CVE Daily
← All tags

Tag: Memory Corruption

All CVEs associated with "Memory Corruption". Page 11/71 • 8498 CVEs.

Subscribe CVEs: RSS for “Memory Corruption”  ·  RSS (High+Critical only)

About “Memory Corruption”

A curated feed of “Memory Corruption”-related CVEs appears below. We currently track 8498 CVEs for this tag (all time). In the last 365 days, 696 were published. Average CVSS is 8.1 (all time; 7.4 over 365d), and 82% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-787 - Out-of-bounds Write, CWE-416 - Use After Free.

In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2024-05-28
High

CVE-2023-52547

Huawei Matebook D16(Model: CREM-WXX9, BIOS: v2.26. Memory Corruption in SMI Handler of HddPassword SMM Module. This can be leveraged by a malicious OS attacker to corrupt data structures stored at th…

CVSS: 7.8 CWE: CWE-130 - Improper Handling of Length Parameter Inconsistency View on NVD
2024-05-24
High

CVE-2021-47561

In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: disable timeout handling If a timeout is hit, it can result is incorrect data on the I2C bus and/or memory corruptio…

CVSS: 7.8 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2021-47536

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix wrong list_del in smc_lgr_cleanup_early smc_lgr_cleanup_early() meant to delete the link group from the link group l…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-05-22
High

CVE-2021-47496

In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix flipped sign in tls_err_abort() calls sk->sk_err appears to expect a positive value, a convention that ktls doesn't…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-05-21
High

CVE-2023-52864

In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7 ("drivers: misc: pass miscdevice pointer via file private…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2023-52754

In the Linux kernel, the following vulnerability has been resolved: media: imon: fix access to invalid resource for the second interface imon driver probes two USB interfaces, and at the probe of t…

CVSS: 5.5 CWE: CWE-401 - Missing Release of Memory after Effective Lifetime View on NVD
Medium

CVE-2021-47351

In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix races between xattr_{set|get} and listxattr operations UBIFS may occur some problems with concurrent xattr_{set|get} a…

CVSS: 5.5 CWE: CWE-617 - Reachable Assertion View on NVD
Critical

CVE-2021-47274

In the Linux kernel, the following vulnerability has been resolved: tracing: Correct the length check which causes memory corruption We've suffered from severe kernel crashes due to memory corrupti…

CVSS: 9.8 CWE: CWE-125 - Out-of-bounds Read View on NVD
2024-05-20
Critical

CVE-2024-4323

A memory corruption vulnerability in Fluent Bit versions 2.0.7 thru 3.0.3. This issue lies in the embedded http server’s parsing of trace requests and may result in denial of service conditions, info…

CVSS: 9.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
2024-05-19
High

CVE-2024-35911

In the Linux kernel, the following vulnerability has been resolved: ice: fix memory corruption bug with suspend and rebuild The ice driver would previously panic after suspend. This is caused from…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-05-17
Medium

CVE-2024-35848

In the Linux kernel, the following vulnerability has been resolved: eeprom: at24: fix memory corruption race condition If the eeprom is not accessible, an nvmem device will be registered, the read…

CVSS: 4.7 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
2024-05-15
High

CVE-2024-27353

A memory corruption vulnerability in SdHost and SdMmcDevice in Insyde InsydeH2O kernel 5.2 before 05.29.09, kernel 5.3 before 05.38.09, kernel 5.4 before 05.46.09, kernel 5.5 before 05.54.09, and ker…

CVSS: 7.4 CWE: CWE-822 - Untrusted Pointer Dereference View on NVD
High

CVE-2024-25079

A memory corruption vulnerability in HddPassword in Insyde InsydeH2O kernel 5.2 before 05.29.09, kernel 5.3 before 05.38.09, kernel 5.4 before 05.46.09, kernel 5.5 before 05.54.09, and kernel 5.6 bef…

CVSS: 7.4 CWE: CWE-763 - Release of Invalid Pointer or Reference View on NVD
High

CVE-2024-25078

A memory corruption vulnerability in StorageSecurityCommandDxe in Insyde InsydeH2O before kernel 5.2: IB19130163 in 05.29.07, kernel 5.3: IB19130163 in 05.38.07, kernel 5.4: IB19130163 in 05.46.07, k…

CVSS: 7.4 CWE: CWE-822 - Untrusted Pointer Dereference View on NVD
2024-05-14
Critical

CVE-2024-4778

Memory safety bugs present in Firefox 125. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code…

CVSS: 9.8 CWE: CWE-1260 - Improper Handling of Overlap Between Protected Memory Ranges View on NVD
High

CVE-2024-4777

Memory safety bugs present in Firefox 125, Firefox ESR 115.10, and Thunderbird 115.10. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these cou…

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Medium

CVE-2024-33008

SAP Replication Server allows an attacker to use gateway for executing some commands to RSSD. This could result in crashing the Replication Server due to memory corruption with high impact on Availab…

CVSS: 4.9 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-32058

A vulnerability has been identified in Simcenter Femap (All versions < V2406). The affected application is vulnerable to memory corruption while parsing specially crafted IGS files. This could allow…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2024-05-07
Medium

CVE-2024-20861

Use after free vulnerability in SveService prior to SMR May-2024 Release 1 allows local privileged attackers to cause memory corruption.

CVSS: 6.0 CWE: CWE-416 - Use After Free View on NVD
2024-05-06
High

CVE-2024-23354

Memory corruption when the IOCTL call is interrupted by a signal.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-23351

Memory corruption as GPU registers beyond the last protected range can be accessed through LPAC submissions.

CVSS: 8.4 CWE: CWE-284 - Improper Access Control View on NVD
High

CVE-2024-21480

Memory corruption while playing audio file having large-sized input buffer.

CVSS: 7.3 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2024-21476

Memory corruption when the channel ID passed by user is not validated and further used.

CVSS: 7.8 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2024-21475

Memory corruption when the payload received from firmware is not as per the expected protocol size.

CVSS: 7.8 CWE: CWE-823 - Use of Out-of-range Pointer Offset View on NVD
High

CVE-2024-21474

Memory corruption when size of buffer from previous call is used without validation or re-initialization.

CVSS: 8.4 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2024-21471

Memory corruption when IOMMU unmap of a GPU buffer fails in Linux.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2023-43531

Memory corruption while verifying the serialized header when the key pairs are generated.

CVSS: 8.4 CWE: CWE-824 - Access of Uninitialized Pointer View on NVD
Medium

CVE-2023-43530

Memory corruption in HLOS while checking for the storage type.

CVSS: 5.9 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
Medium

CVE-2023-43526

Memory corruption while querying module parameters from Listen Sound model client in kernel from user space.

CVSS: 6.7 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2023-43525

Memory corruption while copying the sound model data from user to kernel buffer during sound model register.

CVSS: 6.7 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2023-43524

Memory corruption when the bandpass filter order received from AHAL is not within the expected range.

CVSS: 6.7 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2023-43521

Memory corruption when multiple listeners are being registered with the same file descriptor.

CVSS: 6.7 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2023-33119

Memory corruption while loading a VM from a signed VM image that is not coherent in the processor cache.

CVSS: 8.4 CWE: CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition View on NVD
2024-05-03
High

CVE-2023-51608

Kofax Power PDF J2K File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power P…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-50187

Trimble SketchUp Viewer SKP File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimb…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2023-42117

Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentic…

CVSS: 9.8 CWE: CWE-138 - Improper Neutralization of Special Elements View on NVD
High

CVE-2023-42078

PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChang…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-42047

PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChang…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-42043

PDF-XChange Editor PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChang…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-42037

Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power P…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-42036

Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power P…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-39486

PDF-XChange Editor JP2 File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChang…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-38084

Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power P…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-38082

Kofax Power PDF GIF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power P…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-37333

Kofax Power PDF PCX File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power P…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-37332

Kofax Power PDF PNG File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power P…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2024-05-01
Critical

CVE-2023-49606

A use-after-free vulnerability exists in the HTTP Connection Headers parsing in Tinyproxy 1.11.1 and Tinyproxy 1.10.0. A specially crafted HTTP header can trigger reuse of previously freed memory, wh…

CVSS: 9.8 CWE: CWE-416 - Use After Free View on NVD
Medium

CVE-2024-27007

In the Linux kernel, the following vulnerability has been resolved: userfaultfd: change src_folio after ensuring it's unpinned in UFFDIO_MOVE Commit d7a08838ab74 ("mm: userfaultfd: fix unexpected c…

CVSS: 5.5 CWE: N/A View on NVD
2024-04-30
High

CVE-2024-25938

A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Barcode widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a previ…

CVSS: 8.8 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-25648

A use-after-free vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a ComboBox widget. A specially crafted JavaScript code inside a malicious PDF document can trigger reuse of a prev…

CVSS: 8.8 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-25575

A type confusion vulnerability vulnerability exists in the way Foxit Reader 2024.1.0.23997 handles a Lock object. A specially crafted Javascript code inside a malicious PDF document can trigger this…

CVSS: 8.8 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD
2024-04-25
High

CVE-2024-22391

A heap-based buffer overflow vulnerability exists in the LookupTable::SetLUT functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted malformed file can lead to memory corruptio…

CVSS: 7.7 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2024-04-17
Low

CVE-2024-0257

RoboDK v5.5.4 is vulnerable to heap-based buffer overflow while processing a specific project file. The resulting memory corruption may crash the application.

CVSS: 3.3 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
Medium

CVE-2024-26853

In the Linux kernel, the following vulnerability has been resolved: igc: avoid returning frame twice in XDP_REDIRECT When a frame can not be transmitted in XDP_REDIRECT (e.g. due to a full queue),…

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-04-16
High

CVE-2024-3865

Memory safety bugs present in Firefox 124. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code…

CVSS: 8.1 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2024-3864

Memory safety bug present in Firefox 124, Firefox ESR 115.9, and Thunderbird 115.9. This bug showed evidence of memory corruption and we presume that with enough effort this could have been exploited…

CVSS: 8.1 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2024-04-12
High

CVE-2024-30382

An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a network-based, unauthenticated attacker to…

CVSS: 7.5 CWE: CWE-755 - Improper Handling of Exceptional Conditions View on NVD
2024-04-11
Critical

CVE-2024-29937

NFS in a BSD derived codebase, as used in OpenBSD through 7.4 and FreeBSD through 14.0-RELEASE, allows remote attackers to execute arbitrary code via a bug that is unrelated to memory corruption.

CVSS: 9.8 CWE: CWE-94 - Improper Control of Generation of Code ('Code Injection') View on NVD
2024-04-09
High

CVE-2023-48724

A memory corruption vulnerability exists in the web interface functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point (EAP225 V3) v5.1.0 Build 20220926. A specially crafted HTTP POST re…

CVSS: 7.5 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
2024-04-04
Medium

CVE-2024-26807

In the Linux kernel, the following vulnerability has been resolved: Both cadence-quadspi ->runtime_suspend() and ->runtime_resume() implementations start with: struct cqspi_st *cqspi = dev_get_drv…

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-04-03
High

CVE-2024-27344

Kofax Power PDF PDF File Parsing Memory Corruption Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Kofax Power P…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2024-26718

In the Linux kernel, the following vulnerability has been resolved: dm-crypt, dm-verity: disable tasklets Tasklets have an inherent problem with memory corruption. The function tasklet_action_commo…

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-04-01
Critical

CVE-2024-21473

Memory corruption while redirecting log file to any file location with any file name.

CVSS: 9.8 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2024-21472

Memory corruption in Kernel while handling GPU operations.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-21470

Memory corruption while allocating memory for graphics.

CVSS: 8.4 CWE: CWE-680 - Integer Overflow to Buffer Overflow View on NVD
High

CVE-2024-21468

Memory corruption when there is failed unmap operation in GPU.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-21463

Memory corruption while processing Codec2 during v13k decoder pitch synthesis.

CVSS: 7.3 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2023-43515

Memory corruption in HLOS while running kernel address sanitizers (syzkaller) on tmecom with DEBUG_FS enabled.

CVSS: 6.6 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2023-33115

Memory corruption while processing buffer initialization, when trusted report for certain report types are generated.

CVSS: 7.8 CWE: CWE-126 - Buffer Over-read View on NVD
High

CVE-2023-33023

Memory corruption while processing finish_sign command to pass a rsp buffer.

CVSS: 8.4 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2023-28547

Memory corruption in SPS Application while requesting for public key in sorter TA.

CVSS: 8.4 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
2024-03-26
Medium

CVE-2024-26646

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: hfi: Add syscore callbacks for system-wide PM The kernel allocates a memory buffer and provides its location to t…

CVSS: 5.5 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD
High

CVE-2024-2929

A memory corruption vulnerability in Rockwell Automation Arena Simulation software could potentially allow a malicious user to insert unauthorized code to the software by corrupting the memory trigge…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2024-03-25
Medium

CVE-2021-47168

In the Linux kernel, the following vulnerability has been resolved: NFS: fix an incorrect limit in filelayout_decode_layout() The "sizeof(struct nfs_fh)" is two bytes too large and could lead to me…

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2021-47148

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fix a buffer overflow in otx2_set_rxfh_context() This function is called from ethtool_set_rxfh() and "*rss_context"…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2021-47137

In the Linux kernel, the following vulnerability has been resolved: net: lantiq: fix memory corruption in RX ring In a situation where memory allocation or dma mapping fails, an invalid address is…

CVSS: 7.8 CWE: CWE-770 - Allocation of Resources Without Limits or Throttling View on NVD
2024-03-22
High

CVE-2024-1848

Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in th…

CVSS: 7.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
2024-03-20
Critical

CVE-2024-22081

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Unauthenticated memory corruption can occur in the HTTP header parsing mechanism.

CVSS: 9.8 CWE: CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') View on NVD
Critical

CVE-2024-22080

An issue was discovered in Elspec G5 digital fault recorder versions 1.1.4.15 and before. Unauthenticated memory corruption can occur during XML body parsing.

CVSS: 9.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2024-03-19
Critical

CVE-2024-2615

Memory safety bugs present in Firefox 123. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code…

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-2614

Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could…

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-03-15
High

CVE-2021-47132

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix sk_forward_memory corruption on retransmission MPTCP sk_forward_memory handling is a bit special, as such field is pro…

CVSS: 7.1 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2021-47110

In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Disable kvmclock on all CPUs on shutdown Currenly, we disable kvmclock from machine_shutdown() hook and this only happen…

CVSS: 7.1 CWE: CWE-459 - Incomplete Cleanup View on NVD
2024-03-11
High

CVE-2024-27236

In aoc_unlocked_ioctl of aoc.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User inte…

CVSS: 8.4 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD
High

CVE-2024-27205

there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for expl…

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2024-26610

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: fix a memory corruption iwl_fw_ini_trigger_tlv::data is a pointer to a __le32, which means that if we copy to iwl_…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2023-52494

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: host: Add alignment check for event ring read pointer Though we do check the event ring read pointer by "is_valid_ring_…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-03-08
High

CVE-2024-23265

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS V…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-03-05
High

CVE-2024-23296

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.8 and iPadOS 16.7.8, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.6, macOS Sonoma 14.4, macOS Ventur…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-23225

A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 16.7.6 and iPadOS 16.7.6, iOS 17.4 and iPadOS 17.4, macOS Monterey 12.7.4, macOS Sonoma 14.4, macOS Ventur…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2023-45591

A CWE-122 “Heap-based Buffer Overflow” vulnerability in the “logger_generic” function of the “Ax_rtu” binary allows a remote authenticated attacker to trigger a memory corruption in the context of th…

CVSS: 7.5 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
Medium

CVE-2024-20833

Use after free vulnerability in pub_crypto_recv_msg prior to SMR Mar-2024 Release 1 due to race condition allows local attackers with system privilege to cause memory corruption.

CVSS: 4.1 CWE: CWE-416 - Use After Free View on NVD
2024-03-04
Critical

CVE-2023-43553

Memory corruption while parsing beacon/probe response frame when AP sends more supported links in MLIE.

CVSS: 9.8 CWE: CWE-823 - Use of Out-of-range Pointer Offset View on NVD
Critical

CVE-2023-43552

Memory corruption while processing MBSSID beacon containing several subelement IE.

CVSS: 9.8 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2023-43550

Memory corruption while processing a QMI request for allocating memory from a DHMS supported subsystem.

CVSS: 7.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
High

CVE-2023-43549

Memory corruption while processing TPC target power table in FTM TPC.

CVSS: 8.4 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2023-43548

Memory corruption while parsing qcp clip with invalid chunk data size.

CVSS: 7.3 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2023-43547

Memory corruption while invoking IOCTLs calls in Automotive Multimedia.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2023-43546

Memory corruption while invoking HGSL IOCTL context create.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2023-43541

Memory corruption while invoking the SubmitCommands call on Gfx engine during the graphics render.

CVSS: 8.4 CWE: CWE-476 - NULL Pointer Dereference View on NVD
High

CVE-2023-43540

Memory corruption while processing the IOCTL FM HCI WRITE request.

CVSS: 8.4 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2023-33066

Memory corruption in Audio while processing RT proxy port register driver.

CVSS: 8.4 CWE: CWE-823 - Use of Out-of-range Pointer Offset View on NVD
Critical

CVE-2023-28582

Memory corruption in Data Modem while verifying hello-verify message during the DTLS handshake.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2023-28578

Memory corruption in Core Services while executing the command for removing a single event listener.

CVSS: 9.3 CWE: CWE-20 - Improper Input Validation View on NVD
2024-03-02
High

CVE-2023-52531

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix a memory corruption issue A few lines above, space is kzalloc()'ed for: sizeof(struct iwl_nvm_data) + s…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-03-01
High

CVE-2024-25578

MicroDicom DICOM Viewer versions 2023.3 (Build 9342) and prior contain a lack of proper validation of user-supplied data, which could result in memory corruption within the application.

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2024-02-28
High

CVE-2024-1847

Heap-based Buffer Overflow, Memory Corruption, Out-Of-Bounds Read, Out-Of-Bounds Write, Stack-based Buffer Overflow, Type Confusion, Uninitialized Variable, Use-After-Free vulnerabilities exist in th…

CVSS: 7.8 CWE: CWE-122 - Heap-based Buffer Overflow View on NVD
Critical

CVE-2023-50736

A memory corruption vulnerability has been identified in PostScript interpreter in various Lexmark devices. The vulnerability can be leveraged by an attacker to execute arbitrary code.

CVSS: 9.0 CWE: CWE-131 - Incorrect Calculation of Buffer Size View on NVD
2024-02-22
High

CVE-2024-23133

A maliciously crafted STP file in ASMDATAX228A.dll when parsed through Autodesk applications can lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunction…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2024-23132

A maliciously crafted STP file in atf_dwg_consumer.dll when parsed through Autodesk applications can lead to a memory corruption vulnerability by write access violation. This vulnerability in conjunc…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2024-23131

A maliciously crafted STP file, when parsed in ASMIMPORT229A.dll, ASMKERN228A.dll, ASMkern229A.dll or ASMDATAX228A.dll through Autodesk applications, can lead to a memory corruption vulnerability by…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2024-23130

A maliciously crafted SLDASM or SLDPRT file, when parsed in ODXSW_DLL.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, i…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2024-23129

A maliciously crafted MODEL 3DM, STP, or SLDASM file, when in opennurbs.dll parsed through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnera…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2024-23128

A maliciously crafted MODEL file, when parsed in libodxdll.dll and ASMDATAX229A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulner…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2024-02-20
High

CVE-2023-38562

A double-free vulnerability exists in the IP header loopback parsing functionality of Weston Embedded uC-TCP-IP v3.06.01. A specially crafted set of network packets can lead to memory corruption, pot…

CVSS: 8.7 CWE: CWE-415 - Double Free View on NVD
High

CVE-2024-1557

Memory safety bugs present in Firefox 122. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code…

CVSS: 8.1 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2024-1553

Memory safety bugs present in Firefox 122, Firefox ESR 115.7, and Thunderbird 115.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could…

CVSS: 8.1 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2024-02-19
Medium

CVE-2024-1580

An integer overflow in dav1d AV1 decoder that can occur when decoding videos with large frame size. This can lead to memory corruption within the AV1 decoder. We recommend upgrading past version 1.4.…

CVSS: 5.9 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
2024-02-15
High

CVE-2023-40115

In readLogs of StatsService.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User i…

CVSS: 7.8 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2023-40100

In discovery_thread of Dns64Configuration.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges…

CVSS: 7.8 CWE: CWE-416 - Use After Free View on NVD