Lucene search
K

144 matches found

Cvelist
Cvelist
added 2024/09/09 12:0 a.m.25 views

CVE-2024-27368

An issue was discovered in Samsung Mobile Processor Exynos Mobile Processor, Wearable Processor Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsirxreceivedframeind, there is no input validation check on a length...

4.4CVSS0.00158EPSS
Exploits0References1
CVE
CVE
added 2024/09/09 12:0 a.m.68 views

CVE-2024-27364

The CVE-2024-27364 issue affects Samsung Mobile Processor and Samsung Wearable Processor families (Exynos 980, 850, 1080, 1280, 1380, 1330, 1480, W920, W930). The root cause is missing input validation for a length originating from userspace in the function slsi_rx_roamed_ind(), which can cause a...

5.5CVSS6.9AI score0.00162EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2024/09/09 12:0 a.m.67 views

CVE-2024-27365

CVE-2024-27365 affects Samsung Mobile Processor Exynos family: Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, and Exynos W930. The root cause is missing input validation for a length value from userspace in the function slsi_rx_blockack_ind()...

5.5CVSS6.9AI score0.00174EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/09/09 12:0 a.m.25 views

CVE-2024-27364

An issue was discovered in Mobile Processor, Wearable Processor Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsirxroamedind, there is no input validation check on a length coming from userspace, which can lead ...

4.4CVSS7.1AI score0.00162EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/09/09 12:0 a.m.16 views

CVE-2024-27368

An issue was discovered in Samsung Mobile Processor Exynos Mobile Processor, Wearable Processor Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930. In the function slsirxreceivedframeind, there is no input validation check on a length...

4.4CVSS6.8AI score0.00158EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/08/06 2:1 a.m.11 views

SUSE CVE-2024-41072

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: wext: add extra SIOCSIWSCAN data check In 'cfg80211wextsiwscan', add extra check whether number of channels passed via 'ioctlsock, SIOCSIWSCAN, ...' doesn't exceed IWMAXFREQUENCIES and reject invalid request with...

4.4CVSS6.6AI score0.00233EPSS
Exploits0References16
RedhatCVE
RedhatCVE
added 2024/07/18 6:57 p.m.16 views

CVE-2022-48866

A vulnerability was found in the thrustmasterinterrupts function in the Linux kernel's HID Thrustmaster driver. This issue arises from a lack of validation for the actual number of endpoints, leading to a slab-out-of-bounds read when the code accesses the endpoint array. Mitigation Mitigation for...

6CVSS7.3AI score0.00269EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/07/16 12:25 p.m.21 views

CVE-2022-48866 HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts

In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: fix OOB read in thrustmasterinterrupts Syzbot reported an slab-out-of-bounds Read in thrustmasterprobe bug. The root case is in missing validation check of actual number of endpoints. Code should not blindl...

0.00269EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2024/07/16 12:25 p.m.24 views

CVE-2022-48866

In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: fix OOB read in thrustmasterinterrupts Syzbot reported an slab-out-of-bounds Read in thrustmasterprobe bug. The root case is in missing validation check of actual number of endpoints. Code should not blindl...

7.1CVSS5.4AI score0.00269EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/06/13 12:0 a.m.7 views

PT-2024-32229

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The issue arises when the access point receives an association request containing an Extended HE Capabilities Information Element with an invalid MCS-NSS, triggering a firmware crash. Th...

5.5CVSS5.5AI score0.00234EPSS
Exploits0
NVD
NVD
added 2024/06/05 7:15 p.m.29 views

CVE-2024-27380

An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsisetdelayedwakeuptype, there is no input validation check on a length of ioctlargs-argsi coming from userspace, which can lead to a heap over-read...

6CVSS6AI score0.00165EPSS
Exploits0References1
CVE
CVE
added 2024/06/05 6:40 p.m.73 views

CVE-2024-27373

CVE-2024-27373 affects Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. The issue arises in the function slsi_nan_config_get_nl_params() where there is no input validation for disc_attr->mesh_id_len sourced from userspace, which can lead to a heap ove...

7.8CVSS6.8AI score0.00164EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/06/05 6:39 p.m.82 views

CVE-2024-27374

CVE-2024-27374 concerns Samsung Mobile Processor Exynos models 980, 850, 1280, 1380, and 1330. The vulnerability is in the function slsi_nan_publish_get_nl_params() where there is no input validation for hal_req->service_specific_info_len sourced from userspace, allowing a potential heap overw...

7.8CVSS6.8AI score0.00196EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2024/06/05 6:37 p.m.88 views

CVE-2024-27372

CVE-2024-27372 affects Samsung Mobile Processor Exynos 980, 850, 1280, 1380, and 1330. The vulnerability resides in the function slsi_nan_config_get_nl_params() where there is no input validation for disc_attr->infrastructure_ssid_len from userspace, enabling a potential heap overwrite. The is...

7.8CVSS6.8AI score0.00164EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2024/06/02 10:30 p.m.96 views

GHSA-CJCC-P67M-7QXM Unsafe Reflection in base Component class in yiisoft/yii2

Yii2 supports attaching Behaviors to Components by setting properties having the format 'as '. Internally this is done using the set magic method. If the value passed to this method is not an instance of the Behavior class, a new object is instantiated using Yii::createObject$value. However, ther...

8.1CVSS8.3AI score0.7939EPSS
Exploits1References9
NVD
NVD
added 2024/05/20 10:15 a.m.13 views

CVE-2024-35962

In the Linux kernel, the following vulnerability has been resolved: netfilter: complete validation of user input In my recent commit, I missed that doreplace handlers use copyfromsockptr which I fixed, followed by unsafe copyfromsockptroffset calls. In all functions, we can perform the @optlen...

5.5CVSS6.5AI score0.0023EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/04/10 12:0 a.m.0 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. Linux kernel has a security vulnerability that stems from a correct check that is indeed appropriate...

5.5CVSS6.6AI score0.00272EPSS
Exploits0References8
OSV
OSV
added 2024/04/02 7:15 a.m.2 views

DEBIAN-CVE-2024-26667

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: check for valid hwpp in dpuencoderhelperphyscleanup The commit 8b45a26f2ba9 "drm/msm/dpu: reserve cdm blocks for writeback in case of YUV output" introduced a smatch warning about another conditional block in...

5.5CVSS5.4AI score0.00225EPSS
Exploits0References1
NVD
NVD
added 2024/03/11 5:15 p.m.37 views

CVE-2024-0050

In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a missing validation check. This could lead to a local non-security issue with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS6.5AI score0.00126EPSS
Exploits0References2
Prion
Prion
added 2024/03/11 5:15 p.m.21 views

Out-of-bounds

In getConfig of SoftVideoDecoderOMXComponent.cpp, there is a possible out of bounds write due to a missing validation check. This could lead to a local non-security issue with no additional execution privileges needed. User interaction is not needed for exploitation...

7.3AI score0.00126EPSS
Exploits0References2
Rows per page
Query Builder