| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Transient DOS while processing TIM IE from beacon frame as there is no check for IE length. |
| Transient DOS while parsing the multi-link element Control field when common information length check is missing before updating the location. |
| Information disclosure while invoking callback function of sound model driver from ADSP for every valid opcode received from sound model driver. |
| Transient DOS can occur when the driver parses the per STA profile IE and tries to access the EXTN element ID without checking the IE length. |
| Information disclosure in Video while parsing mp2 clip with invalid section length. |
| Memory corruption when the captureRead QDCM command is invoked from user-space. |
| Information disclosure while handling T2LM Action Frame in WLAN Host. |
| Memory corruption during the image encoding process. |
| Information disclosure in Audio while accessing AVCS services from ADSP payload. |
| Transient DOS in WLAN Firmware while parsing no-inherit IES. |
| Transient DOS while parsing probe response and assoc response frame. |
| Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. |
| Memory corruption while processing buffer initialization, when trusted report for certain report types are generated. |
| Transient DOS in WLAN Firmware while parsing rsn ies. |
| Transient DOS while parsing WPA IES, when it is passed with length more than expected size. |
| Transient DOS in Audio when invoking callback function of ASM driver. |
| FFmpeg prior to commit bf814 was discovered to contain an out of bounds read via the dist->alphabet_size variable in the read_vlc_prefix() function. |
| Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-23008. |
| Foxit PDF Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-23009. |
| Foxit PDF Reader Annotation Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
The specific flaw exists within the handling of Annotation objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-22708. |
