| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Transient DOS in WLAN Firmware while parsing no-inherit IES. |
| Transient DOS when WLAN firmware receives "reassoc response" frame including RIC_DATA element. |
| Memory corruption while invoking callback function of AFE from ADSP. |
| Memory corruption while parsing the ADSP response command. |
| Memory corruption in WLAN Firmware while doing a memory copy of pmk cache. |
| Memory corruption when resource manager sends the host kernel a reply message with multiple fragments. |
| Memory corruption while processing buffer initialization, when trusted report for certain report types are generated. |
| Transient DOS in WLAN Firmware while parsing rsn ies. |
| Transient DOS in WLAN Firmware while parsing a NAN management frame. |
| Memory corruption while using the UIM diag command to get the operators name. |
| Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. |
| Memory corruption while processing finish_sign command to pass a rsp buffer. |
| Use of Externally-Controlled Format String vulnerability in the SonicOS SSL VPN interface allows a remote unauthenticated attacker to cause service disruption. |
| Multiple Cisco products are affected by a vulnerability in the rate filtering feature of the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured rate limiting filter.
This vulnerability is due to an incorrect connection count comparison. An attacker could exploit this vulnerability by sending traffic through an affected device at a rate that exceeds a configured rate filter. A successful exploit could allow the attacker to successfully bypass the rate filter. This could allow unintended traffic to enter the network protected by the affected device. |
| Luxion KeyShot DAE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of dae files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23704. |
| Integer overflow vulnerability in FFmpeg before n6.1, allows attackers to cause a denial of service (DoS) via the avcodec/osq module. |
| Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the JJPEG XL Parser. |
| FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function. |
| Integer overflow vulnerability in FFmpeg before n6.1, allows remote attackers to execute arbitrary code via the jpegxl_anim_read_packet component in the JPEG XL Animation decoder. |
| Tags not expected to be visible to a user could still be discovered by them via the tag search page or in the tags block. |
