2469 matches found
PT-2024-5224 · Unknown +1 · Phpldapadmin +1
Name of the Vulnerable Software and Affected Versions: mhuertos phpLDAPadmin up to 665dbc2690ebeb5392d38f1fece0a654225a0b38 Description: A critical vulnerability was found in the function makeHttpRequest of the file htdocs/js/ajax functions.js, which can lead to HTTP request smuggling. The attack...
CVE-2024-20077
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01297807; Issue ID: MSV-1482...
CVE-2024-20076
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01297806; Issue ID: MSV-1481...
CVE-2024-20081
CVE-2024-20081 affects the gnss service. The issue is an out-of-bounds write caused by improper input validation, leading to local escalation of privilege with system execution privileges required. Exploitation is reported to require no user interaction. A fix is available as patch ID ALPS0871960...
CVE-2024-20079
In gnss service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08044040; Issue ID: MSV-1491...
CVE-2024-20078
In venc, there is a possible out of bounds write due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08737250; Issue ID: MSV-1452...
CVE-2024-20076
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01297806; Issue ID: MSV-1481...
CVE-2024-20076
CVE-2024-20076 concerns MediaTek Modem vulnerability where incorrect error handling can crash the system, enabling remote DoS with no privileges or user interaction. Affected component: Modem in MediaTek firmware; root cause described as error handling flaw. Severity/impact as reported: remote, u...
CVE-2024-20077
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01297807; Issue ID: MSV-1482...
CVE-2024-20077
CVE-2024-20077 affects MediaTek Modem. The issue is due to incorrect error handling in the Modem, which can cause a remote system crash and denial of service without requiring privileges or user interaction. Exploitation would use a network vector (AV:N, AC:L, PR:N, UI:N) and could impact availab...
UBUNTU-CVE-2024-6064
A vulnerability was found in GPAC 2.5-DEV-rev228-g11067ea92-master. It has been declared as problematic. This vulnerability affects the function xmtnodeend of the file src/scenemanager/loaderxmt.c of the component MP4Box. The manipulation leads to use after free. Local access is required to...
CVE-2024-20075
In eemgpu, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08713302; Issue ID: MSV-1393...
CVE-2024-20071
In wlan driver, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00364733; Issue ID: MSV-1331...
CVE-2024-20074
In dmc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08668110; Issue ID: MSV-1333...
CVE-2024-20070
In modem, there is a possible information disclosure due to using risky cryptographic algorithm during connection establishment negotiation. This could lead to remote information disclosure, when weak encryption algorithm is used, with no additional execution privileges needed. User interaction i...
CVE-2024-20073
In wlan service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00367704; Issue ID: MSV-1411...
CVE-2024-20072
In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00364732; Issue ID: MSV-1332...
CVE-2024-20069
In modem, there is a possible selection of less-secure algorithm during the VoWiFi IKE due to a missing DH downgrade check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01286330; Iss...
CVE-2024-20068
In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no needed for exploitation. Patch ID: MOLY01270721; Issue ID: MSV-1479...
CVE-2024-20065
In telephony, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08698617; Issue ID: MSV-1394...