| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| In Exynos_parsing_user_data_registered_itu_t_t35 of VendorVideoAPI.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |
| In cc_SendCcImsInfoIndMsg of cc_MmConManagement.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. |
| For u-link Management API an unauthenticated remote attacker in a man-in-the-middle position can inject arbitrary commands in responses returned by WWH servers, which are then executed with elevated privileges. To get into such a position, clients would need to use insecure proxy configurations. |
| There exists an out of bounds read/write in LibJXL versions prior to commit 9cc451b91b74ba470fd72bd48c121e9f33d24c99. The JPEG decoder used by the JPEG XL encoder when doing JPEG recompression (i.e. if using JxlEncoderAddJPEGFrame on untrusted input) does not properly check bounds in the presence of incomplete codes. This could lead to an out-of-bounds write. In jpegli which is released as part of the same project, the same vulnerability is present. However, the relevant buffer is part of a bigger structure, and the code makes no assumptions on the values that could be overwritten. The issue could however cause jpegli to read uninitialised memory, or addresses of functions. |
| A vulnerability, which was classified as problematic, was found in HDF5 up to 1.14.6. This affects the function H5HL__fl_deserialize of the file src/H5HLcache.c. The manipulation of the argument free_block leads to heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. |
| A vulnerability, which was classified as problematic, has been found in HDF5 up to 1.14.6. Affected by this issue is the function H5F_addr_encode_len of the file src/H5Fint.c. The manipulation of the argument pp leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. |
| A vulnerability classified as problematic has been found in HDF5 up to 1.14.6. This affects the function H5FS__sinfo_Srialize_Sct_cb of the file src/H5FScache.c. The manipulation of the argument sect leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. |
| Multiple improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet FortiIsolator version 2.4.0 through 2.4.5 allows an authenticated attacker with at least read-only admin permission and CLI access to execute unauthorized code via specifically crafted CLI commands. |
| A vulnerability in the Command Runner tool of Cisco DNA Center could allow an authenticated, remote attacker to perform a command injection attack. The vulnerability is due to insufficient input validation by the Command Runner tool. An attacker could exploit this vulnerability by providing crafted input during command execution or via a crafted command runner API call. A successful exploit could allow the attacker to execute arbitrary CLI commands on devices managed by Cisco DNA Center. |
| A vulnerability, which was classified as critical, was found in Open Asset Import Library Assimp 5.4.3. Affected is the function Assimp::MD2Importer::InternReadFile in the library code/AssetLib/MD2/MD2Loader.cpp of the component Malformed File Handler. The manipulation of the argument Name leads to stack-based buffer overflow. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. |
| In lwis_initialize_transaction_fences of lwis_fence.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. |
| In dhd_prot_txstatus_process of dhd_msgbuf.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. |
| An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiAnalyzer version 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15 and 6.2.2 through 6.2.13, Fortinet FortiManager version 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15 and 6.2.2 through 6.2.13, Fortinet FortiAnalyzer BigData version 7.4.0, 7.2.0 through 7.2.7, 7.0.1 through 7.0.6, 6.4.5 through 6.4.7 and 6.2.5, Fortinet FortiAnalyzer Cloud version 7.4.1 through 7.4.3, 7.2.1 through 7.2.5, 7.0.1 through 7.0.13 and 6.4.1 through 6.4.7 and Fortinet FortiManager Cloud version 7.4.1 through 7.4.3, 7.2.1 through 7.2.5, 7.0.1 through 7.0.13 and 6.4.1 through 6.4.7 GUI allows an authenticated privileged attacker to execute unauthorized code or commands via crafted HTTPS or HTTP requests. |
| A heap overflow vulnerability exists in libvpx - Encoding a frame that has larger dimensions than the originally configured size with VP9 may result in a heap overflow in libvpx.
We recommend upgrading to version 1.13.1 or above |
| WRC-BE36QS-B and WRC-W701-B contain an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability in WebGUI. If exploited, an arbitrary OS command may be executed by a remote attacker who can log in to WebGUI. |
| cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal. |
| cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments. |
| Memory corruption while executing timestamp video decode command with large input values. |
| An exposed ioctl in the IMFForceDelete driver of IObit Malware Fighter v12.1.0 allows attackers to arbitrarily delete files and escalate privileges. |
| Koha before 24.11.02 allows admins to execute arbitrary commands via shell metacharacters in the tools/scheduler.pl report parameter. |
