Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-33033 |
Memory corruption in Audio during playback with speaker protection. Published: January 02, 2024; 1:15:09 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-33032 |
Memory corruption in TZ Secure OS while requesting a memory allocation from TA region. Published: January 02, 2024; 1:15:09 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-33030 |
Memory corruption in HLOS while running playready use-case. Published: January 02, 2024; 1:15:09 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-33025 |
Memory corruption in Data Modem when a non-standard SDP body, during a VOLTE call. Published: January 02, 2024; 1:15:08 AM -0500 |
V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available) |
CVE-2023-33014 |
Information disclosure in Core services while processing a Diag command. Published: January 02, 2024; 1:15:08 AM -0500 |
V4.0:(not available) V3.1: 6.8 MEDIUM V2.0:(not available) |
CVE-2023-28583 |
Memory corruption when IPv6 prefix timer object`s lifetime expires which are created while Netmgr daemon gets an IPv6 address. Published: January 02, 2024; 1:15:08 AM -0500 |
V4.0:(not available) V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-26159 |
Versions of the package follow-redirects before 1.15.4 are vulnerable to Improper Input Validation due to the improper handling of URLs by the url.parse() function. When new URL() throws an error, it can be manipulated to misinterpret the hostname. An attacker could exploit this weakness to redirect traffic to a malicious site, potentially leading to information disclosure, phishing attacks, or other security breaches. Published: January 02, 2024; 12:15:08 AM -0500 |
V4.0:(not available) V3.1: 6.1 MEDIUM V2.0:(not available) |
CVE-2023-26157 |
Versions of the package libredwg before 0.12.5.6384 are vulnerable to Denial of Service (DoS) due to an out-of-bounds read involving section->num_pages in decode_r2007.c. Published: January 02, 2024; 12:15:08 AM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-32891 |
In bluetooth service, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07933038; Issue ID: MSV-559. Published: January 01, 2024; 10:15:08 PM -0500 |
V4.0:(not available) V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-32890 |
In modem EMM, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01183647; Issue ID: MOLY01183647 (MSV-963). Published: January 01, 2024; 10:15:08 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-32889 |
In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161825; Issue ID: MOLY01161825 (MSV-895). Published: January 01, 2024; 10:15:08 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-32888 |
In Modem IMS Call UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161830; Issue ID: MOLY01161830 (MSV-894). Published: January 01, 2024; 10:15:08 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-32887 |
In Modem IMS Stack, there is a possible system crash due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01161837; Issue ID: MOLY01161837 (MSV-892). Published: January 01, 2024; 10:15:08 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-32886 |
In Modem IMS SMS UA, there is a possible out of bounds write due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY00730807; Issue ID: MOLY00730807. Published: January 01, 2024; 10:15:08 PM -0500 |
V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available) |
CVE-2023-32885 |
In display drm, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07780685; Issue ID: ALPS07780685. Published: January 01, 2024; 10:15:08 PM -0500 |
V4.0:(not available) V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-32884 |
In netdagent, there is a possible information disclosure due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07944011; Issue ID: ALPS07944011. Published: January 01, 2024; 10:15:08 PM -0500 |
V4.0:(not available) V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-32883 |
In Engineer Mode, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08282249; Issue ID: ALPS08282249. Published: January 01, 2024; 10:15:08 PM -0500 |
V4.0:(not available) V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-32882 |
In battery, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308616. Published: January 01, 2024; 10:15:08 PM -0500 |
V4.0:(not available) V3.1: 6.7 MEDIUM V2.0:(not available) |
CVE-2023-32881 |
In battery, there is a possible information disclosure due to an integer overflow. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308080. Published: January 01, 2024; 10:15:08 PM -0500 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0:(not available) |
CVE-2023-32880 |
In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08308076. Published: January 01, 2024; 10:15:08 PM -0500 |
V4.0:(not available) V3.1: 4.4 MEDIUM V2.0:(not available) |