Total
90 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-20187 | 1 Cisco | 8 Asr1000-esp100, Asr1000-esp200, Asr1000-esp40 and 5 more | 2024-11-21 | N/A | 8.6 HIGH |
| A vulnerability in the Multicast Leaf Recycle Elimination (mLRE) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability is due to incorrect handling of certain IPv6 multicast packets when they are fanned out more than seven times on an affected device. An attacker could exploit this vulnerability by sending a specific IPv6 multicast or IPv6 multicast VPN (MVPNv6) packet through the affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition. | |||||
| CVE-2022-43665 | 1 Estsoft | 1 Alyac | 2024-11-21 | N/A | 5.5 MEDIUM |
| A denial of service vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.8.645. A specially-crafted PE file can lead to killing target process. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-42264 | 5 Citrix, Linux, Nvidia and 2 more | 12 Hypervisor, Linux Kernel, Cloud Gaming and 9 more | 2024-11-21 | N/A | 7.1 HIGH |
| NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause the use of an out-of-range pointer offset, which may lead to data tampering, data loss, information disclosure, or denial of service. | |||||
| CVE-2022-33246 | 1 Qualcomm | 84 Apq8096au, Apq8096au Firmware, Aqt1000 and 81 more | 2024-11-21 | N/A | 6.7 MEDIUM |
| Memory corruption in Audio due to use of out-of-range pointer offset while Initiating a voice call session from user space with invalid session id. | |||||
| CVE-2022-32142 | 1 Codesys | 2 Plcwinnt, Runtime Toolkit | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| Multiple CODESYS Products are prone to a out-of bounds read or write access. A low privileged remote attacker may craft a request with invalid offset, which can cause an out-of-bounds read or write access, resulting in denial-of-service condition or local memory overwrite, which can lead to a change of local files. User interaction is not required. | |||||
| CVE-2022-25709 | 1 Qualcomm | 136 Ar8035, Ar8035 Firmware, Qca6174a and 133 more | 2024-11-21 | N/A | 8.4 HIGH |
| Memory corruption in modem due to use of out of range pointer offset while processing qmi msg | |||||
| CVE-2022-25694 | 1 Qualcomm | 416 Apq8009, Apq8009 Firmware, Apq8009w and 413 more | 2024-11-21 | N/A | 8.4 HIGH |
| Memory corruption in Modem due to usage of Out-of-range pointer offset in UIM | |||||
| CVE-2022-21147 | 1 Estsoft | 1 Alyac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An out of bounds read vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.7.7. A specially-crafted PE file can trigger this vulnerability to cause denial of service and termination of malware scan. An attacker can provide a malicious file to trigger this vulnerability. | |||||
| CVE-2022-1420 | 3 Apple, Fedoraproject, Vim | 3 Macos, Fedora, Vim | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. | |||||
| CVE-2022-0729 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4440. | |||||
| CVE-2022-0685 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4418. | |||||
| CVE-2022-0614 | 1 Mruby | 1 Mruby | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Use of Out-of-range Pointer Offset in Homebrew mruby prior to 3.2. | |||||
| CVE-2022-0554 | 4 Apple, Debian, Fedoraproject and 1 more | 4 Macos, Debian Linux, Fedora and 1 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2. | |||||
| CVE-2021-3889 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| libmobi is vulnerable to Use of Out-of-range Pointer Offset | |||||
| CVE-2021-3888 | 1 Libmobi Project | 1 Libmobi | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| libmobi is vulnerable to Use of Out-of-range Pointer Offset | |||||
| CVE-2021-22550 | 1 Google | 1 Asylo | 2024-11-21 | 4.6 MEDIUM | 6.5 MEDIUM |
| An attacker can modify the pointers in enclave memory to overwrite arbitrary memory addresses within the secure enclave. It is recommended to update past 0.6.3 or git commit https://github.com/google/asylo/commit/a47ef55db2337d29de19c50cd29b0deb2871d31c | |||||
| CVE-2021-22549 | 1 Google | 1 Asylo | 2024-11-21 | 4.6 MEDIUM | 6.5 MEDIUM |
| An attacker can modify the address to point to trusted memory to overwrite arbitrary trusted memory. It is recommended to update past 0.6.2 or git commit https://github.com/google/asylo/commit/53ed5d8fd8118ced1466e509606dd2f473707a5c | |||||
| CVE-2021-1352 | 1 Cisco | 1 Ios Xe | 2024-11-21 | 2.9 LOW | 7.4 HIGH |
| A vulnerability in the DECnet Phase IV and DECnet/OSI protocol processing of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation of DECnet traffic that is received by an affected device. An attacker could exploit this vulnerability by sending DECnet traffic to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. | |||||
| CVE-2020-8904 | 1 Google | 1 Asylo | 2024-11-21 | 5.5 MEDIUM | 6.4 MEDIUM |
| An arbitrary memory overwrite vulnerability in the trusted memory of Asylo exists in versions prior to 0.6.0. As the ecall_restore function fails to validate the range of the output_len pointer, an attacker can manipulate the tmp_output_len value and write to an arbitrary location in the trusted (enclave) memory. We recommend updating Asylo to version 0.6.0 or later. | |||||
| CVE-2020-6112 | 1 Gonitro | 1 Nitro Pro | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable code execution vulnerability exists in the JPEG2000 Stripe Decoding functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when decoding sub-samples. While initializing tiles with sub-sample data, the application can miscalculate a pointer for the stripes in the tile which allow for the decoder to write out of-bounds and cause memory corruption. This can result in code execution. A specially crafted image can be embedded inside a PDF and loaded by a victim in order to trigger this vulnerability. | |||||