Memory corruption

Memory corruption while processing Listen Sound Model client payload buffer when there is a request for Listen Sound session get parameter from ST HAL...

Memory corruption

Memory corruption when IPv6 prefix timer objects lifetime expires which are created while Netmgr daemon gets an IPv6 address...

Memory corruption

Memory corruption in TZ Secure OS while requesting a memory allocation from TA region...

Memory corruption

Memory corruption in Audio during playback with speaker protection...

Memory corruption

Memory corruption in Data Modem when a non-standard SDP body, during a VOLTE call...

Memory corruption

Memory corruption while receiving a message in Bus Socket Transport Server...

Information disclosure

Information disclosure in Core services while processing a Diag command...

Design/Logic Flaw

Transient DOS when WLAN firmware receives "reassoc response" frame including RICDATA element...

Memory corruption

Memory corruption when resource manager sends the host kernel a reply message with multiple fragments...

Memory corruption

Memory corruption while running NPU, when NETWORKUNLOAD and NETWORKUNLOAD or NETWORKEXECUTEV2 commands are submitted at the same time...

Design/Logic Flaw

Transient DOS while parsing ieee80211parsemscsie in WIN WLAN driver...

Memory corruption

Memory corruption in Audio when memory map command is executed consecutively in ADSP...

Memory corruption

Memory corruption in wearables while processing data from AON...

Code injection

A vulnerability was found in Perl. This security issue occurs while Perl for Windows relies on the system path environment variable to find the shell cmd.exe. When running an executable that uses the Windows Perl interpreter, Perl attempts to find and execute cmd.exe within the operating system...

Design/Logic Flaw

Cryptographic issue in Automotive while unwrapping the key secs2d and verifying with RPMB data...

Race condition

The session index variable in PCM host voice audio driver initialized before PCM open, accessed during event callback from ADSP and reset during PCM close may lead to race condition between event callback - PCM close and reset session index causing memory corruption...

Buffer overflow

Transient DOS while parsing GATT service data when the total amount of memory that is required by the multiple services is greater than the actual size of the services buffer...

Memory corruption

Memory corruption when HLOS allocates the response payload buffer to copy the data received from ADSP in response to AVCSLOADMODULE command...

Memory corruption

Memory corruption while invoking IOCTLs calls from user space for internal mem MAP and internal mem UNMAP...

Code injection

Permanent DOS in Hypervisor while untrusted VM without PSCI support makes a PSCI call...

Memory corruption

Memory corruption in HLOS while running playready use-case...

Design/Logic Flaw

Transient DOS while parsing IPv6 extension header when WLAN firmware receives an IPv6 packet that contains IPPROTONONE as the next header...

Out-of-bounds

Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service DoS due to an out-of-bounds read involving section-numpages in decoder2007.c...

Input validation

Versions of the package follow-redirects before 1.15.4 are vulnerable to Improper Input Validation due to the improper handling of URLs by the url.parse function. When new URL throws an error, it can be manipulated to misinterpret the hostname. An attacker could exploit this weakness to redirect...

Out-of-bounds

In keyInstall, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08308607...

Design/Logic Flaw

In Modem IMS Stack, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161803; Issue ID: MOLY01161803 MSV-893...

Memory corruption

In battery, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308616...

Out-of-bounds

In Engineer Mode, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08282249; Issue ID: ALPS08282249...

Information disclosure

In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308607; Issue ID: ALPS08304217...

Integer overflow

In battery, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308080...

Out-of-bounds

In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308064...

Information disclosure

In keyInstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308612; Issue ID: ALPS08308612...

Out-of-bounds

In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807...

Information disclosure

In wlan driver, there is a possible PIN crack due to use of insufficiently random values. This could lead to local information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00325055; Issue ID: MSV-868...

Information disclosure

In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308076...

Information disclosure

In netdagent, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944011; Issue ID: ALPS07944011...

Out-of-bounds

In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 MSV-892...

Out-of-bounds

In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161825; Issue ID: MOLY01161825 MSV-895...

Input validation

In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559...

Memory corruption

In display drm, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780685; Issue ID: ALPS07780685...

Information disclosure

In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08307992...

Input validation

In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 MSV-963...

Out-of-bounds

In battery, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308070...

Out-of-bounds

In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 MSV-894...

Design/Logic Flaw

A vulnerability classified as problematic has been found in HuiRan Host Reseller System up to 2.0.0. Affected is an unknown function of the file /user/index/findpass?do=4 of the component HTTP POST Request Handler. The manipulation leads to weak password recovery. It is possible to launch the...

Out-of-bounds

A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been rated as critical. This issue affects some unknown processing of the file dasboardteacher.php of the component Avatar Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely...

Cross site scripting

A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/editteacher.php of the component Add Enginer. The manipulation of the argument Firstname/Lastname leads to cross site scripting...

Cross site scripting

A vulnerability was found in RRJ Nueva Ecija Engineer Online Portal 1.0. It has been classified as problematic. This affects an unknown part of the file /admin/students.php of the component NIA Office. The manipulation leads to basic cross site scripting. It is possible to initiate the attack...

Sql injection

A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ of the component Admin Login. The manipulation of the argument username/password leads to sql injection. The attack may be...

Buffer overflow

STMicroelectronics STSAFE-A1xx middleware before 3.3.7 allows MCU code execution if an adversary has the ability to read from and write to the I2C bus. This is caused by an StSafeAReceiveBytes buffer overflow in the X-CUBE-SAFEA1 Software Package for STSAFE-A sample applications 1.2.0, and thus c...