Latest CVE Feed
-
7.8
HIGHCVE-2024-43049
Memory corruption while invoking IOCTL calls from user space to set generic private command inside WLAN driver.... Read more
- Published: Dec. 02, 2024
- Modified: Dec. 12, 2024
-
7.8
HIGHCVE-2024-43048
Memory corruption when invalid input is passed to invoke GPU Headroom API call.... Read more
Affected Products : wcd9341_firmware wcd9380_firmware wcd9385_firmware wcn3988_firmware wsa8810_firmware wsa8815_firmware wsa8830_firmware wsa8835_firmware qcm4325_firmware sg4150p_firmware +94 more products- Published: Dec. 02, 2024
- Modified: Dec. 12, 2024
-
7.5
HIGHCVE-2024-33063
Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6155p_firmware sa8155p_firmware sa8195p_firmware sa8295p_firmware wcd9341_firmware +240 more products- Published: Dec. 02, 2024
- Modified: Dec. 12, 2024
-
8.4
HIGHCVE-2024-33056
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware sa6145p_firmware +652 more products- Published: Dec. 02, 2024
- Modified: Dec. 12, 2024
-
6.7
MEDIUMCVE-2024-33053
Memory corruption when multiple threads try to unregister the CVP buffer at the same time.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware +104 more products- Published: Dec. 02, 2024
- Modified: Dec. 12, 2024
-
8.4
HIGHCVE-2024-33044
Memory corruption while Configuring the SMR/S2CR register in Bypass mode.... Read more
Affected Products : aqt1000_firmware qam8295p_firmware qca6391_firmware qca6420_firmware qca6426_firmware qca6430_firmware qca6436_firmware qca6574au_firmware qca6595au_firmware qca6696_firmware +415 more products- Published: Dec. 02, 2024
- Modified: Dec. 12, 2024
-
7.0
HIGHCVE-2024-33040
Memory corruption while invoking redundant release command to release one buffer from user space as race condition can occur in kernel space between buffer release and buffer access.... Read more
Affected Products : qca6391_firmware qca6426_firmware qca6436_firmware qca6595au_firmware sd865_5g_firmware sw5100_firmware sw5100p_firmware wcd9380_firmware wcn3980_firmware wcn3988_firmware +50 more products- Published: Dec. 02, 2024
- Modified: Dec. 12, 2024
-
6.7
MEDIUMCVE-2024-33039
Memory corruption when PAL client calls PAL service APIs by passing a random value as handle and the handle is not validated by the service.... Read more
- Published: Dec. 02, 2024
- Modified: Dec. 11, 2024
-
6.1
MEDIUMCVE-2024-33037
Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware +94 more products- Published: Dec. 02, 2024
- Modified: Dec. 11, 2024
-
6.7
MEDIUMCVE-2024-33036
Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access.... Read more
Affected Products : qam8295p_firmware qca6391_firmware qca6426_firmware qca6436_firmware qca6574au_firmware qca6696_firmware sa6145p_firmware sa6150p_firmware sa6155p_firmware sa8145p_firmware +96 more products- Published: Dec. 02, 2024
- Modified: Dec. 11, 2024
-
8.4
HIGHCVE-2024-10490
An “Authentication Bypass Using an Alternate Path or Channel” vulnerability in the OPC UA Server configuration required for B&R mapp Cockpit before 6.0, B&R mapp View before 6.0, B&R mapp Services before 6.0, B&R mapp Motion before 6.0 and B&R mapp Vision... Read more
Affected Products :- Published: Dec. 02, 2024
- Modified: Dec. 02, 2024
-
7.8
HIGHCVE-2024-53104
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calcul... Read more
Affected Products : linux_kernel- Actively Exploited
- Published: Dec. 02, 2024
- Modified: Feb. 06, 2025
-
7.8
HIGHCVE-2024-53103
In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a... Read more
Affected Products : linux_kernel- Published: Dec. 02, 2024
- Modified: Jan. 07, 2025
-
6.5
MEDIUMCVE-2024-20139
In Bluetooth firmware, there is a possible firmware asssert due to improper handling of exceptional conditions. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Pat... Read more
Affected Products :- Published: Dec. 02, 2024
- Modified: Dec. 02, 2024
-
7.5
HIGHCVE-2024-20138
In wlan driver, there is a possible out of bound read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS0899829... Read more
- Published: Dec. 02, 2024
- Modified: Apr. 22, 2025
-
7.5
HIGHCVE-2024-20137
In wlan driver, there is a possible client disconnection due to improper handling of exceptional conditions. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch... Read more
Affected Products :- Published: Dec. 02, 2024
- Modified: Dec. 02, 2024
-
6.2
MEDIUMCVE-2024-20136
In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09121847; Issue ID:... Read more
- Published: Dec. 02, 2024
- Modified: Apr. 22, 2025
-
6.7
MEDIUMCVE-2024-20135
In soundtrigger, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09142526; Issu... Read more
- Published: Dec. 02, 2024
- Modified: Apr. 22, 2025
-
6.7
MEDIUMCVE-2024-20134
In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09154589; Issue ID: MSV... Read more
- Published: Dec. 02, 2024
- Modified: Apr. 22, 2025
-
6.7
MEDIUMCVE-2024-20133
In Modem, there is a possible escalation of privilege due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01395886; Issu... Read more
- Published: Dec. 02, 2024
- Modified: Apr. 22, 2025