CVE Daily
← All tags

Tag: Memory Corruption

All CVEs associated with "Memory Corruption". Page 10/71 • 8498 CVEs.

Subscribe CVEs: RSS for “Memory Corruption”  ·  RSS (High+Critical only)

About “Memory Corruption”

A curated feed of “Memory Corruption”-related CVEs appears below. We currently track 8498 CVEs for this tag (all time). In the last 365 days, 696 were published. Average CVSS is 8.1 (all time; 7.4 over 365d), and 82% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-787 - Out-of-bounds Write, CWE-416 - Use After Free.

In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2024-10-07
Medium

CVE-2024-23374

Memory corruption is possible when an attempt is made from userspace or console to write some haptics effects pattern to the haptics debugfs file.

CVSS: 6.7 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
Medium

CVE-2024-23370

Memory corruption when a process invokes IOCTL calls from user-space to create a HAB virtual channel and another process invokes IOCTL calls to destroy the same.

CVSS: 6.7 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-23369

Memory corruption when invalid length is provided from HLOS for FRS/UDS request/response buffers.

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2024-21455

Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver.

CVSS: 7.8 CWE: CWE-822 - Untrusted Pointer Dereference View on NVD
2024-10-02
High

CVE-2024-28888

A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a checkbox field object. A specially crafted Javascript code inside a malicious PDF document can trigger this vul…

CVSS: 8.8 CWE: CWE-416 - Use After Free View on NVD
2024-10-01
High

CVE-2024-9403

Memory safety bugs present in Firefox 130. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code…

CVSS: 7.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2024-9402

Memory safety bugs present in Firefox 130, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could…

CVSS: 9.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2024-9401

Memory safety bugs present in Firefox 130, Firefox ESR 115.15, Firefox ESR 128.2, and Thunderbird 128.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort…

CVSS: 9.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2024-9400

A potential memory corruption vulnerability could be triggered if an attacker had the ability to trigger an OOM at a specific moment during JIT compilation. This vulnerability affects Firefox < 131,…

CVSS: 8.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2024-9396

It is currently unknown if this issue is exploitable but a condition may arise where the structured clone of certain objects could lead to memory corruption. This vulnerability affects Firefox < 131,…

CVSS: 8.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2024-09-27
Medium

CVE-2024-38796

EDK2 contains a vulnerability in the PeCoffLoaderRelocateImage(). An Attacker may cause memory corruption due to an overflow via an adjacent network. A successful exploit of this vulnerability may le…

CVSS: 5.9 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
2024-09-24
Medium

CVE-2024-38269

An improper restriction of operations within the bounds of a memory buffer in the USB file-sharing handler of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authentica…

CVSS: 4.9 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2024-38268

An improper restriction of operations within the bounds of a memory buffer in the MAC address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated at…

CVSS: 4.9 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2024-38267

An improper restriction of operations within the bounds of a memory buffer in the IPv6 address parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated a…

CVSS: 4.9 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2024-38266

An improper restriction of operations within the bounds of a memory buffer in the parameter type parser of the Zyxel VMG8825-T50K firmware versions through 5.50(ABOM.8)C0 could allow an authenticated…

CVSS: 4.9 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2024-09-13
High

CVE-2024-44094

In ppmp_protect_mfcfw_buf of code/drm_fw.c, there is a possible memory corruption due to improper input validation. This could lead to local escalation of privilege with no additional execution privi…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-44093

In ppmp_unprotect_buf of drm/code/drm_fw.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privi…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-09-12
High

CVE-2024-45181

An issue was discovered in WibuKey64.sys in WIBU-SYSTEMS WibuKey before v6.70 and fixed in v.6.70. An improper bounds check allows crafted packets to cause an arbitrary address write, resulting in ke…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2024-42484

ESP-NOW Component provides a connectionless Wi-Fi communication protocol. An Out-of-Bound (OOB) vulnerability was discovered in the implementation of the ESP-NOW group type message because there is n…

CVSS: 6.5 CWE: CWE-125 - Out-of-bounds Read View on NVD
2024-09-11
Medium

CVE-2024-45022

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix page mapping if vm_area_alloc_pages() with high order fallback to order 0 The __vmap_pages_range_noflush() assume…

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-09-06
High

CVE-2024-7652

An error in the ECMA-262 specification relating to Async Generators could have resulted in a type confusion, potentially leading to memory corruption and an exploitable crash. This vulnerability affe…

CVSS: 7.5 CWE: CWE-476 - NULL Pointer Dereference View on NVD
2024-09-03
Critical

CVE-2024-8389

Memory safety bugs present in Firefox 129. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code…

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2024-8387

Memory safety bugs present in Firefox 129, Firefox ESR 128.1, and Thunderbird 128.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could…

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2024-8384

The JavaScript garbage collector could mis-color cross-compartment objects if OOM conditions were detected at the right point between two passes. This could have led to memory corruption. This vulner…

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-09-02
High

CVE-2024-38402

Memory corruption while processing IOCTL call for getting group info.

CVSS: 7.8 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-38401

Memory corruption while processing concurrent IOCTL calls.

CVSS: 7.8 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-33060

Memory corruption when two threads try to map and unmap a single node simultaneously.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-33054

Memory corruption during the handshake between the Primary Virtual Machine and Trusted Virtual Machine.

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2024-33052

Memory corruption when user provides data for FM HCI command control operations.

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2024-33047

Memory corruption when the captureRead QDCM command is invoked from user-space.

CVSS: 8.4 CWE: CWE-126 - Buffer Over-read View on NVD
High

CVE-2024-33045

Memory corruption when BTFM client sends new messages over Slimbus to ADSP.

CVSS: 8.4 CWE: CWE-562 - Return of Stack Variable Address View on NVD
High

CVE-2024-33042

Memory corruption when Alternative Frequency offset value is set to 255.

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2024-33038

Memory corruption while passing untrusted/corrupted pointers from DSP to EVA.

CVSS: 7.8 CWE: CWE-822 - Untrusted Pointer Dereference View on NVD
High

CVE-2024-33035

Memory corruption while calculating total metadata size when a very high reserved size is requested by gralloc clients.

CVSS: 8.4 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
Medium

CVE-2024-33016

memory corruption when an invalid firehose patch command is invoked.

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2024-23365

Memory corruption while releasing shared resources in MinkSocket listener thread.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
2024-08-23
Medium

CVE-2024-38207

Microsoft Edge (HTML-based) Memory Corruption Vulnerability

CVSS: 6.3 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD
2024-08-22
Medium

CVE-2022-48941

In the Linux kernel, the following vulnerability has been resolved: ice: fix concurrent reset and removal of VFs Commit c503e63200c6 ("ice: Stop processing VF messages during teardown") introduced…

CVSS: 4.7 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
High

CVE-2022-48927

In the Linux kernel, the following vulnerability has been resolved: iio: adc: tsc2046: fix memory corruption by preventing array overflow On one side we have indio_dev->num_channels includes all ph…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-08-20
High

CVE-2024-43688

cron/entry.c in vixie cron before 9cc8ab1, as used in OpenBSD 7.4 and 7.5, allows a heap-based buffer underflow and memory corruption. NOTE: this issue was introduced during a May 2023 refactoring.

CVSS: 7.3 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-08-17
Medium

CVE-2024-42288

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix for possible memory corruption Init Control Block is dereferenced incorrectly. Correctly dereference ICB

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-08-15
High

CVE-2024-34731

In multiple functions of TranscodingResourcePolicy.cpp, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution pr…

CVSS: 7.0 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
2024-08-14
Critical

CVE-2024-20082

In Modem, there is a possible memory corruption due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed…

CVSS: 9.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2024-08-13
High

CVE-2024-38178

Scripting Engine Memory Corruption Vulnerability

CVSS: 7.5 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD
Low

CVE-2021-46772

Insufficient input validation in the ABL may allow a privileged attacker with access to the BIOS menu or UEFI shell to tamper with the structure headers in SPI ROM causing an out of bounds memory rea…

CVSS: 3.9 CWE: CWE-125 - Out-of-bounds Read View on NVD
2024-08-12
Medium

CVE-2024-43168

DISPUTE NOTE: this issue does not pose a security risk as it (according to analysis by the original software developer, NLnet Labs) falls within the expected functionality and security controls of th…

CVSS: 4.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
High

CVE-2024-38218

Microsoft Edge (HTML-based) Memory Corruption Vulnerability

CVSS: 8.4 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD
2024-08-07
Medium

CVE-2024-34615

Out-of-bound write in libsmat.so prior to SMR Aug-2024 Release 1 allows local attackers to cause memory corruption.

CVSS: 5.1 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-08-06
Critical

CVE-2024-7519

Insufficient checks when processing graphics shared memory could have led to memory corruption. This could be leveraged by an attacker to perform a sandbox escape. This vulnerability affects Firefox…

CVSS: 9.6 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-08-05
High

CVE-2024-33034

Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU mappings, especially when the binding and reclaiming of memory buffers are performed at the same time.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-33028

Memory corruption as fence object may still be accessed in timeline destruct after isync fence is released.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-33027

Memory corruption can occur when arbitrary user-space app gains kernel level privilege to modify DDR memory by corrupting the GPU page table.

CVSS: 8.4 CWE: CWE-284 - Improper Access Control View on NVD
High

CVE-2024-33023

Memory corruption while creating a fence to wait on timeline events, and simultaneously signal timeline events.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-33022

Memory corruption while allocating memory in HGSL driver.

CVSS: 8.4 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
High

CVE-2024-33021

Memory corruption while processing IOCTL call to set metainfo.

CVSS: 8.4 CWE: CWE-457 - Use of Uninitialized Variable View on NVD
High

CVE-2024-23384

Memory corruption when the mapped pages in VBO are still mapped after reclaiming by shrinker.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-23383

Memory corruption when kernel driver attempts to trigger hardware fences.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-23382

Memory corruption while processing graphics kernel driver request to create DMA fence.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-23381

Memory corruption when memory mapped in a VBO is not unmapped by the GPU SMMU.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-23356

Memory corruption during session sign renewal request calls in HLOS.

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2024-23355

Memory corruption when keymaster operation imports a shared key.

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2024-21481

Memory corruption when preparing a shared memory notification for a memparcel in Resource Manager.

CVSS: 8.4 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2024-07-29
Medium

CVE-2024-42073

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_buffers: Fix memory corruptions on Spectrum-4 systems The following two shared buffer operations make use of the…

CVSS: 5.5 CWE: CWE-416 - Use After Free View on NVD
2024-07-23
High

CVE-2024-4081

A memory corruption issue due to an improper length check in NI LabVIEW may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provide a user…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-4080

A memory corruption issue due to an improper length check in LabVIEW tdcore.dll may disclose information or result in arbitrary code execution. Successful exploitation requires an attacker to provid…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-07-12
Medium

CVE-2024-40918

In the Linux kernel, the following vulnerability has been resolved: parisc: Try to fix random segmentation faults in package builds PA-RISC systems with PA8800 and PA8900 processors have had proble…

CVSS: 6.3 CWE: N/A View on NVD
2024-07-09
High

CVE-2024-39881

Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a memory corruption condition. If a target visits a malicious page or opens a malicious file an attacke…

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-31339

In multiple functions of StatsService.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges need…

CVSS: 7.8 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-6615

Memory safety bugs present in Firefox 127 and Thunderbird 127. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited t…

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-6604

Memory safety bugs present in Firefox 127, Firefox ESR 115.12, and Thunderbird 115.12. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these cou…

CVSS: 7.5 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2024-6603

In an out-of-memory scenario an allocation could fail but free would have been called on the pointer afterwards leading to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 1…

CVSS: 7.4 CWE: CWE-823 - Use of Out-of-range Pointer Offset View on NVD
Critical

CVE-2024-6602

A mismatch between allocator and deallocator could have led to memory corruption. This vulnerability affects Firefox < 128, Firefox ESR < 115.13, Thunderbird < 115.13, and Thunderbird < 128.

CVSS: 9.8 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD
2024-07-03
Medium

CVE-2024-6383

The bson_string_append function in MongoDB C Driver may be vulnerable to a buffer overflow where the function might attempt to allocate too small of buffer and may lead to memory corruption of neighb…

CVSS: 5.3 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
Medium

CVE-2024-29510

Artifex Ghostscript before 10.03.1 allows memory corruption, and SAFER sandbox bypass, via format string injection with a uniprint device.

CVSS: 6.3 CWE: CWE-693 - Protection Mechanism Failure View on NVD
2024-07-02
Medium

CVE-2024-6381

The bson_strfreev function in the MongoDB C driver library may be susceptible to an integer overflow where the function will try to free memory at a negative offset. This may result in memory corrupt…

CVSS: 4.0 CWE: CWE-680 - Integer Overflow to Buffer Overflow View on NVD
Medium

CVE-2024-20893

Improper input validation in libmediaextractorservice.so prior to SMR Jul-2024 Release 1 allows local attackers to trigger memory corruption.

CVSS: 6.1 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-07-01
High

CVE-2024-23380

Memory corruption while handling user packets during VBO bind operation.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-23373

Memory corruption when IOMMU unmap operation fails, the DMA and anon buffers are getting released.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-23372

Memory corruption while invoking IOCTL call for GPU memory allocation and size param is greater than expected size.

CVSS: 8.4 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
High

CVE-2024-23368

Memory corruption when allocating and accessing an entry in an SMEM partition.

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2024-21482

Memory corruption during the secure boot process, when the `bootm` command is used, it bypasses the authentication of the kernel/rootfs image.

CVSS: 6.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2024-21469

Memory corruption when an invoke call and a TEE call are bound for the same trusted application.

CVSS: 7.3 CWE: CWE-264 View on NVD
High

CVE-2024-21465

Memory corruption while processing key blob passed by the user.

CVSS: 7.8 CWE: CWE-126 - Buffer Over-read View on NVD
High

CVE-2024-21461

Memory corruption while performing finish HMAC operation when context is freed by keymaster.

CVSS: 8.4 CWE: CWE-415 - Double Free View on NVD
High

CVE-2023-43554

Memory corruption while processing IOCTL handler in FastRPC.

CVSS: 8.4 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2024-06-25
Medium

CVE-2024-37894

Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to an Out-of-bounds Write error when assigning ESI variables, Squid is susceptible to a Memory Corruption error. This e…

CVSS: 6.3 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-37006

A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunc…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-23157

A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, a…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-23156

A maliciously crafted 3DM file, when parsed in opennurbs.dll and ASMkern229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerabi…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-37000

A maliciously crafted X_B file, when parsed in pskernel.DLL through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-23148

A maliciously crafted CATPRODUCT file, when parsed in CC5Dll.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunc…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-23147

A maliciously crafted CATPART, X_B and STEP, when parsed in ASMKERN228A.dll and ASMKERN229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation.…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-06-20
High

CVE-2022-48712

In the Linux kernel, the following vulnerability has been resolved: ext4: fix error handling in ext4_fc_record_modified_inode() Current code does not fully takes care of krealloc() error case, whic…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-06-19
High

CVE-2021-47613

In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: fix completion handling The driver currently assumes that the notify callback is only received when the device is do…

CVSS: 7.8 CWE: N/A View on NVD
High

CVE-2021-47605

In the Linux kernel, the following vulnerability has been resolved: vduse: fix memory corruption in vduse_dev_ioctl() The "config.offset" comes from the user. There needs to a check to prevent it…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-06-13
High

CVE-2024-32892

In handle_init of goodix/main/main.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. Use…

CVSS: 7.8 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD
High

CVE-2024-32891

In sec_media_unprotect of media.c, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User…

CVSS: 7.0 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
2024-06-11
High

CVE-2024-5702

Memory corruption in the networking stack could have led to a potentially exploitable crash. This vulnerability affects Firefox < 125, Firefox ESR < 115.12, and Thunderbird < 115.12.

CVSS: 7.5 CWE: CWE-416 - Use After Free View on NVD
Critical

CVE-2024-5701

Memory safety bugs present in Firefox 126. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code…

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-5700

Memory safety bugs present in Firefox 126, Firefox ESR 115.11, and Thunderbird 115.11. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these cou…

CVSS: 7.0 CWE: CWE-786 - Access of Memory Location Before Start of Buffer View on NVD
Critical

CVE-2024-5695

If an out-of-memory condition occurs at a specific point using allocations in the probabilistic heap checker, an assertion could have been triggered, and in rarer situations, memory corruption could…

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-06-10
High

CVE-2022-32897

A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Monterey 12.5. Processing a maliciously crafted tiff file may lead to arbitrary code execution.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-06-06
High

CVE-2024-5306

Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power P…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2024-06-04
Medium

CVE-2024-20876

Improper input validation in libsheifdecadapter.so prior to SMR Jun-2024 Release 1 allows local attackers to lead to memory corruption.

CVSS: 6.1 CWE: N/A View on NVD
2024-06-03
High

CVE-2024-23360

Memory corruption while creating a LPAC client as LPAC engine was allowed to access GPU registers.

CVSS: 8.4 CWE: CWE-284 - Improper Access Control View on NVD
Critical

CVE-2023-43556

Memory corruption in Hypervisor when platform information mentioned is not aligned.

CVSS: 9.3 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2023-43545

Memory corruption when more scan frequency list or channels are sent from the user space.

CVSS: 6.7 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
Medium

CVE-2023-43544

Memory corruption when IPC callback handle is used after it has been released during register callback by another thread.

CVSS: 6.7 CWE: CWE-416 - Use After Free View on NVD
Medium

CVE-2023-43543

Memory corruption in Audio during a playback or a recording due to race condition between allocation and deallocation of graph object.

CVSS: 6.7 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2023-43542

Memory corruption while copying a keyblob`s material when the key material`s size is not accurately checked.

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2023-43538

Memory corruption in TZ Secure OS while Tunnel Invoke Manager initialization.

CVSS: 9.3 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2024-05-30
Medium

CVE-2024-36025

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix off by one in qla_edif_app_getstats() The app_reply->elem[] array is allocated earlier in this function and it…

CVSS: 5.5 CWE: CWE-193 - Off-by-one Error View on NVD
2024-05-29
High

CVE-2024-36016

In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix possible out-of-bounds in gsm0_receive() Assuming the following: - side A configures the n_gsm in basic option mo…

CVSS: 7.7 CWE: CWE-125 - Out-of-bounds Read View on NVD
2024-05-28
High

CVE-2024-24959

Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead…

CVSS: 8.2 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-24958

Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead…

CVSS: 8.2 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-24957

Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead…

CVSS: 8.2 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-24956

Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead…

CVSS: 8.2 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-24955

Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead…

CVSS: 8.2 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-24954

Several out-of-bounds write vulnerabilities exist in the Programming Software Connection FileSystem API functionality of AutomationDirect P3-550E 1.2.10.9. Specially crafted network packets can lead…

CVSS: 8.2 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2023-52548

Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26) Arbitrary Memory Corruption in SMI Handler of ThisiServicesSmm SMM module. This can be leveraged by a malicious OS attacker to corrupt arbitrary SMR…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD