Transient DOS in WLAN Host when a mobile station receives invalid channel in CSA IE while doing channel switch announcement...
7.5CVSS
7.5AI Score
0.0005EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
9.8CVSS
9.6AI Score
0.001EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI...
8.4CVSS
7.8AI Score
0.001EPSS
Memory corruption in WLAN HAL while processing command parameters from untrusted WMI...
7.8CVSS
7.9AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
7.8CVSS
7.9AI Score
0.0004EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
Memory corruption in WLAN FW while processing command parameters from untrusted WMI...
7.8CVSS
7.9AI Score
0.0004EPSS
Epson Printers CSRF Vulnerability (Apr 2023)
Multiple Epson printer models are prone to a cross-site request forgery (CSRF)...
6.5CVSS
6.6AI Score
0.001EPSS
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based management interface of an affected.....
6.5CVSS
6.7AI Score
0.001EPSS
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based management interface of an affected.....
6.5CVSS
6.6AI Score
0.001EPSS
Cross site request forgery (csrf)
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based management interface of an affected.....
6.5CVSS
6.6AI Score
0.001EPSS
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based management interface of an affected.....
6.5CVSS
6.9AI Score
0.001EPSS
A vulnerability in the web-based management interface of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of the web-based management interface of an affected.....
6.3AI Score
0.001EPSS
An attacker with specialized hardware and physical access to an impacted device may be able to perform a voltage fault injection attack resulting in compromise of the ASP secure boot potentially leading to arbitrary code...
6.8CVSS
6.7AI Score
0.001EPSS
A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative execution at an attacker-controlled address, potentially leading to information...
4.7CVSS
6.6AI Score
0.0004EPSS
Insufficient input validation in CpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwriting an arbitrary bit in an attacker-controlled pointer potentially leading to arbitrary code execution in...
7.8CVSS
7.7AI Score
0.0004EPSS
The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to...
7.8CVSS
7.5AI Score
0.0004EPSS
In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no check if the buffer is being used. So when a function called cam_mem_get_cpu_buf to get the kernel va to use, another thread can call CAM_REQ_MGR_RELEASE_BUF to unmap the kernel va which cause UAF of the kernel...
7.8CVSS
7.5AI Score
0.0004EPSS
The buffer obtained from kernel APIs such as cam_mem_get_cpu_buf() may be readable/writable in userspace after kernel accesses it. In other words, user mode may race and modify the packet header (e.g. header.count), causing checks (e.g. size checks) in kernel code to be invalid. This may lead to...
7CVSS
6.8AI Score
0.0004EPSS
Open Babel translationVectors parsing out-of-bounds write vulnerabilities
Talos Vulnerability Report TALOS-2022-1666 Open Babel translationVectors parsing out-of-bounds write vulnerabilities July 21, 2023 CVE Number CVE-2022-46292,CVE-2022-46295,CVE-2022-46294,CVE-2022-46293,CVE-2022-46291 SUMMARY Multiple out-of-bounds write vulnerabilities exist in the...
9.8CVSS
7AI Score
0.001EPSS
Open Babel Gaussian format orientation out-of-bounds write vulnerability
Talos Vulnerability Report TALOS-2022-1672 Open Babel Gaussian format orientation out-of-bounds write vulnerability July 21, 2023 CVE Number CVE-2022-37331 SUMMARY An out-of-bounds write vulnerability exists in the Gaussian format orientation functionality of Open Babel 3.1.1 and master commit...
7.8CVSS
7.6AI Score
0.001EPSS
Memory Corruption in Data Modem while processing DMA buffer release event about CFR...
7.8CVSS
7.7AI Score
0.0004EPSS
Memory corruption in Linux when the file upload API is called with parameters having large...
7.8CVSS
7.8AI Score
0.0004EPSS
6.8CVSS
6.6AI Score
0.001EPSS
Memory Corruption in Linux while processing QcRilRequestImsRegisterMultiIdentityMessage...
7.8CVSS
7.5AI Score
0.0004EPSS
Memory corruption in Video while calling APIs with different instance ID than the one received in...
7.8CVSS
7.8AI Score
0.0004EPSS
Memory Corruption in Data Network Stack & Connectivity when sim gets detected on...
7.8CVSS
7.6AI Score
0.0004EPSS
An app with non-privileged access can change global system brightness and cause undesired system...
7.8CVSS
7.6AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.001EPSS
7.8CVSS
7.8AI Score
0.0004EPSS
7.8CVSS
7.6AI Score
0.0005EPSS
7.8CVSS
7.5AI Score
0.0004EPSS
Memory corruption in Audio while running concurrent tunnel playback or during concurrent audio tunnel recording...
8.4CVSS
7.8AI Score
0.0004EPSS
Arbitrary memory overwrite when VM gets compromised in TX write leading to Memory...
7.8CVSS
7.5AI Score
0.0004EPSS
Weak Configuration due to improper input validation in Modem while processing LTE security mode command message received from...
9.8CVSS
9.4AI Score
0.001EPSS
7.8CVSS
7.6AI Score
0.0004EPSS
8.4CVSS
7.7AI Score
0.0004EPSS
6.2CVSS
5.4AI Score
0.0004EPSS
A potential security vulnerability has been identified for certain HP multifunction printers (MFPs). The vulnerability may lead to Buffer Overflow and/or Remote Code Execution when running HP Workpath solutions on potentially affected...
9.8CVSS
9.7AI Score
0.002EPSS
Certain HP Enterprise LaserJet and HP LaserJet Managed Printers are potentially vulnerable to information disclosure when IPsec is enabled with FutureSmart version...
7.5CVSS
7.2AI Score
0.001EPSS
Insufficient input validation in the ASP (AMD Secure Processor) bootloader may allow an attacker with a compromised Uapp or ABL to coerce the bootloader into exposing sensitive information to the SMU (System Management Unit) resulting in a potential loss of confidentiality and...
9.1CVSS
9.1AI Score
0.002EPSS
Insufficient bounds checking in ASP (AMD Secure Processor) may allow for an out of bounds read in SMI (System Management Interface) mailbox checksum calculation triggering a data abort, resulting in a potential denial of...
7.5CVSS
7.8AI Score
0.001EPSS
Improper syscall input validation in AMD TEE (Trusted Execution Environment) may allow an attacker with physical access and control of a Uapp that runs under the bootloader to reveal the contents of the ASP (AMD Secure Processor) bootloader accessible memory to a serial port, resulting in a...
6.1CVSS
6.6AI Score
0.001EPSS
Insufficient input validation in ASP may allow an attacker with a compromised SMM to induce out-of-bounds memory reads within the ASP, potentially leading to a denial of...
7.5CVSS
7.7AI Score
0.001EPSS
Insufficient input validation in ABL may enable a privileged attacker to corrupt ASP memory, potentially resulting in a loss of integrity or code...
8.8CVSS
8.8AI Score
0.001EPSS
Time-of-check Time-of-use (TOCTOU) in the BIOS2PSP command may allow an attacker with a malicious BIOS to create a race condition causing the ASP bootloader to perform out-of-bounds SRAM reads upon an S3 resume event potentially leading to a denial of...
5.9CVSS
6.5AI Score
0.001EPSS
Failure to validate the length fields of the ASP (AMD Secure Processor) sensor fusion hub headers may allow an attacker with a malicious Uapp or ABL to map the ASP sensor fusion hub region and overwrite data structures leading to a potential loss of confidentiality and...
9.1CVSS
9.1AI Score
0.001EPSS