| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Information disclosure in WLAN HOST while processing the WLAN scan descriptor list during roaming scan. |
| Memory corruption while processing audio effects. |
| Memory corruption when AP includes TID to link mapping IE in the beacons and STA is parsing the beacon TID to link mapping IE. |
| Memory corruption in video while parsing the Videoinfo, when the size of atom is greater than the videoinfo size. |
| Information disclosure in WLAN HAL while handling command through WMI interfaces. |
| Information disclosure in WLAN HAL while handling the WMI state info command. |
| Memory corruption in SPS Application while requesting for public key in sorter TA. |
| Memory corruption in Core while processing RX intent request. |
| Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. |
| Memory corruption during management frame processing due to mismatch in T2LM info element. |
| Memory corruption when IOCTL call is invoked from user-space to read board data. |
| Transient DOS may occur while processing the country IE. |
| Transient DOS during hypervisor virtual I/O operation in a virtual machine. |
| Memory corruption when IOCTL call is invoked from user-space to write board data to WLAN driver. |
| Luxion KeyShot DAE File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Luxion KeyShot. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of dae files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-23704. |
| FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function. |
| Tags not expected to be visible to a user could still be discovered by them via the tag search page or in the tags block. |
| Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-23008. |
| An issue has been discovered in GitLab CE/EE affecting all versions from 11.1 before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. Improper XPath validation allows modified SAML response to bypass 2FA requirement under specialized conditions. |
| An issue has been discovered in GitLab CE/EE affecting all versions before 17.10.7, 17.11 before 17.11.3, and 18.0 before 18.0.1. An attacker may be able to reveal masked or hidden CI variables (that they did not author) in the WebUI, by simply creating their own variable and observing the HTTP response. |
