CVE-2024-31581

CVE-2024-31581 affects FFmpeg v6.1, where the vulnerability stems from improper validation of an array index in libavcodec/cbs_h266_syntax_template.c. The issue can lead to undefined behavior in the application. The CVSS vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) assigns a base score of 9.8 (CR...

CVE-2024-31031

An issue in coappdu.c in libcoap 4.3.4 allows attackers to cause undefined behavior via a sequence of messages leading to unsigned integer overflow...

CVE-2024-31581

FFmpeg version n6.1 was discovered to contain an improper validation of array index vulnerability in libavcodec/cbsh266syntaxtemplate.c. This vulnerability allows attackers to cause undefined behavior within the application...

CVE-2023-52534

In ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed...

CVE-2023-52342

In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed...

CVE-2023-52344

In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed...

CVE-2023-52344

In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed...

CVE-2023-52533

In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed...

CVE-2023-52533

The CVE-2023-52533 entry concerns the modem-ps-nas-ngmm component, where incorrect error handling may cause undefined behavior. This could enable remote information disclosure without additional privileges. Public sources (NVD/Red Hat/CVE records) state the impact as information disclosure with n...

CVE-2023-52344

CVE-2023-52344 affects UNISOC’s modem-ps-nas-ngmm. The issue is an undefined behavior caused by incorrect error handling in the module, potentially enabling remote information disclosure over a network with no additional execution privileges required. CVSS 3.1 base score 5.3 (AV:N/AC:L/PR:N/UI:N/...

CVE-2023-52342

The CVE-2023-52342 entry concerns the modem-ps-nas-ngmm component, where an undefined behavior due to incorrect error handling could allow remote information disclosure without additional execution privileges. Documents confirm the vulnerability impact is a confidentiality exposure (CVE described...

CVE-2023-52342

In modem-ps-nas-ngmm, there is a possible undefined behavior due to incorrect error handling. This could lead to remote information disclosure no additional execution privileges needed...

UNISOC Chipsets 安全漏洞

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets that stems from incorrect error handling in the ngmm module, which may result in undefined behavior...

UNISOC Chipsets 安全漏洞

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets that stems from incorrect error handling in the modem-ps-nas-ngmm module, which may result in undefined behavior...

UNISOC Chipsets 安全漏洞

UNISOC Chipsets is a chipset from China's Purple Spreadtrum UNISOC. A security vulnerability exists in UNISOC Chipsets that stems from incorrect error handling in the modem-ps-nas-ngmm module, which may result in undefined behavior...

PT-2024-14535 · Unknown · Modem-Ps-Nas-Ngmm

Name of the Vulnerable Software and Affected Versions: modem-ps-nas-ngmm affected versions not specified Description: The issue is related to incorrect error handling, which could lead to remote information disclosure without requiring additional execution privileges. This is due to a possible...

PT-2024-14606 · Ngmm · Ngmm

Name of the Vulnerable Software and Affected Versions: ngmm affected versions not specified Description: The issue is related to incorrect error handling, which could lead to undefined behavior. This might result in a remote denial of service, and no additional execution privileges are needed to...

crayon: ObjectPool creates uninitialized memory when freeing objects

As of version 0.6.0, the ObjectPool explicitly creates an uninitialized instance of its type parameter when it attempts to free an object, and swaps it into the storage. This causes instant undefined behavior due to reading the uninitialized memory in order to write it to the pool storage...

GHSA-XFHW-6MC4-MGXF crayon: ObjectPool creates uninitialized memory when freeing objects

As of version 0.6.0, the ObjectPool explicitly creates an uninitialized instance of its type parameter when it attempts to free an object, and swaps it into the storage. This causes instant undefined behavior due to reading the uninitialized memory in order to write it to the pool storage...

CVE-2024-26742

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix disablemanagedinterrupts Correct blk-mq registration issue with module parameter disablemanagedinterrupts enabled. When we turn off the default PCIIRQAFFINITY flag, the driver needs to register with blk-mq usi...