| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Memory corruption due to improper access control in kernel while processing a mapping request from root process. |
| Transient DOS due to reachable assertion in WLAN while processing PEER ID populated by TQM. |
| Information disclosure in Linux Networking Firmware due to unauthorized information leak during side channel analysis. |
| Information disclosure in Kernel due to indirect branch misprediction. |
| Memory corruption in Linux Networking due to double free while handling a hyp-assign. |
| Transient DOS due to improper authorization in Modem |
| Memory corruption in Video due to double free while playing 3gp clip with invalid metadata atoms. |
| Transient DOS due to uncontrolled resource consumption in WLAN firmware when peer is freed in non qos state. |
| Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon. |
| Transient DOS due to reachable assertion in Modem while processing config related to cross carrier scheduling, which is not supported. |
| Information disclosure due to buffer over-read in Modem while parsing DNS hostname. |
| Transient DOS due to reachable assertion in Modem when UE received Downlink Data Indication message from the network. |
| Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming. |
| Transient DOS due to improper input validation in WLAN Host. |
| OASES (aka Open Aviation Strategic Engineering System) 8.8.0.2 allows attackers to execute arbitrary code via the Open Print Folder menu. |
| cfg_tilde_expand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read. |
| In Singular before 4.3.1, a predictable /tmp pathname is used (e.g., by sdb.cc), which allows local users to gain the privileges of other users via a procedure in a file under /tmp. NOTE: this CVE Record is about sdb.cc and similar files in the Singular interface that have predictable /tmp pathnames; this CVE Record is not about the lack of a safe temporary-file creation capability in the Singular language. |
| UBports Ubuntu Touch 16.04 allows the screen-unlock passcode to be used for a privileged shell via Sudo. This passcode is only four digits, far below typical length/complexity for a user account's password. NOTE: a third party states "The described attack cannot be executed as demonstrated. |
| An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). cyassl_connect_step2 in curl/vtls/cyassl.c has a missing X509_free after SSL_get_peer_certificate, leading to information disclosure. |
| An issue was discovered in Samsung TizenRT through 3.0_GBM (and 3.1_PRE). createDB in security/provisioning/src/provisioningdatabasemanager.c has a missing sqlite3_close after sqlite3_open_v2, leading to a denial of service. |
