| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Bentley View FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of FBX files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-18491. |
| Issue of buffer overflow caused by insufficient data verification in the kernel gyroscope module.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Issue of buffer overflow caused by insufficient data verification in the kernel acceleration module.
Impact: Successful exploitation of this vulnerability may affect availability. |
| Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Out-of-bounds read vulnerability in the register configuration of the DMA module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Memory corruption during the image encoding process. |
| Memory corruption while playing audio file having large-sized input buffer. |
| Transient DOS during hypervisor virtual I/O operation in a virtual machine. |
| Transient DOS may occur while processing the country IE. |
| Memory corruption while processing manipulated payload in video firmware. |
| Memory corruption while processing data packets in diag received from Unix clients. |
| Information disclosure in Audio while accessing AVCS services from ADSP payload. |
| Memory corruption while processing buffer initialization, when trusted report for certain report types are generated. |
| Memory corruption when resource manager sends the host kernel a reply message with multiple fragments. |
| Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element. |
| Information disclosure when VI calibration state set by ADSP is greater than MAX_FBSP_STATE in the response payload to AFE calibration command. |
| Transient DOS while parsing WPA IES, when it is passed with length more than expected size. |
| Memory corruption in Core while processing RX intent request. |
| Memory corruption in wearables while processing data from AON. |
| Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. |
