Critical
CVSS: 9.8
Memory safety bugs present in Firefox 134, Thunderbird 134, Firefox ESR 115.19, Firefox ESR 128.6, Thunderbird 115.19, and Thunderbird 128.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort som…
Medium
CVSS: 6.3
Out-of-bounds write in mPOS TUI trustlet prior to SMR Feb-2025 Release 1 allows local privileged attackers to cause memory corruption.
Medium
CVSS: 6.3
Out-of-bounds write in Blockchain Keystore prior to version 1.3.16.5 allows local privileged attackers to write out-of-bounds memory.
High
CVSS: 7.0
Out-of-bounds write in decoding frame buffer in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.
Medium
CVSS: 5.3
Out-of-bounds read in decoding malformed bitstream for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to read arbitrary memory. User interaction is required for triggering this vulnerability.
High
CVSS: 7.0
Out-of-bounds write in handling the block size for smp4vtd in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability.
Medium
CVSS: 6.4
Out-of-bounds write in softsim trustlet prior to SMR Jan-2025 Release 1 allows local privileged attackers to cause memory corruption.
High
CVSS: 7.0
Out-of-bounds write in accessing uninitialized memory for svc1td in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulnerability…
High
CVSS: 7.0
Out-of-bounds write in accessing buffer storing the decoded video frames in libsthmbc.so prior to SMR Jan-2025 Release 1 allows local attackers to execute arbitrary code with privilege. User interaction is required for triggering this vulne…
Medium
CVSS: 6.6
In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interacti…
Medium
CVSS: 6.6
In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interacti…
Medium
CVSS: 6.6
In DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interacti…
Medium
CVSS: 6.7
In secmem, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitati…
Medium
CVSS: 6.6
In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User intera…
Critical
CVSS: 9.8
In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges nee…
High
CVSS: 8.8
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) code execution with no additional execution privileges needed. User interaction is not needed for exp…
High
CVSS: 7.8
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. P…
High
CVSS: 7.8
In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. P…
Medium
CVSS: 6.6
In V5 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User intera…
High
CVSS: 8.8
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability.
The specific flaw exists wit…