1100 Security Vulnerabilities

CVE-2024-33687

Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the...

CVE-2023-47165

Improper conditions check in the Intel(R) Data Center GPU Max Series 1100 and 1550 products may allow an privileged user to potentially enable denial of service via local...

CVE-2024-3273

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. Affected is an unknown function of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The manipulation of the...

CVE-2024-3272

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nas_sharing.cgi of the component HTTP GET Request Handler. The...

CVE-2023-33033

Memory corruption in Audio during playback with speaker...

CVE-2023-33030

Memory corruption in HLOS while running playready...

CVE-2023-33018

Memory corruption while using the UIM diag command to get the operators...

CVE-2023-33017

Memory corruption in Boot while running a ListVars test in UEFI Menu during...

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input...

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory...

CVE-2023-22327

Out-of-bounds write in firmware for some Intel(R) FPGA products before version 2.8.1 may allow a privileged user to potentially enable information disclosure via local...

CVE-2023-22388

Memory Corruption in Multi-mode Call Processor while processing bit mask...

CVE-2023-24849

Information Disclosure in data Modem while parsing an FMTP line in an SDP...

CVE-2023-24848

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line...

CVE-2023-22385

Memory Corruption in Data Modem while making a MO call or MT VOLTE...

CVE-2023-20226

A vulnerability in Application Quality of Experience (AppQoE) and Unified Threat Defense (UTD) on Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to....

CVE-2023-20227

A vulnerability in the Layer 2 Tunneling Protocol (L2TP) feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of certain L2TP packets. An attacker could...

CVE-2023-5142

A vulnerability classified as problematic was found in H3C GR-1100-P, GR-1108-P, GR-1200W, GR-1800AX, GR-2200, GR-3200, GR-5200, GR-8300, ER2100n, ER2200G2, ER3200G2, ER3260G2, ER5100G2, ER5200G2 and ER6300G2 up to 20230908. This vulnerability affects unknown code of the file /userLogin.asp of the....

CVE-2023-27396

FINS (Factory Interface Network Service) is a message communication protocol, which is designed to be used in closed FA (Factory Automation) networks, and is used in FA networks composed of OMRON products. Multiple OMRON products that implement FINS protocol contain following security issues --...

CVE-2022-40507

Memory corruption due to double free in Core while mapping HLOS address to the...

CVE-2022-40521

Transient DOS due to improper authorization in...

CVE-2022-33264

Memory corruption in modem due to stack based buffer overflow while parsing OTASP Key Generation Request...

CVE-2022-22076

information disclosure due to cryptographic issue in Core during RPMB read...

CVE-2022-38787

Improper input validation in firmware for some Intel(R) FPGA products before version 2.7.0 Hotfix may allow an authenticated user to potentially enable escalation of privilege via local...

CVE-2022-40505

Information disclosure due to buffer over-read in Modem while parsing DNS...

CVE-2022-33304

Transient DOS due to NULL pointer dereference in Modem while performing pullup for received TCP/UDP...

CVE-2022-33302

Memory corruption due to improper validation of array index in User Identity Module when APN TLV length is greater than command...

CVE-2022-33295

Information disclosure in Modem due to buffer over-read while parsing the wms message received given the buffer and its...

CVE-2022-33294

Transient DOS in Modem due to NULL pointer dereference while receiving response of lwm2m registration/update/bootstrap request...

CVE-2022-33289

Memory corruption occurs in Modem due to improper validation of array index when malformed APDU is sent from...

CVE-2022-33291

Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed...

CVE-2022-33287

Information disclosure in Modem due to buffer over-read while getting length of Unfragmented headers in an IPv6...

CVE-2022-33259

Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS...

CVE-2022-33258

Information disclosure due to buffer over-read in modem while reading configuration...

CVE-2022-33222

Information disclosure due to buffer over-read while parsing DNS response packets in...

CVE-2022-33228

Information disclosure sue to buffer over-read in modem while processing ipv6 packet with hop-by-hop or destination option in...

CVE-2022-33223

Transient DOS in Modem due to null pointer dereference while processing the incoming packet with http chunked...

CVE-2022-33211

memory corruption in modem due to improper check while calculating size of serialized CoAP...

CVE-2022-25747

Information disclosure in modem due to improper input validation during parsing of upcoming CoAP...

CVE-2022-25739

Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM...

CVE-2022-25737

Information disclosure in modem due to missing NULL check while reading packets received from local...

CVE-2022-25740

Memory corruption in modem due to buffer overwrite while building an IPv6 multicast address based on the MAC address of the...

CVE-2022-25731

Information disclosure in modem due to buffer over-read while processing packets from DNS...

CVE-2022-25730

Information disclosure in modem due to improper check of IP type while processing DNS server...

CVE-2022-25726

Information disclosure in modem data due to array out of bound access while handling the incoming DNS response...

CVE-2022-25678

Memory correction in modem due to buffer overwrite during coap...

CVE-2023-20065

A vulnerability in the Cisco IOx application hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. This vulnerability is due to insufficient restrictions on the hosted application. An attacker could exploit...

CVE-2023-20035

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to execute arbitrary commands with elevated privileges. This vulnerability is due to insufficient input validation by the system CLI. An attacker with privileges to run commands could exploit...

CVE-2023-20081

A vulnerability in the IPv6 DHCP (DHCPv6) client module of Cisco Adaptive Security Appliance (ASA) Software, Cisco Firepower Threat Defense (FTD) Software, Cisco IOS Software, and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on.....

CVE-2023-20066

A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to perform a directory traversal and access resources that are outside the filesystem mountpoint of the web UI. This vulnerability is due to an insufficient security configuration. An attacker...