| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. |
| An issue was discovered on certain Nuki Home Solutions devices. An attacker with physical access to the circuit board could use the SWD debug features to control the execution of code on the processor and debug the firmware, as well as read or alter the content of the internal and external flash memory. This affects Nuki Smart Lock 3.0 before 3.3.5, Nuki Smart Lock 2.0 before 2.12.4, as well as Nuki Bridge v1 before 1.22.0 and v2 before 2.13.2. |
| Memory corruption while handling IOCTL call from user-space to set latency level. |
| Information disclosure in modem due to improper input validation during parsing of upcoming CoAP message |
| An Improper Physical Access Control vulnerability in the console port control of Juniper Networks Junos OS Evolved allows an attacker with physical access to the device to get access to a user account.
When the console cable is disconnected, the logged in user is not logged out. This allows a malicious attacker with physical access to the console to resume a previous session and possibly gain administrative privileges.
This issue affects Junos OS Evolved:
* from 23.2R2-EVO before 23.2R2-S1-EVO,
* from 23.4R1-EVO before 23.4R2-EVO. |
| On affected platforms running Arista CloudEOS an issue in the Software Forwarding Engine (Sfe) can lead to a potential denial of service attack by sending malformed packets to the switch. This causes a leak of packet buffers and if enough malformed packets are received, the switch may eventually stop forwarding traffic. |
| Information disclosure while parsing the OCI IE with invalid length. |
| Transient DOS when registration accept OTA is received with incorrect ciphering key data IE in modem. |
| Information disclosure while processing information on firmware image during core initialization. |
| Information disclosure during audio playback. |
| Information disclosure while processing IO control commands. |
| An malicious BLE device can crash BLE victim device by sending malformed gatt packet |
| Windows Common Log File System Driver Information Disclosure Vulnerability |
| A buffer over-read in Ivanti Secure Access Client before 22.7R4 allows a local unauthenticated attacker to cause a denial of service. |
| Transient DOS while parsing a protected 802.11az Fine Time Measurement (FTM) frame. |
| BLF file parser crash in Wireshark 4.0.0 to 4.0.5 and 3.6.0 to 3.6.13 allows denial of service via crafted capture file |
| Memory corruption while processing FIPS encryption or decryption validation functionality IOCTL call. |
| Memory corruption while processing FIPS encryption or decryption IOCTL call invoked from user-space. |
| Transient DOS while processing an improperly formatted 802.11az Fine Time Measurement protocol frame. |
| Transient DOS while processing channel information for speaker protection v2 module in ADSP. |
