Export limit exceeded: 349538 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 21897 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 349538 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 43837 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43837 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-40539 | 1 Qualcomm | 50 Qam8295p, Qam8295p Firmware, Qca6574au and 47 more | 2024-11-21 | 8.4 High |
| Memory corruption in Automotive Android OS due to improper validation of array index. | ||||
| CVE-2022-40537 | 1 Qualcomm | 324 Apq8009, Apq8009 Firmware, Apq8009w and 321 more | 2024-11-21 | 7.3 High |
| Memory corruption in Bluetooth HOST while processing the AVRC_PDU_GET_PLAYER_APP_VALUE_TEXT AVRCP response. | ||||
| CVE-2022-40535 | 1 Qualcomm | 142 Csr8811, Csr8811 Firmware, Ipq8070a and 139 more | 2024-11-21 | 7.5 High |
| Transient DOS due to buffer over-read in WLAN while sending a packet to device. | ||||
| CVE-2022-40533 | 1 Qualcomm | 220 Csra6620, Csra6620 Firmware, Csra6640 and 217 more | 2024-11-21 | 6.2 Medium |
| Transient DOS due to untrusted Pointer Dereference in core while sending USB QMI request. | ||||
| CVE-2022-40532 | 1 Qualcomm | 706 315 5g Iot Modem, 315 5g Iot Modem Firmware, 8905 and 703 more | 2024-11-21 | 8.4 High |
| Memory corruption due to integer overflow or wraparound in WLAN while sending WMI cmd from host to target. | ||||
| CVE-2022-40530 | 1 Qualcomm | 378 Aqt1000, Aqt1000 Firmware, Ar8031 and 375 more | 2024-11-21 | 8.4 High |
| Memory corruption in WLAN due to integer overflow to buffer overflow in WLAN during initialization phase. | ||||
| CVE-2022-40524 | 1 Qualcomm | 76 Aqt1000, Aqt1000 Firmware, Qca6390 and 73 more | 2024-11-21 | 6.7 Medium |
| Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service. | ||||
| CVE-2022-40514 | 1 Qualcomm | 456 Aqt1000, Aqt1000 Firmware, Ar8031 and 453 more | 2024-11-21 | 9.8 Critical |
| Memory corruption due to buffer copy without checking the size of input in WLAN Firmware while processing CCKM IE in reassoc response frame. | ||||
| CVE-2022-40512 | 1 Qualcomm | 590 Apq8009, Apq8009 Firmware, Apq8017 and 587 more | 2024-11-21 | 7.5 High |
| Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon. | ||||
| CVE-2022-40505 | 1 Qualcomm | 26 9205 Lte Modem, 9205 Lte Modem Firmware, 9206 Lte Modem and 23 more | 2024-11-21 | 8.2 High |
| Information disclosure due to buffer over-read in Modem while parsing DNS hostname. | ||||
| CVE-2022-40503 | 1 Qualcomm | 370 8905, 8905 Firmware, 8909 and 367 more | 2024-11-21 | 8.2 High |
| Information disclosure due to buffer over-read in Bluetooth Host while A2DP streaming. | ||||
| CVE-2022-40438 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 6.5 Medium |
| Buffer overflow vulnerability in function AP4_MemoryByteStream::WritePartial in mp42aac in Bento4 v1.6.0-639, allows attackers to cause a denial of service via a crafted file. | ||||
| CVE-2022-40320 | 2 Fedoraproject, Libconfuse Project | 2 Fedora, Libconfuse | 2024-11-21 | 8.8 High |
| cfg_tilde_expand in confuse.c in libConfuse 3.3 has a heap-based buffer over-read. | ||||
| CVE-2022-40318 | 3 Debian, Frrouting, Redhat | 3 Debian Linux, Frrouting, Enterprise Linux | 2024-11-21 | 6.5 Medium |
| An issue was discovered in bgpd in FRRouting (FRR) through 8.4. By crafting a BGP OPEN message with an option of type 0xff (Extended Length from RFC 9072), attackers may cause a denial of service (assertion failure and daemon restart, or out-of-bounds read). This is possible because of inconsistent boundary checks that do not account for reading 3 bytes (instead of 2) in this 0xff case. NOTE: this behavior occurs in bgp_open_option_parse in the bgp_open.c file, a different location (with a different attack vector) relative to CVE-2022-40302. | ||||
| CVE-2022-40160 | 1 Apache | 1 Commons Jxpath | 2024-11-21 | 6.5 Medium |
| ** DISPUTED ** This record was originally reported by the oss-fuzz project who failed to consider the security context in which JXPath is intended to be used and failed to contact the JXPath maintainers prior to requesting the CVE allocation. The CVE was then allocated by Google in breach of the CNA rules. After review by the JXPath maintainers, the original report was found to be invalid. | ||||
| CVE-2022-40159 | 1 Apache | 1 Commons Jxpath | 2024-11-21 | 6.5 Medium |
| ** DISPUTED ** This record was originally reported by the oss-fuzz project who failed to consider the security context in which JXPath is intended to be used and failed to contact the JXPath maintainers prior to requesting the CVE allocation. The CVE was then allocated by Google in breach of the CNA rules. After review by the JXPath maintainers, the original report was found to be invalid. | ||||
| CVE-2022-40112 | 1 Totolink | 2 A3002r, A3002r Firmware | 2024-11-21 | 7.5 High |
| TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable Buffer Overflow via the hostname parameter in binary /bin/boa. | ||||
| CVE-2022-40110 | 1 Totolink | 2 A3002r, A3002r Firmware | 2024-11-21 | 7.5 High |
| TOTOLINK A3002R TOTOLINK-A3002R-He-V1.1.1-B20200824.0128 is vulnerable to Buffer Overflow via /bin/boa. | ||||
| CVE-2022-3965 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 Medium |
| A vulnerability classified as problematic was found in ffmpeg. This vulnerability affects the function smc_encode_stream of the file libavcodec/smcenc.c of the component QuickTime Graphics Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. The attack can be initiated remotely. The name of the patch is 13c13109759090b7f7182480d075e13b36ed8edd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213544. | ||||
| CVE-2022-3964 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.3 Medium |
| A vulnerability classified as problematic has been found in ffmpeg. This affects an unknown part of the file libavcodec/rpzaenc.c of the component QuickTime RPZA Video Encoder. The manipulation of the argument y_size leads to out-of-bounds read. It is possible to initiate the attack remotely. The name of the patch is 92f9b28ed84a77138105475beba16c146bdaf984. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-213543. | ||||