Skip to main content
CVE-2023-33029 HIGH PATCH This Week

Memory corruption in DSP Service during a remote call from HLOS to DSP. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Buffer Overflow Memory Corruption Ar8035 Firmware Csra6620 Firmware +129
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-28539 HIGH PATCH This Week

Memory corruption in WLAN Host when the firmware invokes multiple WMI Service Available command. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Buffer Copy without Size Check vulnerability could allow attackers to overflow a buffer to corrupt adjacent memory.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Csrb31024 Firmware +153
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-24853 HIGH This Week

Memory Corruption in HLOS while registering for key provisioning notify. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware Fastconnect 6800 Firmware +107
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-24850 HIGH This Week

Memory Corruption in HLOS while importing a cryptographic key into KeyMaster Trusted Application. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Apq8017 Firmware Apq8037 Firmware Aqt1000 Firmware Ar8035 Firmware +200
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-24844 HIGH This Week

Memory Corruption in Core while invoking a call to Access Control core library with hardware protected address range. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Authentication Bypass Ar8035 Firmware Fastconnect 6700 Firmware Fastconnect 6900 Firmware +39
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-22384 HIGH This Week

Memory Corruption in VR Service while sending data using Fast Message Queue (FMQ). Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Qca6574au Firmware Qca6696 Firmware Sa6145p Firmware Sa6150p Firmware +5
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-21673 HIGH This Week

Improper Access to the VM resource manager can lead to Memory Corruption. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Authentication Bypass Aqt1000 Firmware Ar8035 Firmware Fastconnect 6200 Firmware +158
NVD
CVSS 3.1
7.8
EPSS
0.1%
CVE-2023-5345 HIGH PATCH This Week

A use-after-free vulnerability in the Linux kernel's fs/smb/client component can be exploited to achieve local privilege escalation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Use After Free vulnerability could allow attackers to access freed memory to execute arbitrary code or crash the application.

Use After Free Privilege Escalation Linux Memory Corruption Linux Kernel +1
NVD
CVSS 3.1
7.8
EPSS
0.5%
CVE-2023-3440 HIGH This Week

Incorrect Default Permissions vulnerability in Hitachi JP1/Performance Management on Windows allows File Manipulation. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation Oracle Microsoft IBM Jp1 Performance Management
NVD
CVSS 3.1
7.8
EPSS
0.2%
CVE-2023-5255 HIGH This Week

For certificates that utilize the auto-renew feature in Puppet Server, a flaw exists which prevents the certificates from being revoked. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Puppet Enterprise Puppet Server
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-4884 HIGH This Week

An attacker could send an HTTP request to an Open5GS endpoint and retrieve the information stored on the device due to the lack of Authentication. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Open5gs
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-4883 HIGH This Week

Invalid pointer release vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Open5gs
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-4882 HIGH This Week

DOS vulnerability that could allow an attacker to register a new VNF (Virtual Network Function) value. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service PHP Open5gs
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-3350 HIGH This Week

A Cryptographic Issue vulnerability has been found on IBERMATICA RPS, affecting version 2019. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ibermatica Rps
NVD
CVSS 3.1
7.5
EPSS
0.2%
CVE-2023-3349 HIGH This Week

Information exposure vulnerability in IBERMATICA RPS 2019, which exploitation could allow an unauthenticated user to retrieve sensitive information, such as usernames, IP addresses or SQL queries. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ibermatica Rps
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-3655 HIGH This Week

cashIT!. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Cashit
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-33027 HIGH This Week

Transient DOS in WLAN Firmware while parsing rsn ies. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Qca9898 Firmware Qcn5164 Firmware Qca4024 Firmware Ipq6028 Firmware Qca8075 Firmware +323
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-33026 HIGH This Week

Transient DOS in WLAN Firmware while parsing a NAN management frame. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Ar8035 Firmware Ar9380 Firmware Csr8811 Firmware Wcn6750 Firmware +190
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-28540 HIGH This Week

Cryptographic issue in Data Modem due to improper authentication during TLS handshake. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8035 Firmware Csra6620 Firmware +147
NVD
CVSS 3.1
7.5
EPSS
0.4%
CVE-2023-24849 HIGH This Week

Information Disclosure in data Modem while parsing an FMTP line in an SDP message. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 315 5g Iot Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +233
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-24848 HIGH This Week

Information Disclosure in Data Modem while performing a VoLTE call with an undefined RTCP FB line value. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Information Disclosure 315 5g Iot Modem Firmware 9206 Lte Modem Firmware 9207 Lte Modem Firmware +239
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-24847 HIGH This Week

Transient DOS in Modem while allocating DSM items. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Null Pointer Dereference 315 5g Iot Modem Firmware Aqt1000 Firmware Ar8031 Firmware +252
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-24843 HIGH This Week

Transient DOS in Modem while triggering a camping on an 5G cell. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure 315 5g Iot Modem Firmware Ar8035 Firmware Fastconnect 6200 Firmware Fastconnect 6700 Firmware +61
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2023-3967 HIGH This Week

Allocation of Resources Without Limits or Throttling vulnerability in Hitachi Ops Center Common Services on Linux allows DoS.9.3-00. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Ops Center Common Services
NVD
CVSS 3.1
7.5
EPSS
0.5%
CVE-2023-24518 HIGH This Week

A Cross-site Request Forgery (CSRF) vulnerability in Pandora FMS allows an attacker to force authenticated users to send a request to a web application they are currently authenticated against. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Pandora Fms
NVD
CVSS 3.1
7.1
EPSS
0.2%
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy