CloudEngine 12800,CloudEngine 5800,CloudEngine 6800,CloudEngine 7800, Security Vulnerabilities

CVE-2023-33038

Memory corruption while receiving a message in Bus Socket Transport...

CVE-2023-33085

Memory corruption in wearables while processing data from...

CVE-2023-33040

Transient DOS in Data Modem during DTLS...

CVE-2023-33037

Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB...

CVE-2023-33062

Transient DOS in WLAN Firmware while parsing a BTM...

CVE-2023-33036

Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI...

CVE-2023-33033

Memory corruption in Audio during playback with speaker...

CVE-2023-33030

Memory corruption in HLOS while running playready...

CVE-2023-33032

Memory corruption in TZ Secure OS while requesting a memory allocation from TA...

CVE-2023-33014

Information disclosure in Core services while processing a Diag...

Privilege Escalation Vulnerability in Some Huawei Products (huawei-sa-20201202-02-privilege)

There is a privilege escalation vulnerability in some Huawei ...

Pointer Double Free Vulnerability in Some Huawei Products (huawei-sa-20210407-01-doublefree)

There is a pointer double free vulnerability in some Huawei ...

Out-of-Bounds Read Vulnerability in Huawei CloudEngine Products (huawei-sa-20201230-02-cloudengine)

There is an out-of-bounds read vulnerability in Huawei CloudEngine...

Memory Leak Vulnerability in Huawei CloudEngine Product (huawei-sa-20201223-01-cloudengine)

There is a memory leak vulnerability in Huawei CloudEngine ...

Out of Bound Read Vulnerability in Huawei Product (huawei-sa-20201216-01-obr)

There is an out of bound read vulnerability in some...

Denial of Service Vulnerability in Huawei Product (huawei-sa-20210324-01-dos)

There is a denial of service vulnerability in Huawei...

Input Validation Vulnerability in Multiple Huawei Products (huawei-sa-20160713-01-multicast-ldp-fec-stack)

There is an input validation vulnerability in Huawei multiple ...

Improper Authentication Vulnerability in Huawei Product (huawei-sa-20201216-01-vrp)

There is an improper authentication vulnerability in Huawei ...

Buffer Overflow Vulnerability in Some Huawei Products (huawei-sa-20161116-01-cfm)

There is a buffer overflow vulnerability in Connectivity Fault Management (CFM) function of some Huawei...

Resource Management Error Vulnerability in Huawei CloudEngine 1800V Product (huawei-sa-20201202-01-cloudengine)

CloudEngine 1800V product has a resource management error ...

Information Leakage Vulnerability in Some Huawei Products (huawei-sa-20200219-01-leak)

There is an information leakage vulnerability in some Huawei ...

Out of Bounds Write Vulnerability in Huawei CloudEngine Product (huawei-sa-20210519-01-cloudengine)

There is an out of bounds write vulnerability in some Huawei ...

CVE-2023-6569

External Control of File Name or Path in...

CVE-2021-27795

Brocade Fabric OS (FOS) hardware platforms running any version of Brocade Fabric OS software, which supports the license string format; contain cryptographic issues that could allow for the installation of forged or fraudulent license keys. This would allow attackers or a malicious party to...

CVE-2023-33106

Memory corruption while submitting a large list of sync points in an AUX command to the...

CVE-2023-33107

Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL...

CVE-2023-33097

Transient DOS in WLAN Firmware while processing a FTMR...

CVE-2023-33098

Transient DOS while parsing WPA IES, when it is passed with length more than expected...

CVE-2023-33092

Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected...

CVE-2023-33088

Memory corruption when processing cmd parameters while parsing...

CVE-2023-33089

Transient DOS when processing a NULL buffer while parsing WLAN...

CVE-2023-28588

Transient DOS in Bluetooth Host while rfc slot...

CVE-2023-28580

Memory corruption in WLAN Host while setting the PMK length in PMK length in internal...

CVE-2023-28586

Information disclosure when the trusted application metadata symbol addresses are accessed while loading an ELF in...

CVE-2023-28585

Memory corruption while loading an ELF segment in TEE...

CVE-2023-28587

Memory corruption in BT controller while parsing debug commands with specific sub-opcodes at HCI interface...

CVE-2023-28579

Memory Corruption in WLAN Host while deserializing the input PMK bytes without checking the input PMK...

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input...

CVE-2023-22668

Memory Corruption in Audio while invoking IOCTLs calls from the...

CVE-2023-28546

Memory Corruption in SPS Application while exporting public key in sorter...

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory...

CVE-2023-22383

Memory Corruption in camera while installing a fd for a particular DMA...

CVE-2023-21634

Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to...

Rockwell Automation Stratix 5800 and Stratix 5200 (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity/known public exploitation Vendor: Rockwell Automation Equipment: Stratix 5800 and Stratix 5200 Vulnerabilities: Unprotected Alternate Channel, OS Command Injection 2. RISK EVALUATION Successful...

CVE-2023-31320

Improper input validation in the AMD RadeonTM Graphics display driver may allow an attacker to corrupt the display potentially resulting in denial of...

CVE-2023-20568

Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch RadeonInstaller.exe without validating the file signature potentially leading to arbitrary code...

CVE-2023-20533

Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in...

CVE-2023-20567

Improper signature verification of RadeonTM RX Vega M Graphics driver for Windows may allow an attacker with admin privileges to launch AMDSoftwareInstaller.exe without validating the file signature potentially leading to arbitrary code...

CVE-2022-23821

Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code...

CVE-2021-46774

Insufficient DRAM address validation in System Management Unit (SMU) may allow an attacker to read/write from/to an invalid DRAM address, potentially resulting in...