Ricoh Company, Ltd. Security Vulnerabilities
Transient DOS due to buffer over-read in WLAN Firmware while parsing secure FTMR frame with size lesser than 39...
7.5CVSS
7.6AI Score
0.001EPSS
Memory corruption due to incorrect type conversion or cast in audio while using audio playback/capture when crafted address is sent from AGM IPC to...
7.8CVSS
7.7AI Score
0.0004EPSS
Information disclosure in Modem due to buffer over-read while receiving a IP header with malformed...
7.5CVSS
8.2AI Score
0.001EPSS
Memory corruption due to improper validation of array index in computer vision while testing EVA kernel without sending any...
7.8CVSS
6.9AI Score
0.0004EPSS
Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP...
8.8CVSS
8.7AI Score
0.001EPSS
Memory corruption due to buffer copy without checking the size of input in HLOS when input message size is larger than the buffer...
7.8CVSS
7.9AI Score
0.0004EPSS
Information disclosure due to buffer over-read in Trusted Execution Environment while QRKS report...
7.3CVSS
5.6AI Score
0.0004EPSS
7.5CVSS
8.2AI Score
0.001EPSS
Memory corruption due to use after free in Core when multiple DCI clients register and...
7.8CVSS
7.2AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking the size of input in modem while decoding raw SMS...
9.8CVSS
9.6AI Score
0.001EPSS
7.5CVSS
7.5AI Score
0.001EPSS
Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session...
7.8CVSS
6.9AI Score
0.0004EPSS
8.4CVSS
7.7AI Score
0.0004EPSS
Memory corruption in Linux android due to double free while calling unregister provider after register...
7.8CVSS
7AI Score
0.0004EPSS
Memory corruption due to buffer copy without checking the size of input in Core while processing ioctl commands from diag client...
7.8CVSS
7.1AI Score
0.0004EPSS
7.8CVSS
7.1AI Score
0.0004EPSS
Information disclosure due to buffer over-read while parsing DNS response packets in...
8.2CVSS
7.5AI Score
0.001EPSS
Information disclosure in Trusted Execution Environment due to buffer over-read while processing metadata verification...
6.8CVSS
5.6AI Score
0.0004EPSS
5.5CVSS
5.3AI Score
0.0004EPSS
Denial of service in modem due to missing null check while processing the ipv6 packet received during ECM...
7.5CVSS
7.5AI Score
0.001EPSS
Information disclosure in modem due to buffer over-red while performing checksum of packet...
8.2CVSS
7.5AI Score
0.001EPSS
Information disclosure in modem due to improper check of IP type while processing DNS server...
7.5CVSS
8.1AI Score
0.001EPSS
Information disclosure in modem due to buffer over read in dns client due to missing length...
7.5CVSS
8.1AI Score
0.001EPSS
Information disclosure in modem due to buffer over-read while processing response from DNS...
7.5CVSS
8.2AI Score
0.001EPSS
9.8CVSS
9.4AI Score
0.001EPSS
Memory corruption in WLAN HAL while arbitrary value is passed in WMI UTF command...
7.8CVSS
8.7AI Score
0.0004EPSS
6.2CVSS
5.3AI Score
0.0004EPSS
With RSAC just a week away, Cisco Talos is gearing up for another year of heading to San Francisco to share in some of the latest major cybersecurity announcements, research and news. We've pulled together the highlights, so you don't miss out on all things Talos. **Tuesday, May 7 ** Joe...
7.2AI Score
CVE-2022-33280 Access of uninitialized pointer in Bluetooth HOST
Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP...
7.3CVSS
9AI Score
0.001EPSS
CVE-2022-25735 Null Pointer Dereference in MODEM
Denial of service in modem due to missing null check while processing TCP or UDP packets from...
7.5CVSS
7.7AI Score
0.001EPSS
CVE-2022-25733 Null Pointer Dereference in MODEM
Denial of service in modem due to null pointer dereference while processing DNS...
7.5CVSS
7.7AI Score
0.001EPSS
CVE-2022-40537 Improper Validation of Array Index in Bluetooth HOST
Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP...
7.3CVSS
9.8AI Score
0.001EPSS
CVE-2022-40530 Integer overflow to buffer overflow in WLAN
Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization...
8.4CVSS
9AI Score
0.0004EPSS
CVE-2022-33257 Time-of-check time-of-use race condition in Core
Memory corruption in Core due to time-of-check time-of-use race condition during dump collection in trust...
9.3CVSS
9.5AI Score
0.0004EPSS
CVE-2022-33242 Improper authentication in Qualcomm IPC
Memory corruption due to improper authentication in Qualcomm IPC while loading unsigned lib in audio...
7.8CVSS
8.1AI Score
0.0004EPSS
CVE-2022-40532 Integer overflow or wraparound in WLAN
Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to...
8.4CVSS
8.9AI Score
0.0004EPSS
CVE-2022-33222 Buffer over-read in Modem
Information disclosure due to buffer over-read while parsing DNS response packets in...
8.2CVSS
8.3AI Score
0.001EPSS
CVE-2022-40504 Reachable assertion in Modem
Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the...
7.5CVSS
7.7AI Score
0.001EPSS
CVE-2023-21656 Improper Input Validation in WLAN HOST
Memory corruption in WLAN HOST while receiving an WMI event from...
7.8CVSS
8AI Score
0.0004EPSS
CVE-2022-40525 Information Exposure in Linux Networking Firmware
Information disclosure in Linux Networking Firmware due to unauthorized information leak during side channel...
7.1CVSS
6.8AI Score
0.0004EPSS
CVE-2022-33303 Uncontrolled resource consumption in Linux kernel
Transient DOS due to uncontrolled resource consumption in Linux kernel when malformed messages are sent from the Gunyah Resource Manager message...
5.5CVSS
5.6AI Score
0.0004EPSS
CVE-2023-21641 Permissions, Privileges, and Access Controls in Display
An app with non-privileged access can change global system brightness and cause undesired system...
6.6CVSS
7.8AI Score
0.0004EPSS
CVE-2023-21624 Information Exposure in DSP Services
Information disclosure in DSP Services while loading dynamic...
6.2CVSS
6.5AI Score
0.0004EPSS
CVE-2023-28575 Multiple Type Confusion Vulnerability
The cam_get_device_priv function does not check the type of handle being returned (device/session/link). This would lead to invalid type usage if a wrong handle is passed to...
6.7CVSS
7.8AI Score
0.0004EPSS
CVE-2023-28561 Buffer Copy Without Checking Size of Input in QESL
Memory corruption in QESL while processing payload from external ESL device to...
9.8CVSS
9.8AI Score
0.001EPSS
CVE-2023-28537 Integer Overflow or Wraparound in Audio
Memory corruption while allocating memory in COmxApeDec module in...
8.4CVSS
8.8AI Score
0.0004EPSS
CVE-2023-21650 Improper Validation of Array Index in GPS HLOS Driver
Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data...
6.7CVSS
7.8AI Score
0.0004EPSS
CVE-2023-28573 Improper Validation of Array Index in WLAN HAL
Memory corruption in WLAN HAL while parsing WMI command...
7.8CVSS
8.1AI Score
0.0004EPSS
CVE-2023-28558 Improper Validation of Array Index in WLAN HAL
Memory corruption in WLAN handler while processing PhyID in Tx status...
7.8CVSS
8AI Score
0.0004EPSS
CVE-2023-28544 Buffer Copy without Checking the Size of Input in WLAN Firmware
Memory corruption in WLAN while sending transmit command from HLOS to UTF...
7.8CVSS
8.1AI Score
0.0004EPSS