| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| An out-of-bounds access vulnerability in the loading of ExecuTorch models can cause the runtime to crash and potentially result in code execution or other undesirable effects. This issue affects ExecuTorch prior to commit b6b7a16df5e7852d976d8c34c8a7e9a1b6f7d005. |
| Bentley View FBX File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of FBX files. Crafted data in an FBX file can trigger a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-18492. |
| Foxit PDF Reader template Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of template objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-22501. |
| A vulnerability in Universal Disk Format (UDF) processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.
This vulnerability is due to a memory overread during UDF file scanning. An attacker could exploit this vulnerability by submitting a crafted file containing UDF content to be scanned by ClamAV on an affected device. A successful exploit could allow the attacker to terminate the ClamAV scanning process, resulting in a DoS condition on the affected software.
For a description of this vulnerability, see the . |
| Out-of-bounds array access issue due to insufficient data verification in the kernel ambient light module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Out-of-bounds read vulnerability in the register configuration of the DMA module.
Impact: Successful exploitation of this vulnerability may affect service confidentiality. |
| Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan. |
| Memory corruption while processing buffer initialization, when trusted report for certain report types are generated. |
| Memory corruption during the image encoding process. |
| Information disclosure in Video while parsing mp2 clip with invalid section length. |
| Transient DOS in WLAN Firmware when the length of received beacon is less than length of ieee802.11 beacon frame. |
| Information disclosure while handling T2LM Action Frame in WLAN Host. |
| Transient DOS while parsing WPA IES, when it is passed with length more than expected size. |
| Information disclosure when the ADSP payload size received in HLOS in response to Audio Stream Manager matrix session is less than this expected size. |
| Information disclosure while parsing dts header atom in Video. |
| Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. |
| Information disclosure in Audio while accessing AVCS services from ADSP payload. |
| Memory corruption when the captureRead QDCM command is invoked from user-space. |
| Transient DOS while parsing probe response and assoc response frame. |
| Transient DOS in WLAN Firmware while parsing rsn ies. |
