm8207sm7325_firmwaresa6155p_firmwaremdm9640_firmwareqca6390_firmwaresd835qca6436_firmwaresnapdragon_wear_4100\+_platform_firmwaresc8180x-afsnapdragon_8_gen_2_mobile_platformsnapdragon_7c\+_gen_3_compute_firmwareqts110sm4125_firmwaresm8250-ac_firmwareqca6420wcn3910mdm9205s_firmwarecsrb31024snapdragon_x70_modem-rf_system_firmwareqca9367snapdragon_wear_3100_platform_firmwaresnapdragon_845_mobile_platformmdm9250_firmwaresnapdragon_x55_5g_modem-rf_system_firmwarewcn3660bqca6574asm7325-aewcn3620_firmwareqca6174aqca6584_firmwarewcd9340snapdragon_630_mobile_platform_firmwareqcm2290sm6150-acsm6225snapdragon_auto_5g_modem-rf_gen_2sc8180xp-aa_firmwaresm8150-ac_firmwaresm8550p_firmwarewcn3998_firmwareqcm8550snapdragon_x20_lte_modem_firmwarewcn3988qcn9024mdm8615mqca6574sm7325-afsnapdragon_x75_5g_modem-rf_systemsdm710_firmwaresdx57msc8180xp-ac_firmwareqcs410qcm2290_firmwaremdm8215m_firmwaresa8155pwsa8830sm8550psa6145pwcn785x-1_firmwaremdm8215mmdm8215msm8996auwcn3620snapdragon_208_processor_firmwaresnapdragon_x5_lte_modemqm215_firmwarewcn3950_firmwaremdm9205ssc7180-acsm7325p_firmwaresd460wcd9360_firmwares820a_firmwaremdm9615mvideo_collaboration_vc3_platform_firmwaresd670_firmwaresm7150-aaqcn6224_firmwareqca6431sd660_firmwaresdx57m_firmwaresm6350sxr2130_firmwarear8035_firmwareapq8009_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6320sd888_firmwaremdm9215snapdragon_662_mobile_platform_firmwarewcd9306qcs6125_firmwaresdm712_firmwarewsa8815_firmwaresm8250-abqca8337_firmwaresnapdragon_x12_lte_modem_firmwaresm7325sm8350-ac_firmwaresm7250p_firmwarewcn3680_firmwarewcn785x-5_firmwarewcn3950sm4250-aasnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresm4350_firmwaresm7350-ab_firmwarewcn3991apq8037sd_675_firmwaresm7250pcsrb31024_firmwaresa8155sm7150-aa_firmwaresnapdragon_845_mobile_platform_firmwaresd888sd460_firmwaresnapdragon_4_gen_2_mobile_platformwcn685x-5qca6310_firmwaresd626sm8250-acs820awcd9371sc8180xp-aasnapdragon_xr2_5g_platform_firmwarevision_intelligence_300_platform_firmwaresm7350-absm8350_firmwarevideo_collaboration_vc3_platformsnapdragon_212_mobile_platformqca6431_firmwaresm7225_firmware9205_lte_modem_firmwaresm6125qca6698aq_firmwareqcs22908998_firmwareqcs2290_firmwarewcn3615qca9367_firmwaremdm9615m_firmwarewcn3680wcd9390_firmwaresc8180xp-abwcn6750qca6430wcn6750_firmwaresc8180xp-ad_firmwaresnapdragon_auto_5g_modem-rfsnapdragon_208_processorsm7250-ab_firmwaresnapdragon_1100_wearable_platform_firmware9206_lte_modem_firmwaremsm8108_firmwarecsra6640_firmwaresm4350wcn3998qca6420_firmwareqcs6490_firmwaresm8450snapdragon_x65_5g_modem-rf_systemsd855_firmwarewcd9335_firmwaremdm9640qca6436wcn3980_firmwaresnapdragon_1200_wearable_platformsnapdragon_x24_lte_modem_firmwarewsa8835qca6391_firmwarewsa8840_firmwaresm4250-aa_firmwaremdm9310_firmwaremsm8905_firmwareqcs4290_firmwarecsra6620sdm670_firmwareqca8081mdm9628sd660sm4375wsa8815qca9377qcm4325_firmwaresm7125_firmwaresnapdragon_430_mobile_platformqcm4290_firmwaresnapdragon_425_mobile_platform_firmwaremdm9615_firmwareqcs5430_firmwaresg4150p_firmwaresc8180xp-af_firmwarecsra6620_firmwareqcs8550mdm8215_firmwaresd865_5g_firmwaresc7180-ad_firmwarewcd9375sdm712snapdragon_wear_2100_platformsa8145psd_675sm4350-ac_firmwareapq8053-aaar6003_firmwaresm7250-ac_firmwaresc7180-ac_firmwarewcn685x-1_firmwarewcn3680b_firmwareqcm8550_firmwareapq8017qcs410_firmwaresa6150p_firmwaresnapdragon_429_mobile_platform_firmwaremsm8905sw5100psxr1120vision_intelligence_300_platformqcs610_firmwarewcd9335wcd9370qca4004qca6696wcd9341_firmware8998qca6390wcn6740_firmwaresnapdragon_auto_4g_modem9205_lte_modemsm8150_firmwareqca6574auwcd9390csra6640sc8180x-af_firmwaremsm8209_firmwarewcn3660b_firmwaresd7309207_lte_modemqcn6024_firmwareqcm5430sm8350snapdragon_210_processor_firmwareqcm6125_firmwarec-v2x_9150snapdragon_wear_3100_platformqcc710mdm9615sxr1120_firmwaresnapdragon_x5_lte_modem_firmware315_5g_iot_modem_firmwaresda845sm8450_firmwaresnapdragon_wear_2100_platform_firmwareqfw7114315_5g_iot_modemsnapdragon_x55_5g_modem-rf_systemsa8155_firmwaresm7150-absnapdragon_wear_1300_platform_firmwareqca6335qcs4490sc7180-adsc8180xp-afmdm9250snapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845qca6421_firmwareqcm6125sc8180x-adsm7125wsa8810snapdragon_8\+_gen_2_mobile_platformsm8350-acqca6595ausm7315_firmwarewcd9326_firmwarewsa8840qcs8550_firmwareqfw7124_firmwarewcd9371_firmwareqcs4490_firmwarewcn3910_firmwareapq8009snapdragon_212_mobile_platform_firmwarewcd9370_firmwaremdm9310sa8195pqca6335_firmwareqcm6490snapdragon_wear_2500_platformsd675_firmwareqca6430_firmwaresc8180x-aaqcn9024_firmwarewsa8845hsa6150psm7250-aawcd9326sa8155p_firmwareqca6564asnapdragon_675_mobile_platformsnapdragon_wear_1300_platformsnapdragon_662_mobile_platformvision_intelligence_400_platform_firmwaresc8180x\+sdx55_firmwarear8035sa6155qcm4325qcn6224sm8475_firmwaresc8180x\+sdx55qca6698aqsm6250sm7250-acsc8180x-aa_firmwaresd670wcn685x-1sa8145p_firmwarewcn3680bsa8150p_firmwaresnapdragon_w5\+_gen_1_wearable_platformsnapdragon_636_mobile_platform_firmwarewcn3990qcs6490wsa8830_firmwarewsa8845_firmwarewsa8832snapdragon_auto_4g_modem_firmwaresnapdragon_675_mobile_platform_firmwaresm8475sm8250-ab_firmwaremsm8608_firmwaremsm8209qca6564ausm6225_firmwaresc8180xp-adsm6250p_firmwarear6003sm7325-af_firmwaresa8195p_firmwareapq8053-ac_firmwareqcm4290sd_455_firmwaresm6125_firmwaremsm8608snapdragon_1200_wearable_platform_firmwaresg8275p_firmwareqca9377_firmwareqcm6490_firmwaresm4125qcm4490_firmwaresnapdragon_xr2_5g_platformsnapdragon_429_mobile_platformqcs6125sda845_firmwareapq5053-aa_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_439_mobile_platformqca4004_firmwareapq5053-aasdm710sd_455sm6250_firmwaresc8180x-ad_firmwareqca6584auqca6320_firmwareqcn6274_firmwaresw5100_firmwaresnapdragon_439_mobile_platform_firmwaresnapdragon_425_mobile_platformwcn6740sm6225-ad_firmwareqfw7114_firmwaresm8250_firmwaresm7225apq8017_firmwarewcd9380sa6145p_firmwaresa6155_firmwaresa8150psnapdragon_x24_lte_modemmsm8996au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresm6225-adsd662_firmwaresm4350-acsdm660_firmwaresw5100snapdragon_430_mobile_platform_firmwareaqt1000wcd9306_firmwarec-v2x_9150_firmwaresm8150wcn3991_firmwaresd855sdm660sc8180x-ab_firmwarewcd9330_firmwarewcn3990_firmwaresm7315qca6564a_firmwarewcd9385msm8909w_firmwaresc8180xp-ab_firmwarewcd9330mdm8207_firmwaresd662wcn3610_firmwareqcs4290sd820_firmwaresg8275psm6250psdx55_firmwarewcn3615_firmwaresnapdragon_210_processorsxr2130qcm44908098_firmwaresnapdragon_wear_2500_platform_firmwaresnapdragon_636_mobile_platformsm7150-ab_firmwareqca6174a_firmwaresm7325papq8037_firmwareaqt1000_firmwaresm6150-ac_firmwaresdm429wqca6584au_firmwaresc8180x-acqcn6274qfw7124qca6595au_firmwaresc8180x-ac_firmwaresw5100p_firmwaresm8250qca6696_firmwareapq8053-acwcd9380_firmwareqca6574_firmwaresg4150pmdm9628_firmwaresm4375_firmwarevision_intelligence_400_platform9206_lte_modemqca6574a_firmwaresdx55sdm845_firmwaresm6350_firmwaresd675wcd9375_firmwareqca6391snapdragon_x70_modem-rf_systemwcn785x-1qts110_firmwareqca6584snapdragon_8_gen_2_mobile_platform_firmwaresnapdragon_xr1_platform_firmware8098snapdragon_x50_5g_modem-rf_system_firmwareqm215wcn685x-5_firmwarewcn3988_firmwaremdm8615m_firmwaresnapdragon_wear_4100\+_platformwsa8835_firmwaresnapdragon_x75_5g_modem-rf_system_firmwarewcn3980msm8909wqcs610Snapdragonsnapdragon
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CVE-2023-33032
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-9.3||CRITICAL
EPSS-0.12% / 2.37%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 05:38
Updated-16 Jun, 2025 | 18:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow or Wraparound in TZ Secure OS

Memory corruption in TZ Secure OS while requesting a memory allocation from TA region.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwareqcn9070sa6150p_firmwaresa8145p_firmwareqcs610sm6250p_firmwaresnapdragon_x24_lte_modem_firmwarefsm10056csrb31024csra6620qca4024_firmwareqca8082qcn9072qca8386wcn3950_firmwaresc8180x\+sdx55sa8150p_firmwareqca6420_firmwareqca6595au_firmwaresa6155ipq6000sd730_firmwaresnapdragon_auto_4g_modem_firmwarecsra6620_firmwarewcd9370sd_675_firmwaresd675_firmwarecsra6640_firmwareqcn5152_firmwareqca6564qcs6125_firmwarewcn3990_firmwareqcn9000_firmwareqca9377wcd9371_firmwarewcn3950qcn6024_firmwarefastconnect_6200qca8386_firmwaresnapdragon_7c_gen_2_compute_platformqca8084_firmwareqca8082_firmwaresa8155snapdragon_x55_5g_modem-rf_systemqca6574au_firmwareqcn5122_firmwaresdx55_firmwareqca6595auqca8081_firmwareqcn6023_firmwaresa6155_firmwarewcd9375_firmwarewcn3999_firmwareqca6420qca6564au_firmwaresnapdragon_auto_5g_modem-rf_firmwaresa6155p_firmwarewcd9306qcn9274qcs8155smart_audio_400_platform_firmwarewcn3999qcn5052qcs6125sa4155p_firmwaresa8155_firmwareipq6010qca4004_firmwarewcn3988_firmwareqca6430qcn9074sa6145p_firmwareqts110qca8085c-v2x_9150sm6250snapdragon_678_mobile_platform_firmwaresa8195psnapdragon_720g_mobile_platformsnapdragon_8cx_compute_platformwcd9306_firmwarewcd9340wsa8810_firmwarefsm10056_firmwarewcd9335sa6155pqca8081qcn6023qca6174a_firmwaresnapdragon_wear_1300_platform_firmwareqca8085_firmwarewcd9341qca6696_firmwarewcd9371ipq9008_firmwaresnapdragon_665_mobile_platform_firmwarecsr8811snapdragon_855_mobile_platform_firmwareaqt1000sa8150pwcd9375sc8180x\+sdx55_firmwaresm6250_firmwareqca4004sd855_firmwarewcn3988wsa8815_firmwaresa8195p_firmwareqcn5121fastconnect_6800_firmwareqcn5022_firmwareqca6564asnapdragon_7c_gen_2_compute_platform_firmwaresa4150psnapdragon_730_mobile_platform_firmwareqcm6125_firmwaresnapdragon_675_mobile_platform_firmwareqca8072snapdragon_855\+\/860_mobile_platform_firmwarewcd9380_firmwarewcn3990qcn9000sd_675snapdragon_8cx_gen_2_5g_compute_platformfastconnect_6800qca6595qca8084qca6564au9205_lte_modemipq9008snapdragon_8c_compute_platformqca6574csr8811_firmwaresnapdragon_auto_5g_modem-rfwcd9380sm6250psnapdragon_678_mobile_platformsnapdragon_x50_5g_modem-rf_systemqcs410snapdragon_855\+\/860_mobile_platformqca8075_firmwareqca6574asmart_audio_400_platformipq6005_firmwareqca6174ac-v2x_9150_firmwareqca8072_firmwareqca6430_firmwareqcn5052_firmwareqcn9274_firmwarewcd9335_firmwarewcn3980snapdragon_732g_mobile_platform_firmwareipq6018_firmwareqca6574_firmwarewcd9340_firmwaresd855wsa8815qca6574a_firmwarefastconnect_6200_firmwareipq6028qcn5021qcn5152qcn9024snapdragon_665_mobile_platformipq9574_firmwaresnapdragon_730g_mobile_platformsnapdragon_x55_5g_modem-rf_system_firmwaresd730qca6391wcn3980_firmwaresnapdragon_x50_5g_modem-rf_system_firmware9205_lte_modem_firmwareaqt1000_firmwareipq6005snapdragon_7c_compute_platform_firmwaresnapdragon_8cx_compute_platform_firmwaresnapdragon_auto_4g_modemar8031_firmwarecsrb31024_firmwareqcn9070_firmwareipq6028_firmwareqca6574ausa8155p_firmwareipq9574qcn5122qca6564a_firmwareqcn9024_firmwarewcd9341_firmwareqcm6125wsa8810snapdragon_x24_lte_modemqcn5121_firmwaresnapdragon_730g_mobile_platform_firmwareqcs610_firmwareipq6018qcn5022sa6145psnapdragon_730_mobile_platformsnapdragon_8c_compute_platform_firmwareqca6564_firmwaresnapdragon_675_mobile_platformipq6010_firmwarear8031qca6595_firmwaresnapdragon_720g_mobile_platform_firmwaresa8145pqca6696snapdragon_732g_mobile_platformqca6391_firmwaresa4150p_firmwareqca4024wcd9370_firmwaresa6150psdx55qca8075qcn5021_firmwareqcn9022_firmwarecsra6640qcn6024qcn9022sa8155psd675qcn9072_firmwareipq6000_firmwareqcs8155_firmwareqcn9074_firmwareqcs410_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_firmwaresnapdragon_wear_1300_platformsa4155psnapdragon_7c_compute_platformsnapdragon_855_mobile_platformqts110_firmwareSnapdragon
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-787
Out-of-bounds Write
CVE-2023-33022
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-8.4||HIGH
EPSS-0.16% / 5.46%
||
7 Day CHG~0.00%
Published-05 Dec, 2023 | 03:04
Updated-11 Aug, 2025 | 15:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow to Buffer Overflow in HLOS

Memory corruption in HLOS while invoking IOCTL calls from user-space.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qdx1010_firmwareqcm8550_firmwareqcs410_firmwaresa6150p_firmwaresd865_5gsw5100psxr1120vision_intelligence_300_platformqca6595snapdragon_xr1_platformqcs610_firmwarewcd9335wcd9370qca8081_firmwaresm7250-absnapdragon_x50_5g_modem-rf_systemqca6696wcd9340_firmwarewcd9341_firmwarewcd9395_firmwareqcn6024qca6390qcc710_firmwareqca6426sc8180x-abwcn6740_firmwaresa4150psm7325-ae_firmwarewsa8832_firmwareqca8337qdu1110qca6426_firmwarewcd9395qca6574au_firmwareqcn7606_firmwarewcn785x-5qam8295psm8150_firmwarewcd9341qca6574auwcd9390wsa8810_firmwaresd730_firmwarewsa8845h_firmwarecsra6640sc8180x-af_firmwaresa9000p_firmwaresd730sdm670qcs5430sm8150-acsm6375_firmwareqcn6024_firmwaresm7150-acqcm5430qcm5430_firmwarevideo_collaboration_vc1_platform_firmwaresa4155psm8350sa8770pqcm6125_firmwaressg2115pqcc710sm6375sa8540psm7250-aa_firmwaresxr1120_firmwareqsm8250_firmwaresc8180xp-acqsm8350_firmware315_5g_iot_modem_firmwaresm8450_firmwarevideo_collaboration_vc1_platformqru1032_firmwareqfw7114wcd9385_firmwareqca6421315_5g_iot_modemsnapdragon_x55_5g_modem-rf_systemqam8255p_firmwaresa8155_firmwaresm7150-abqcs603_firmwarewcd9360snapdragon_ar2_gen_1_platform_firmwaresc7180-adsc8180xp-afsnapdragon_8\+_gen_2_mobile_platform_firmwarewsa8845sa6155pqca6421_firmwareqcm6125sm7150-ac_firmwaresc8180x-adsm7125wsa8810qam8650pqdu1000_firmwaresa9000pqsm8250snapdragon_8\+_gen_2_mobile_platformsm8350-acqca6595ausm7325_firmwaresm7315_firmwareqdu1010wcd9326_firmwaresa6155p_firmwarewsa8840qcs8550_firmwareqca6390_firmwareqdu1210_firmwareqfw7124_firmwareqca6436_firmwaresc8180x-afwcd9371_firmwaresnapdragon_8_gen_2_mobile_platformwcn3910_firmwaresnapdragon_7c\+_gen_3_compute_firmwaresm4125_firmwaresm8250-ac_firmwareqca6420wcn3910wcd9370_firmwaresnapdragon_x55_5g_modem-rf_system_firmwareqdu1110_firmwareqdu1000qca6574asm7325-aesa8195pwcd9340qcm2290qdu1210sm6150-acsm6225snapdragon_auto_5g_modem-rf_gen_2sc8180xp-aa_firmwareqcm6490sa8540p_firmwaresm8150-ac_firmwaresm8550p_firmwarewcn3998_firmwareqcm8550wcn3988qcn9024sa8775pqca6574sm7325-afsnapdragon_x75_5g_modem-rf_systemsxr2230p_firmwaresd675_firmwaresdm710_firmwareqca6430_firmwaresc8180x-aasa8775p_firmwareqcs605qcn9024_firmwarewsa8845hsc8180xp-ac_firmwaresa6150psm7250-aawcd9326qcs410qcm2290_firmwaresa8155p_firmwaresa8155pwsa8830snapdragon_675_mobile_platformsnapdragon_662_mobile_platformsm8550psa6145psc8180x\+sdx55_firmwaresa8255p_firmwareflight_rb5_5g_platform_firmwarewcn785x-1_firmwarear8035sa6155qrb5165m_firmwareqcm4325qcn6224sc8280xp-absc8180x\+sdx55qca6698aqwcn3950_firmwaressg2125p_firmwaresm6250qrb5165nsc7180-acsm7250-acsc8180x-aa_firmwaresd670wcn685x-1sm7325p_firmwaresa8145p_firmwarewcd9360_firmwareqdx1011sa8150p_firmwaresnapdragon_w5\+_gen_1_wearable_platformvideo_collaboration_vc3_platform_firmwarewcn3990sd670_firmwareqcs6490sc8280xp-bb_firmwarewsa8830_firmwaresm7150-aaqcn6224_firmwareqca6431wsa8845_firmwarewsa8832qcs603sm6350sxr2130_firmwaresnapdragon_675_mobile_platform_firmwarear8035_firmwareqrb5165msc8380xpsnapdragon_w5\+_gen_1_wearable_platform_firmwaresm8250-ab_firmwaresa4150p_firmwaresd888_firmwaresnapdragon_662_mobile_platform_firmwareqcs6125_firmwaresm6225_firmwaresc8180xp-adsm6250p_firmwaresm7325-af_firmwaresdm712_firmwarewsa8815_firmwaresm8250-absa8195p_firmwareqca8337_firmwareqcm4290sm7325sm6125_firmwaresg8275p_firmwareqcm6490_firmwaresm8350-ac_firmwaresm7250p_firmwaresm4125qru1032wcn785x-5_firmwarewcn3950flight_rb5_5g_platformsnapdragon_xr2_5g_platformsm4250-aaqcs6125apq5053-aa_firmwaresnapdragon_x65_5g_modem-rf_system_firmwareqca6797aq_firmwaresnapdragon_auto_5g_modem-rf_gen_2_firmwaresnapdragon_7c\+_gen_3_computesnapdragon_xr2\+_gen_1_platform_firmwaresm4350_firmwaresm7350-ab_firmwarewcn3991sa8295p_firmwaresd_675_firmwareapq5053-aasdm710sa4155p_firmwaresm7250psm6250_firmwaresa8155sc8180x-ad_firmwaresm7150-aa_firmwareqca6584ausd888qcn6274_firmwareqru1062_firmwaresw5100_firmwarewcn685x-5wcn6740sc8380xp_firmwareqru1062sm6225-ad_firmwareqfw7114_firmwareqcs605_firmwaresc8280xp-ab_firmwareqca6595_firmwaresm8250-acsm8250_firmwarewcd9371sc8180xp-aasm7225wcd9380sa6145p_firmwareqam8255psa6155_firmwaresxr2230psnapdragon_xr2_5g_platform_firmwaresa8150pvision_intelligence_300_platform_firmwaresm7350-absnapdragon_auto_5g_modem-rf_firmwareqrb5165_firmwaresm8350_firmwaresxr1230psm6225-adsm4350-acsw5100video_collaboration_vc3_platformaqt1000sm8150wcn3991_firmwareqam8295p_firmwaresd855qca6431_firmwaresc8180x-ab_firmwaresm7225_firmwarewcn3990_firmwaresm7315sm6125qca6698aq_firmwareqcs2290wcd9385qcn7606qsm8350qcs2290_firmwaresc8280xp-bbsc8180xp-ab_firmwaresa8255pqcs4290sxr1230p_firmwarewcd9390_firmwaresc8180xp-abwcn6750qca6430sg8275pwcn6750_firmwaresm6250psdx55_firmwareqdx1011_firmwaresc8180xp-ad_firmwaresnapdragon_auto_5g_modem-rfsm7250-ab_firmwaressg2125pqru1052sxr2130sm7150-ab_firmwarecsra6640_firmwaresm4350snapdragon_xr2\+_gen_1_platformsm7325pqam8650p_firmwarewcn3998qca6420_firmwareaqt1000_firmwareqcs6490_firmwaresm8450sm6150-ac_firmwaresnapdragon_x65_5g_modem-rf_systemsd855_firmwarewcd9335_firmwareqrb5165n_firmwareqca6436wcn3980_firmwareqca6584au_firmwarewsa8835wsa8840_firmwareqca6391_firmwaresc8180x-acqcn6274qfw7124qdu1010_firmwareqca6595au_firmwaresc8180x-ac_firmwaresm4250-aa_firmwaresw5100p_firmwaresm8250snapdragon_ar2_gen_1_platformqca6696_firmwareqcs4290_firmwarewcd9380_firmwareqca6574_firmwarecsra6620sdm670_firmwareqca8081wsa8815sm4375sg4150pqam8775pqca6797aqsm4375_firmwareqcm4325_firmwaresm7125_firmwareqca6574a_firmwaresdx55qcm4290_firmwaresm6350_firmwaresd675wcd9375_firmwareqca6391qrb5165wcn785x-1qcs5430_firmwaresg4150p_firmwareqru1052_firmwaresc8180xp-af_firmwarecsra6620_firmwaresa8770p_firmwaresa8295psnapdragon_8_gen_2_mobile_platform_firmwareqcs8550snapdragon_xr1_platform_firmwaresnapdragon_x50_5g_modem-rf_system_firmwareqam8775p_firmwaresd865_5g_firmwaresc7180-ad_firmwarewcd9375wcn685x-5_firmwaresdm712wcn3988_firmwaresa8145psd_675sm4350-ac_firmwarewsa8835_firmwaressg2115p_firmwaresnapdragon_x75_5g_modem-rf_system_firmwaresc7180-ac_firmwaresm7250-ac_firmwarewcn3980qdx1010wcn685x-1_firmwareqcs610Snapdragon
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-680
Integer Overflow to Buffer Overflow
CVE-2023-33038
Matching Score-4
Assigner-Qualcomm, Inc.
ShareView Details
Matching Score-4
Assigner-Qualcomm, Inc.
CVSS Score-6.7||MEDIUM
EPSS-0.12% / 1.97%
||
7 Day CHG~0.00%
Published-02 Jan, 2024 | 05:38
Updated-14 Nov, 2024 | 19:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow or Wraparound in Radio Interface Layer

Memory corruption while receiving a message in Bus Socket Transport Server.

Action-Not Available
Vendor-Qualcomm Technologies, Inc.
Product-qca9377_firmwaresnapdragon_8_gen_1_mobile_platformsa6150p_firmwaresm6250p_firmwareqcs610315_5g_iot_modem_firmwareqca8337qca6431_firmwaresnapdragon_778g\+_5g_mobile_platformsnapdragon_870_5g_mobile_platform_firmwarewcd9360_firmwaresnapdragon_888_5g_mobile_platformwcn3950_firmwaresc8180x\+sdx55sa8150p_firmwaresm4450_firmwareqcs2290qca6595au_firmwaresa6155snapdragon_480_5g_mobile_platformsnapdragon_x70_modem-rf_systemcsra6620_firmwaresd_675_firmwarecsra6640_firmwaresnapdragon_460_mobile_platform_firmwareqcs6125_firmwaresnapdragon_480_5g_mobile_platform_firmwarewcd9371_firmwarewcn3950qcn6024_firmwaresnapdragon_460_mobile_platformsd460_firmwaresm7315_firmwaresnapdragon_695_5g_mobile_platform_firmwareqca6574au_firmwaresnapdragon_778g\+_5g_mobile_platform_firmwareqca8081_firmwaresa6155_firmwarewcd9375_firmwareqca6420wcd9360snapdragon_782g_mobile_platform_firmwaresnapdragon_auto_5g_modem-rf_firmwaresmart_audio_400_platform_firmwareqca6698aqqcs6125sa8155_firmwaresd662_firmwaresnapdragon_765g_5g_mobile_platformqca6430snapdragon_678_mobile_platform_firmwaresnapdragon_8\+_gen_1_mobile_platformsnapdragon_720g_mobile_platformsnapdragon_8cx_compute_platformwcd9340snapdragon_780g_5g_mobile_platformsw5100qca6436sa6155psnapdragon_765_5g_mobile_platform_firmwareqca6698aq_firmwaresnapdragon_690_5g_mobile_platformwcd9341qca6431qca6696_firmwarewcd9371wcn3910_firmwaresnapdragon_855_mobile_platform_firmwaresa8150pwsa8830_firmwaresd855_firmwaresd865_5g_firmwaresnapdragon_7c\+_gen_3_compute_firmwarewcn3988snapdragon_780g_5g_mobile_platform_firmwaresnapdragon_685_4g_mobile_platform_firmwaresa8195p_firmwaresnapdragon_865_5g_mobile_platform_firmwarefastconnect_6800_firmwaresnapdragon_7c_gen_2_compute_platform_firmwaresnapdragon_730_mobile_platform_firmwaresnapdragon_750g_5g_mobile_platform_firmwaresnapdragon_675_mobile_platform_firmwareqca8337_firmwarewcd9380_firmwaresnapdragon_778g_5g_mobile_platform_firmwaresw5100psnapdragon_8cx_gen_2_5g_compute_platformsnapdragon_w5\+_gen_1_wearable_platformqca6564ausnapdragon_7c\+_gen_3_computewcd9380snapdragon_782g_mobile_platformfastconnect_6700qcs410qca6430_firmwarewcd9335_firmwarewcn3980snapdragon_732g_mobile_platform_firmwareqcm4325_firmwarewcd9340_firmwarewsa8815wcn3910snapdragon_865\+_5g_mobile_platformsnapdragon_4_gen_1_mobile_platformqca6426_firmwaresm4450qcn9024wcn3980_firmwaresd730snapdragon_x50_5g_modem-rf_system_firmwareqca6421_firmwarewcn6740_firmwaresnapdragon_8cx_compute_platform_firmwareqcs4490_firmwaresnapdragon_xr2_5g_platformsnapdragon_x65_5g_modem-rf_systemfastconnect_6900fastconnect_6900_firmwareqcn9024_firmwaresdx57mqcm4290_firmwaresnapdragon_x24_lte_modemwsa8832sw5100p_firmwareqcs610_firmwaresa6145psnapdragon_730_mobile_platformqcs4490sa8145psnapdragon_750g_5g_mobile_platformsnapdragon_888\+_5g_mobile_platform_firmwareqca6391_firmwarewcd9370_firmwaresdx55sd888_firmwaresa8155pcsra6640sd675snapdragon_695_5g_mobile_platformsnapdragon_720g_mobile_platform_firmwaresnapdragon_855_mobile_platformar8035_firmwareqcm2290snapdragon_480\+_5g_mobile_platformsnapdragon_662_mobile_platform_firmwarewsa8830sa8145p_firmwareqcs2290_firmwaresnapdragon_x24_lte_modem_firmwarecsrb31024snapdragon_865_5g_mobile_platformcsra6620qcs4290snapdragon_888_5g_mobile_platform_firmwareqca6420_firmwaresd730_firmwaresnapdragon_auto_4g_modem_firmwarewcd9370sd675_firmwaresnapdragon_480\+_5g_mobile_platform_firmwareqca6426wcn3990_firmwareqca9377wcd9385_firmwarewcd9326_firmwarefastconnect_6200snapdragon_7c_gen_2_compute_platformsd662sa8155snapdragon_x55_5g_modem-rf_systemsdx55_firmwaresnapdragon_778g_5g_mobile_platformqca6595ausm7250p_firmwareqca6436_firmwaresnapdragon_680_4g_mobile_platform_firmwaresnapdragon_w5\+_gen_1_wearable_platform_firmwareqca6564au_firmwaresa6155p_firmwaresnapdragon_x65_5g_modem-rf_system_firmwaresnapdragon_870_5g_mobile_platformsnapdragon_x70_modem-rf_system_firmwareqcs6490qcs8550_firmwarewcn3988_firmware315_5g_iot_modemsa6145p_firmwareqca6421sm6250fastconnect_6700_firmwaresa8195pwsa8810_firmwarewcd9326wcd9335sg4150pqca8081qcm4490snapdragon_888\+_5g_mobile_platformqca6174a_firmwareqcs4290_firmwarewcd9385sxr2130_firmwareqcs6490_firmwaresnapdragon_665_mobile_platform_firmwarear8035wcd9375aqt1000sc8180x\+sdx55_firmwaresm6250_firmwaresnapdragon_662_mobile_platformsnapdragon_685_4g_mobile_platformsnapdragon_768g_5g_mobile_platform_firmwareqcm6490wsa8815_firmwarewsa8835_firmwaresg4150p_firmwareqcm6125_firmwareqcm4325qcm2290_firmwaresnapdragon_855\+\/860_mobile_platform_firmwarewcn3990sd_675sd865_5gfastconnect_6800snapdragon_8c_compute_platformsd888wsa8835snapdragon_auto_5g_modem-rfsm6250psnapdragon_678_mobile_platformsnapdragon_855\+\/860_mobile_platformsnapdragon_4_gen_1_mobile_platform_firmwaresxr2130qca6574asmart_audio_400_platformqca6174asm7325psd855sm7325p_firmwaresdx57m_firmwaresnapdragon_xr2_5g_platform_firmwareqca6574a_firmwarefastconnect_6200_firmwaresnapdragon_665_mobile_platformsnapdragon_730g_mobile_platformsm7315sd460qca6391snapdragon_x55_5g_modem-rf_system_firmwarefastconnect_7800aqt1000_firmwaresnapdragon_7c_compute_platform_firmwaresnapdragon_865\+_5g_mobile_platform_firmwareqcm4490_firmwaresnapdragon_690_5g_mobile_platform_firmwaresnapdragon_auto_4g_modemqcm4290csrb31024_firmwareqcm6490_firmwarewsa8832_firmwareqca6574ausa8155p_firmwarewcd9341_firmwarefastconnect_7800_firmwareqcm6125wsa8810snapdragon_765g_5g_mobile_platform_firmwaresnapdragon_730g_mobile_platform_firmwaresnapdragon_680_4g_mobile_platformsnapdragon_8_gen_1_mobile_platform_firmwaresnapdragon_8c_compute_platform_firmwaresnapdragon_675_mobile_platformwcn6740qca6696snapdragon_732g_mobile_platformqcs8550sa6150psnapdragon_x50_5g_modem-rf_systemsnapdragon_768g_5g_mobile_platformqcn6024snapdragon_765_5g_mobile_platformsm7250psnapdragon_8\+_gen_1_mobile_platform_firmwaresw5100_firmwareqcs410_firmwaresnapdragon_8cx_gen_2_5g_compute_platform_firmwaresnapdragon_7c_compute_platformSnapdragon
CWE ID-CWE-190
Integer Overflow or Wraparound
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-0369
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
ShareView Details
Matching Score-4
Assigner-Android (associated with Google Inc. or Open Handset Alliance)
CVSS Score-7.8||HIGH
EPSS-0.15% / 4.73%
||
7 Day CHG~0.00%
Published-17 Sep, 2020 | 20:50
Updated-04 Aug, 2024 | 05:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In libavb, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-130231426

Action-Not Available
Vendor-n/aGoogle LLC
Product-androidAndroid
CWE ID-CWE-787
Out-of-bounds Write
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2020-10067
Matching Score-4
Assigner-Zephyr Project
ShareView Details
Matching Score-4
Assigner-Zephyr Project
CVSS Score-7.5||HIGH
EPSS-0.45% / 36.09%
||
7 Day CHG~0.00%
Published-11 May, 2020 | 22:26
Updated-16 Sep, 2024 | 16:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Integer Overflow In is_in_region Allows User Thread To Access Kernel Memory

A malicious userspace application can cause a integer overflow and bypass security checks performed by system call handlers. The impact would depend on the underlying system call and can range from denial of service to information leak to memory corruption resulting in code execution within the kernel. See NCC-ZEP-005 This issue affects: zephyrproject-rtos zephyr version 1.14.1 and later versions. version 2.1.0 and later versions.

Action-Not Available
Vendor-Zephyr Project
Product-zephyrzephyr
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2016-8636
Matching Score-4
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-4
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-1.15% / 63.40%
||
7 Day CHG~0.00%
Published-22 Feb, 2017 | 16:00
Updated-13 May, 2026 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in the mem_check_range function in drivers/infiniband/sw/rxe/rxe_mr.c in the Linux kernel before 4.9.10 allows local users to cause a denial of service (memory corruption), obtain sensitive information from kernel memory, or possibly have unspecified other impact via a write or read request involving the "RDMA protocol over infiniband" (aka Soft RoCE) technology.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-31034
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-6.6||MEDIUM
EPSS-0.15% / 4.71%
||
7 Day CHG~0.00%
Published-12 Jan, 2024 | 18:31
Updated-17 Jun, 2025 | 21:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CVE

NVIDIA DGX A100 SBIOS contains a vulnerability where a local attacker can cause input validation checks to be bypassed by causing an integer overflow. A successful exploit of this vulnerability may lead to denial of service, information disclosure, and data tampering.

Action-Not Available
Vendor-NVIDIA Corporation
Product-dgx_a100_firmwaredgx_a100DGX A100
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2023-31031
Matching Score-4
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-4
Assigner-NVIDIA Corporation
CVSS Score-4.2||MEDIUM
EPSS-0.19% / 9.28%
||
7 Day CHG~0.00%
Published-12 Jan, 2024 | 18:31
Updated-09 Oct, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
CVE

NVIDIA DGX Station A100 and DGX Station A800 SBIOS contains a vulnerability where a user may cause a heap-based buffer overflow by local access. A successful exploit of this vulnerability may lead to code execution, denial of service, information disclosure, and data tampering.

Action-Not Available
Vendor-NVIDIA Corporation
Product-dgx_a100_firmwaredgx_a100DGX A100
CWE ID-CWE-122
Heap-based Buffer Overflow
CWE ID-CWE-787
Out-of-bounds Write
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 10
  • 11
  • Next
Details not found