18 matches found
EUVD-2023-25813
Malicious code in bioql PyPI...
CVE-2023-21646
Transient DOS in Modem while processing invalid System Information Block 1...
CVE-2023-47109
PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image...
CVE-2022-39881
Improper input validation vulnerability for processing SIB12 PDU in Exynos modems prior to SMR Sep-2022 Release allows remote attacker to read out of bounds memory...
CVE-2023-47110
blockreassurance adds an information block aimed at offering helpful information to reassure customers that their store is trustworthy. An ajax function in module blockreassurance allows modifying any value in the configuration table. This vulnerability has been patched in version 5.1.4...
Design/Logic Flaw
blockreassurance adds an information block aimed at offering helpful information to reassure customers that their store is trustworthy. An ajax function in module blockreassurance allows modifying any value in the configuration table. This vulnerability has been patched in version 5.1.4...
CVE-2023-47110 Any value can be changed in the configuration table by an employee having access to block reassurance module
blockreassurance adds an information block aimed at offering helpful information to reassure customers that their store is trustworthy. An ajax function in module blockreassurance allows modifying any value in the configuration table. This vulnerability has been patched in version 5.1.4...
Path traversal
PrestaShop blockreassurance adds an information block aimed at offering helpful information to reassure customers that the store is trustworthy. When adding a block in blockreassurance module, a BO user can modify the http request and give the path of any file in the project instead of an image...
CVE-2023-21646
Transient DOS in Modem while processing invalid System Information Block 1...
CVE-2023-21646 Reachable Assertion in Modem
Transient DOS in Modem while processing invalid System Information Block 1...
CVE-2023-21646 Reachable Assertion in Modem
Transient DOS in Modem while processing invalid System Information Block 1...
CVE-2023-21646
CVE-2023-21646 describes a transient Denial of Service in the modem when processing an invalid System Information Block 1. This vulnerability is associated with Qualcomm closed‑source components / Qualcomm chipsets and has a CVSS v3.1 base score of 7.5 (HIGH) with NETWORK attack vector, LOW attac...
PT-2023-18309 · Qualcomm · Qualcomm Ar8035
Name of the Vulnerable Software and Affected Versions: Qualcomm AR8035 affected versions not specified Description: The issue is related to a transient Denial of Service DOS in the modem when processing an invalid System Information Block 1. This can potentially cause disruptions in service. Ther...
PT-2023-13822 · Qualcomm · Snapdragon +15
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: The issue is related to a Transient Denial of Service DOS that occurs due to a reachable assertion in the modem. This happens when the modem processes a...
PT-2022-17451 · Qualcomm · Snapdragon Mobile
Name of the Vulnerable Software and Affected Versions: Qualcomm Snapdragon Mobile affected versions not specified Description: The issue is related to a denial of service in the MODEM component of Snapdragon Mobile devices. It occurs when the device processes a System Information Block 1 SIB1 wit...
CVE-2019-18659
The Wireless Emergency Alerts WEA protocol allows remote attackers to spoof a Presidential Alert because cryptographic authentication is not used, as demonstrated by MessageIdentifier 4370 in LTE System Information Block 12 aka SIB12. NOTE: testing inside an RF-isolated shield box suggested that...
Stack overflow
Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, Office Word Viewer 2003 SP3, and Office Word Viewer allow remote attackers to execute arbitrary code via a Word document with a malformed File...
CVE-2008-0109
Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office Word Viewer 2003 allows remote attackers to execute arbitrary code via crafted fields within the File Information Block FIB of a Word file, which triggers length calculation errors and memory corruption...