CVE Daily
← All tags

Tag: Memory Corruption

All CVEs associated with "Memory Corruption". Page 13/71 • 8498 CVEs.

Subscribe CVEs: RSS for “Memory Corruption”  ·  RSS (High+Critical only)

About “Memory Corruption”

A curated feed of “Memory Corruption”-related CVEs appears below. We currently track 8498 CVEs for this tag (all time). In the last 365 days, 696 were published. Average CVSS is 8.1 (all time; 7.4 over 365d), and 82% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer, CWE-787 - Out-of-bounds Write, CWE-416 - Use After Free.

In our taxonomy this topic maps to a HIGH impact class. Common exploitation patterns for this weakness can lead to high. Use the filters to triage high risk first and validate exposure in your environment. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2023-12-05
High

CVE-2023-28551

Memory corruption in UTILS when modem processes memory specific Diag commands having arbitrary address values as input arguments.

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-28550

Memory corruption in MPP performance while accessing DSM watermark using external memory address.

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-28546

Memory Corruption in SPS Application while exporting public key in sorter TA.

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2023-22668

Memory Corruption in Audio while invoking IOCTLs calls from the user-space.

CVSS: 6.7 CWE: CWE-416 - Use After Free View on NVD
Medium

CVE-2023-22383

Memory Corruption in camera while installing a fd for a particular DMA buffer.

CVSS: 6.7 CWE: CWE-416 - Use After Free View on NVD
Medium

CVE-2023-21634

Memory Corruption in Radio Interface Layer while sending an SMS or writing an SMS to SIM.

CVSS: 6.7 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2023-12-04
High

CVE-2023-40091

In onTransact of IncidentService.cpp, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with no additional execution privileges needed…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2023-40088

In callback_thread_event of com_android_bluetooth_btservice_AdapterService.cpp, there is a possible memory corruption due to a use after free. This could lead to remote (proximal/adjacent) code execu…

CVSS: 8.8 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2023-40084

In run of MDnsSdListener.cpp, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User inte…

CVSS: 7.8 CWE: CWE-416 - Use After Free View on NVD
Medium

CVE-2023-32866

In mmp, there is a possible memory corruption due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not neede…

CVSS: 6.7 CWE: CWE-787 - Out-of-bounds Write View on NVD
2023-11-30
High

CVE-2023-42917

A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 17.1.2 and iPadOS 17.1.2, macOS Sonoma 14.1.2, Safari 17.1.2. Processing web content may lead to arbi…

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2023-49701

Memory Corruption in SIM management while USIMPhase2init

CVSS: 7.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2023-49699

Memory Corruption in IMS while calling VoLTE Streamingmedia Interface

CVSS: 6.7 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2023-11-27
High

CVE-2023-41257

A type confusion vulnerability exists in the way Foxit Reader 12.1.2.15356 handles field value properties. A specially crafted Javascript code inside a malicious PDF document can trigger this vulner…

CVSS: 8.8 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD
High

CVE-2023-38573

A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles a signature field. A specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previo…

CVSS: 8.8 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2023-32616

A use-after-free vulnerability exists in the way Foxit Reader 12.1.2.15356 handles 3D annotations. A specially crafted Javascript code inside a malicious PDF document can trigger reuse of a previousl…

CVSS: 8.8 CWE: CWE-416 - Use After Free View on NVD
2023-11-23
Critical

CVE-2023-29076

A maliciously crafted MODEL, SLDASM, SAT or CATPART file when parsed through Autodesk AutoCAD 2024 and 2023 could cause memory corruption vulnerability. This vulnerability, along with other vulnerabi…

CVSS: 9.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2023-11-21
Medium

CVE-2023-6238

A buffer overflow vulnerability was found in the NVM Express (NVMe) driver in the Linux kernel. Only privileged user could specify a small meta buffer and let the device perform larger Direct Memory…

CVSS: 6.7 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2021-38405

The Datalogics APDFL library used in affected products is vulnerable to memory corruption condition while parsing specially crafted PDF files. An attacker could leverage this vulnerability to execute…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-6213

Memory safety bugs present in Firefox 119. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code…

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2023-6212

Memory safety bugs present in Firefox 119, Firefox ESR 115.4, and Thunderbird 115.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could…

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2023-11-14
High

CVE-2023-36017

Windows Scripting Engine Memory Corruption Vulnerability

CVSS: 8.8 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD
Critical

CVE-2023-31247

A memory corruption vulnerability exists in the HTTP Server Host header parsing functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An at…

CVSS: 9.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2023-28391

A memory corruption vulnerability exists in the HTTP Server header parsing functionality of Weston Embedded uC-HTTP v3.01.01. Specially crafted network packets can lead to code execution. An attacker…

CVSS: 9.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Critical

CVE-2023-28379

A memory corruption vulnerability exists in the HTTP Server form boundary functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to code execution. An attacker…

CVSS: 9.0 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-24585

An out-of-bounds write vulnerability exists in the HTTP Server functionality of Weston Embedded uC-HTTP v3.01.01. A specially crafted network packet can lead to memory corruption. An attacker can sen…

CVSS: 7.7 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2023-11-10
High

CVE-2023-4949

An attacker with local access to a system (either through a disk or external drive) can present a modified XFS partition to grub-legacy in such a way to exploit a memory corruption in grub’s XFS file…

CVSS: 8.1 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2023-11-07
Critical

CVE-2023-47359

Videolan VLC prior to version 3.0.20 contains an incorrect offset read that leads to a Heap-Based Buffer Overflow in function GetPacket() and results in a memory corruption.

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2023-33074

Memory corruption in Audio when SSR event is triggered after music playback is stopped.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2023-33059

Memory corruption in Audio while processing the VOC packet data from ADSP.

CVSS: 7.8 CWE: CWE-191 - Integer Underflow (Wrap or Wraparound) View on NVD
High

CVE-2023-33055

Memory Corruption in Audio while invoking callback function in driver from ADSP.

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2023-33045

Memory corruption in WLAN Firmware while parsing a NAN management frame carrying a S3 attribute.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2023-33031

Memory corruption in Automotive Audio while copying data from ADSP shared buffer to the VOC packet data buffer.

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2023-28574

Memory corruption in core services when Diag handler receives a command to configure event listeners.

CVSS: 9.0 CWE: CWE-20 - Improper Input Validation View on NVD
Medium

CVE-2023-28572

Memory corruption in WLAN HOST while processing the WLAN scan descriptor list.

CVSS: 6.6 CWE: CWE-126 - Buffer Over-read View on NVD
Medium

CVE-2023-28570

Memory corruption while processing audio effects.

CVSS: 6.7 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2023-28545

Memory corruption in TZ Secure OS while loading an app ELF.

CVSS: 8.2 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-24852

Memory Corruption in Core due to secure memory access by user while loading modem image.

CVSS: 8.4 CWE: CWE-287 - Improper Authentication View on NVD
Critical

CVE-2023-22388

Memory Corruption in Multi-mode Call Processor while processing bit mask API.

CVSS: 9.8 CWE: CWE-823 - Use of Out-of-range Pointer Offset View on NVD
Critical

CVE-2023-21671

Memory Corruption in Core during syscall for Sectools Fuse comparison feature.

CVSS: 9.3 CWE: CWE-20 - Improper Input Validation View on NVD
2023-11-06
Medium

CVE-2023-32835

In keyinstall, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed fo…

CVSS: 6.7 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD
Medium

CVE-2023-32834

In secmem, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for ex…

CVSS: 6.7 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD
High

CVE-2023-32832

In video, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not neede…

CVSS: 7.0 CWE: CWE-787 - Out-of-bounds Write View on NVD
2023-11-02
High

CVE-2023-39283

An SMM memory corruption vulnerability in the SMM driver (SMRAM write) in CsmInt10HookSmm in Insyde InsydeH2O with kernel 5.0 through 5.5 allows attackers to send arbitrary data to SMM which could le…

CVSS: 7.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2023-10-30
Medium

CVE-2023-21385

In Whitechapel, there is a possible out of bounds read due to memory corruption. This could lead to local information disclosure with no additional execution privileges needed. User interaction is no…

CVSS: 5.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
2023-10-25
Critical

CVE-2023-5731

Memory safety bugs present in Firefox 118. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code…

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
Critical

CVE-2023-5730

Memory safety bugs present in Firefox 118, Firefox ESR 115.3, and Thunderbird 115.3. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could…

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2023-10-19
High

CVE-2023-38128

An out-of-bounds write vulnerability exists in the "HyperLinkFrame" stream parser of Ichitaro 2023 1.0.1.59372. A specially crafted document can cause a type confusion, which can lead to memory corru…

CVSS: 7.8 CWE: CWE-843 - Access of Resource Using Incompatible Type ('Type Confusion') View on NVD
High

CVE-2023-38127

An integer overflow exists in the "HyperLinkFrame" stream parser of Ichitaro 2023 1.0.1.59372. A specially crafted document can cause the parser to make an under-sized allocation, which can later all…

CVSS: 7.8 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
High

CVE-2023-34366

A use-after-free vulnerability exists in the Figure stream parsing functionality of Ichitaro 2023 1.0.1.59372. A specially crafted document can cause memory corruption, resulting in arbitrary code ex…

CVSS: 7.8 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2023-35126

An out-of-bounds write vulnerability exists within the parsers for both the "DocumentViewStyles" and "DocumentEditStyles" streams of Ichitaro 2023 1.0.1.59372 when processing types 0x0000-0x0009 of a…

CVSS: 7.8 CWE: CWE-129 - Improper Validation of Array Index View on NVD
2023-10-11
Medium

CVE-2023-35645

In tbd of tbd, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…

CVSS: 6.4 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
2023-10-06
High

CVE-2023-39928

A use-after-free vulnerability exists in the MediaRecorder API of Webkit WebKitGTK 2.40.5. A specially crafted web page can abuse this vulnerability to cause memory corruption and potentially arbitra…

CVSS: 8.8 CWE: CWE-416 - Use After Free View on NVD
Critical

CVE-2023-38703

PJSIP is a free and open source multimedia communication library written in C with high level API in C, C++, Java, C#, and Python languages. SRTP is a higher level media transport which is stacked up…

CVSS: 9.8 CWE: CWE-416 - Use After Free View on NVD
2023-10-04
Medium

CVE-2023-30738

An improper input validation in UEFI Firmware prior to Firmware update Oct-2023 Release in Galaxy Book, Galaxy Book Pro, Galaxy Book Pro 360 and Galaxy Book Odyssey allows local attacker to execute S…

CVSS: 5.5 CWE: N/A View on NVD
2023-10-03
High

CVE-2023-33039

Memory corruption in Automotive Display while destroying the image handle created using connected display driver.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2023-33035

Memory corruption while invoking callback function of AFE from ADSP.

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2023-33034

Memory corruption while parsing the ADSP response command.

CVSS: 7.8 CWE: CWE-195 - Signed to Unsigned Conversion Error View on NVD
High

CVE-2023-33029

Memory corruption in DSP Service during a remote call from HLOS to DSP.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
Critical

CVE-2023-33028

Memory corruption in WLAN Firmware while doing a memory copy of pmk cache.

CVSS: 9.8 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
Medium

CVE-2023-28539

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command.

CVSS: 6.6 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Critical

CVE-2023-24855

Memory corruption in Modem while processing security related configuration before AS Security Exchange.

CVSS: 9.8 CWE: CWE-823 - Use of Out-of-range Pointer Offset View on NVD
High

CVE-2023-24853

Memory Corruption in HLOS while registering for key provisioning notify.

CVSS: 8.4 CWE: CWE-20 - Improper Input Validation View on NVD
High

CVE-2023-24850

Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application.

CVSS: 7.8 CWE: CWE-129 - Improper Validation of Array Index View on NVD
High

CVE-2023-24844

Memory Corruption in Core while invoking a call to Access Control core library with hardware protected address range.

CVSS: 8.4 CWE: CWE-284 - Improper Access Control View on NVD
High

CVE-2023-22385

Memory Corruption in Data Modem while making a MO call or MT VOLTE call.

CVSS: 8.2 CWE: CWE-126 - Buffer Over-read View on NVD
Medium

CVE-2023-22384

Memory Corruption in VR Service while sending data using Fast Message Queue (FMQ).

CVSS: 6.7 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2023-21673

Improper Access to the VM resource manager can lead to Memory Corruption.

CVSS: 8.7 CWE: CWE-284 - Improper Access Control View on NVD
2023-10-02
Medium

CVE-2023-32823

In rpmb , there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…

CVSS: 6.7 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
2023-09-27
Critical

CVE-2023-5176

Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could…

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2023-09-25
Critical

CVE-2023-40163

An out-of-bounds write vulnerability exists in the allocate_buffer_for_jpeg_decoding functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An att…

CVSS: 9.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2023-32614

A heap-based buffer overflow vulnerability exists in the create_png_object functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An attacker can…

CVSS: 7.0 CWE: CWE-124 - Buffer Underwrite ('Buffer Underflow') View on NVD
High

CVE-2023-32284

An out-of-bounds write vulnerability exists in the tiff_planar_adobe functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption. An attacker can provid…

CVSS: 8.1 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2023-28393

A stack-based buffer overflow vulnerability exists in the tif_processing_dng_channel_count functionality of Accusoft ImageGear 20.1. A specially crafted malformed file can lead to memory corruption.…

CVSS: 5.6 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
2023-09-12
High

CVE-2023-41846

A vulnerability has been identified in Tecnomatix Plant Simulation V2201 (All versions < V2201.0008), Tecnomatix Plant Simulation V2302 (All versions < V2302.0002). The affected application is vulner…

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-40308

SAP CommonCryptoLib allows an unauthenticated attacker to craft a request, which when submitted to an open port causes a memory corruption error in a library which in turn causes the target component…

CVSS: 7.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
2023-09-11
High

CVE-2023-35687

In MtpPropertyValue of MtpProperty.h, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. U…

CVSS: 7.8 CWE: CWE-416 - Use After Free View on NVD
High

CVE-2023-4585

Memory safety bugs present in Firefox 116, Firefox ESR 115.1, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could…

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
High

CVE-2023-4584

Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume tha…

CVSS: 8.8 CWE: CWE-787 - Out-of-bounds Write View on NVD
2023-09-08
High

CVE-2021-33834

An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory c…

CVSS: 7.1 CWE: CWE-787 - Out-of-bounds Write View on NVD
2023-09-07
High

CVE-2023-30800

The web server used by MikroTik RouterOS version 6 is affected by a heap memory corruption issue. A remote and unauthenticated attacker can corrupt the server's heap memory by sending a crafted HTTP…

CVSS: 7.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
2023-09-05
High

CVE-2023-33021

Memory corruption in Graphics while processing user packets for command submission.

CVSS: 8.4 CWE: CWE-416 - Use After Free View on NVD
Critical

CVE-2023-28581

Memory corruption in WLAN Firmware while parsing receieved GTK Keys in GTK KDE.

CVSS: 9.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-28573

Memory corruption in WLAN HAL while parsing WMI command parameters.

CVSS: 7.8 CWE: CWE-129 - Improper Validation of Array Index View on NVD
High

CVE-2023-28567

Memory corruption in WLAN HAL while handling command through WMI interfaces.

CVSS: 7.8 CWE: CWE-129 - Improper Validation of Array Index View on NVD
High

CVE-2023-28565

Memory corruption in WLAN HAL while handling command streams through WMI interfaces.

CVSS: 7.8 CWE: CWE-129 - Improper Validation of Array Index View on NVD
High

CVE-2023-28564

Memory corruption in WLAN HAL while passing command parameters through WMI interfaces.

CVSS: 7.8 CWE: CWE-823 - Use of Out-of-range Pointer Offset View on NVD
Critical

CVE-2023-28562

Memory corruption while handling payloads from remote ESL.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2023-28560

Memory corruption in WLAN HAL while processing devIndex from untrusted WMI payload.

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2023-28559

Memory corruption in WLAN FW while processing command parameters from untrusted WMI payload.

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2023-28558

Memory corruption in WLAN handler while processing PhyID in Tx status handler.

CVSS: 7.8 CWE: CWE-129 - Improper Validation of Array Index View on NVD
High

CVE-2023-28557

Memory corruption in WLAN HAL while processing command parameters from untrusted WMI payload.

CVSS: 7.8 CWE: CWE-129 - Improper Validation of Array Index View on NVD
High

CVE-2023-28549

Memory corruption in WLAN HAL while parsing Rx buffer in processing TLV payload.

CVSS: 7.8 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-28548

Memory corruption in WLAN HAL while processing Tx/Rx commands from QDART.

CVSS: 7.8 CWE: CWE-129 - Improper Validation of Array Index View on NVD
High

CVE-2023-28544

Memory corruption in WLAN while sending transmit command from HLOS to UTF handlers.

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2023-28543

A malformed DLC can trigger Memory Corruption in SNPE library due to out of bounds read, such as by loading an untrusted model (e.g. from a remote source).

CVSS: 8.1 CWE: CWE-125 - Out-of-bounds Read View on NVD
High

CVE-2023-28538

Memory corruption in WIN Product while invoking WinAcpi update driver in the UEFI region.

CVSS: 8.4 CWE: CWE-121 - Stack-based Buffer Overflow View on NVD
High

CVE-2023-21664

Memory Corruption in Core Platform while printing the response buffer in log.

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2023-21663

Memory Corruption while accessing metadata in Display.

CVSS: 6.7 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
High

CVE-2023-21662

Memory corruption in Core Platform while printing the response buffer in log.

CVSS: 7.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2023-21655

Memory corruption in Audio while validating and mapping metadata.

CVSS: 6.7 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
Medium

CVE-2023-21654

Memory corruption in Audio during playback session with audio effects enabled.

CVSS: 6.7 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
Medium

CVE-2023-21644

Memory corruption in RIL due to Integer Overflow while triggering qcril_uim_request_apdu request.

CVSS: 6.7 CWE: CWE-680 - Integer Overflow to Buffer Overflow View on NVD
Medium

CVE-2023-21636

Memory Corruption due to improper validation of array index in Linux while updating adn record.

CVSS: 6.7 CWE: CWE-129 - Improper Validation of Array Index View on NVD
High

CVE-2022-40534

Memory corruption due to improper validation of array index in Audio.

CVSS: 8.4 CWE: CWE-129 - Improper Validation of Array Index View on NVD
Medium

CVE-2022-40524

Memory corruption due to buffer over-read in Modem while processing SetNativeHandle RTP service.

CVSS: 6.7 CWE: CWE-126 - Buffer Over-read View on NVD
High

CVE-2022-33275

Memory corruption due to improper validation of array index in WLAN HAL when received lm_itemNum is out of range.

CVSS: 8.4 CWE: CWE-129 - Improper Validation of Array Index View on NVD
2023-09-04
Medium

CVE-2023-20827

In ims service, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed…

CVSS: 6.4 CWE: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') View on NVD
2023-08-29
Medium

CVE-2023-39268

A memory corruption vulnerability in ArubaOS-Switch could lead to unauthenticated remote code execution by receiving specially crafted packets. Successful exploitation of this vulnerability results i…

CVSS: 4.5 CWE: CWE-787 - Out-of-bounds Write View on NVD
2023-08-24
High

CVE-2022-46884

A potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportune time. This could have lead to memory corruption or a potentially exploitable cras…

CVSS: 8.8 CWE: CWE-416 - Use After Free View on NVD
2023-08-11
Critical

CVE-2023-3824

In PHP version 8.0.* before 8.0.30,  8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insufficient length checking may lead to a stack buffer…

CVSS: 9.4 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2023-08-09
Medium

CVE-2023-3953

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause memory corruption when an authenticated user opens a tampered log file from GP…

CVSS: 5.3 CWE: CWE-119 - Improper Restriction of Operations within the Bounds of a Memory Buffer View on NVD
2023-08-08
Critical

CVE-2023-28561

Memory corruption in QESL while processing payload from external ESL device to firmware.

CVSS: 9.8 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
High

CVE-2023-28537

Memory corruption while allocating memory in COmxApeDec module in Audio.

CVSS: 8.4 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
High

CVE-2023-22666

Memory Corruption in Audio while playing amrwbplus clips with modified content.

CVSS: 8.4 CWE: CWE-190 - Integer Overflow or Wraparound View on NVD
Critical

CVE-2023-21651

Memory Corruption in Core due to incorrect type conversion or cast in secure_io_read/write function in TEE.

CVSS: 9.3 CWE: CWE-704 - Incorrect Type Conversion or Cast View on NVD
Medium

CVE-2023-21650

Memory Corruption in GPS HLOS Driver when injectFdclData receives data with invalid data length.

CVSS: 6.7 CWE: CWE-129 - Improper Validation of Array Index View on NVD
Medium

CVE-2023-21649

Memory corruption in WLAN while running doDriverCmd for an unspecific command.

CVSS: 6.7 CWE: CWE-120 - Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') View on NVD
Medium

CVE-2023-21648

Memory corruption in RIL while trying to send apdu packet.

CVSS: 6.7 CWE: CWE-680 - Integer Overflow to Buffer Overflow View on NVD
Critical

CVE-2023-21643

Memory corruption due to untrusted pointer dereference in automotive during system call.

CVSS: 9.1 CWE: CWE-822 - Untrusted Pointer Dereference View on NVD