Export limit exceeded: 343535 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (343535 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-33014 | 1 Qualcomm | 653 315 5g Iot Modem, 315 5g Iot Modem Firmware, 860 Mobile Platform and 650 more | 2024-11-20 | 7.5 High |
| Transient DOS while parsing ESP IE from beacon/probe response frame. | ||||
| CVE-2024-52714 | 1 Tenda | 3 Ac6, Ac6 Firmware, Ac6v2.0 Firmware | 2024-11-20 | 8.1 High |
| Tenda AC6 v2.0 v15.03.06.50 was discovered to contain a buffer overflow in the function 'fromSetSysTime. | ||||
| CVE-2024-33015 | 1 Qualcomm | 393 Ar8035, Ar8035 Firmware, Csr8811 and 390 more | 2024-11-20 | 7.5 High |
| Transient DOS while parsing SCAN RNR IE when bytes received from AP is such that the size of the last param of IE is less than neighbor report. | ||||
| CVE-2024-33025 | 1 Qualcomm | 340 Csr8811, Csr8811 Firmware, Fastconnect 6800 and 337 more | 2024-11-20 | 7.5 High |
| Transient DOS while parsing the BSS parameter change count or MLD capabilities fields of the ML IE. | ||||
| CVE-2024-33024 | 1 Qualcomm | 364 Ar8035, Ar8035 Firmware, Csr8811 and 361 more | 2024-11-20 | 7.5 High |
| Transient DOS while parsing the ML IE when a beacon with length field inside the common info of ML IE greater than the ML IE length. | ||||
| CVE-2024-33018 | 1 Qualcomm | 303 Ar8035, Ar8035 Firmware, Csr8811 and 300 more | 2024-11-20 | 7.5 High |
| Transient DOS while parsing the received TID-to-link mapping element of the TID-to-link mapping action frame. | ||||
| CVE-2024-33026 | 1 Qualcomm | 332 Ar8035, Ar8035 Firmware, Csr8811 and 329 more | 2024-11-20 | 7.5 High |
| Transient DOS while parsing probe response and assoc response frame when received frame length is less than max size of timestamp. | ||||
| CVE-2024-33023 | 1 Qualcomm | 317 Ar8035, Ar8035 Firmware, Csra6620 and 314 more | 2024-11-20 | 8.4 High |
| Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events. | ||||
| CVE-2024-33022 | 1 Qualcomm | 251 Ar8035, Ar8035 Firmware, Csra6620 and 248 more | 2024-11-20 | 8.4 High |
| Memory corruption while allocating memory in HGSL driver. | ||||
| CVE-2024-33021 | 1 Qualcomm | 279 Ar8035, Ar8035 Firmware, Csra6620 and 276 more | 2024-11-20 | 8.4 High |
| Memory corruption while processing IOCTL call to set metainfo. | ||||
| CVE-2024-33020 | 1 Qualcomm | 198 Ar8035, Ar8035 Firmware, Fastconnect 6700 and 195 more | 2024-11-20 | 7.5 High |
| Transient DOS while processing TID-to-link mapping IE elements. | ||||
| CVE-2024-33019 | 1 Qualcomm | 299 Ar8035, Ar8035 Firmware, Csr8811 and 296 more | 2024-11-20 | 7.5 High |
| Transient DOS while parsing the received TID-to-link mapping action frame. | ||||
| CVE-2024-11081 | 2024-11-20 | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage. | ||||
| CVE-2024-52613 | 1 Justdan96 | 1 Tsmuxer | 2024-11-20 | 5.5 Medium |
| A heap-based buffer under-read in tsMuxer version nightly-2024-05-12-02-01-18 allows attackers to cause Denial of Service (DoS) via a crafted MOV video file. | ||||
| CVE-2024-50968 | 1 Adonesevangelista | 2 Agri-trading Online Shopping System, Trading Online Shopping System | 2024-11-20 | 7.5 High |
| A business logic vulnerability exists in the Add to Cart function of itsourcecode Agri-Trading Online Shopping System 1.0, which allows remote attackers to manipulate the quant parameter when adding a product to the cart. By setting the quantity value to -0, an attacker can exploit a flaw in the application's total price calculation logic. This vulnerability causes the total price to be reduced to zero, allowing the attacker to add items to the cart and proceed to checkout. | ||||
| CVE-2024-23715 | 1 Google | 1 Android | 2024-11-20 | 7.8 High |
| In PMRWritePMPageList of pmr.c, there is a possible out of bounds write due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-35686 | 1 Google | 1 Android | 2024-11-20 | 7.8 High |
| In PVRSRVRGXKickTA3DKM of rgxta3d.c, there is a possible arbitrary code execution due to improper input validation. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2023-35659 | 1 Google | 1 Android | 2024-11-20 | 7.8 High |
| In DevmemIntChangeSparse of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2017-13227 | 1 Google | 1 Android | 2024-11-20 | 5.5 Medium |
| In the autofill service, the package name that is provided by the app process is trusted inappropriately. This could lead to information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2024-20525 | 1 Cisco | 1 Identity Services Engine | 2024-11-20 | 6.1 Medium |
| A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to conduct an XSS attack against a user of the interface. This vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. | ||||