Wind River Support Network

HomeCVE Database

The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.

Reset
Showing
of 216537 entries
IDDescriptionPriorityModified date
CVE-2023-37572 Softing OPC Suite version 5.25 and before has Incorrect Access Control, allows attackers to obtain sensitive information via weak permissions in OSF_discovery service. The service executable could be changed or the service could be deleted. -- Dec 5, 2023
CVE-2023-35690 In RGXDestroyHWRTData of rgxta3d.c, there is a possible arbitrary code execution due to an uncaught exception. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. -- Dec 5, 2023
CVE-2023-35668 In visitUris of Notification.java, there is a possible way to display images from another user due to a confused deputy. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. -- Dec 5, 2023
CVE-2023-33107 Memory corruption in Graphics Linux while assigning shared virtual memory region during IOCTL call. -- Dec 5, 2023
CVE-2023-33106 Memory corruption while submitting a large list of sync points in an AUX command to the IOCTL_KGSL_GPU_AUX_COMMAND. -- Dec 5, 2023
CVE-2023-33098 Transient DOS while parsing WPA IES, when it is passed with length more than expected size. -- Dec 5, 2023
CVE-2023-33097 Transient DOS in WLAN Firmware while processing a FTMR frame. -- Dec 5, 2023
CVE-2023-33092 Memory corruption while processing pin reply in Bluetooth, when pin code received from APP layer is greater than expected size. -- Dec 5, 2023
CVE-2023-33089 Transient DOS when processing a NULL buffer while parsing WLAN vdev. -- Dec 5, 2023
CVE-2023-33088 Memory corruption when processing cmd parameters while parsing vdev. -- Dec 5, 2023
CVE-2023-33087 Memory corruption in Core while processing RX intent request. -- Dec 5, 2023
CVE-2023-33083 Memory corruption in WLAN Host while processing RRM beacon on the AP. -- Dec 5, 2023
CVE-2023-33082 Memory corruption while sending an Assoc Request having BTM Query or BTM Response containing MBO IE. -- Dec 5, 2023
CVE-2023-33081 Transient DOS while converting TWT (Target Wake Time) frame parameters in the OTA broadcast. -- Dec 5, 2023
CVE-2023-33080 Transient DOS while parsing a vender specific IE (Information Element) of reassociation response management frame. -- Dec 5, 2023
CVE-2023-33079 Memory corruption in Audio while running invalid audio recording from ADSP. -- Dec 5, 2023
CVE-2023-33071 Memory corruption in Automotive OS whenever untrusted apps try to access HAb for graphics functionalities. -- Dec 5, 2023
CVE-2023-33070 Transient DOS in Automotive OS due to improper authentication to the secure IO calls. -- Dec 5, 2023
CVE-2023-33063 Memory corruption in DSP Services during a remote call from HLOS to DSP. -- Dec 5, 2023
CVE-2023-33054 Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS assistance data. -- Dec 5, 2023
CVE-2023-33053 Memory corruption in Kernel while parsing metadata. -- Dec 5, 2023
CVE-2023-33044 Transient DOS in Data modem while handling TLB control messages from the Network. -- Dec 5, 2023
CVE-2023-33043 Transient DOS in Modem when a Beam switch request is made with a non-configured BWP. -- Dec 5, 2023
CVE-2023-33042 Transient DOS in Modem after RRC Setup message is received. -- Dec 5, 2023
CVE-2023-33041 Under certain scenarios the WLAN Firmware will reach an assertion due to state confusion while looking up peer ids. -- Dec 5, 2023
CVE-2023-33024 Memory corruption while sending SMS from AP firmware. -- Dec 5, 2023
CVE-2023-33022 Memory corruption in HLOS while invoking IOCTL calls from user-space. -- Dec 5, 2023
CVE-2023-33018 Memory corruption while using the UIM diag command to get the operators name. -- Dec 5, 2023
CVE-2023-33017 Memory corruption in Boot while running a ListVars test in UEFI Menu during boot. -- Dec 5, 2023
CVE-2023-32870 In display drm, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363740; Issue ID: ALPS07363740. -- Dec 4, 2023
CVE-2023-32869 In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363632; Issue ID: ALPS07363689. -- Dec 4, 2023
CVE-2023-32868 In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363632; Issue ID: ALPS07363632. -- Dec 4, 2023
CVE-2023-32867 In display drm, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07560793; Issue ID: ALPS07560793. -- Dec 4, 2023
CVE-2023-32866 In mmp, there is a possible memory corruption due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07342152; Issue ID: ALPS07342152. -- Dec 4, 2023
CVE-2023-32865 In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07363456; Issue ID: ALPS07363456. -- Dec 4, 2023
CVE-2023-32864 In display drm, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07292187; Issue ID: ALPS07292187. -- Dec 4, 2023
CVE-2023-32863 In display drm, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07326314; Issue ID: ALPS07326314. -- Dec 4, 2023
CVE-2023-32862 In display, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07388762; Issue ID: ALPS07388762. -- Dec 4, 2023
CVE-2023-32861 In display, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08059081; Issue ID: ALPS08059081. -- Dec 4, 2023
CVE-2023-32860 In display, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07929788; Issue ID: ALPS07929788. -- Dec 4, 2023
CVE-2023-32859 In meta, there is a possible classic buffer overflow due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08000473; Issue ID: ALPS08000473. -- Dec 4, 2023
CVE-2023-32858 In GZ, there is a possible information disclosure due to a missing data erasing. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07806008; Issue ID: ALPS07806008. -- Dec 4, 2023
CVE-2023-32857 In display, there is a possible out of bounds read due to an incorrect status check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS07993710. -- Dec 4, 2023
CVE-2023-32856 In display, there is a possible out of bounds read due to an incorrect status check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07993705; Issue ID: ALPS07993705. -- Dec 4, 2023
CVE-2023-32855 In aee, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07909204; Issue ID: ALPS07909204. -- Dec 4, 2023
CVE-2023-32854 In ril, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08240132; Issue ID: ALPS08240132. -- Dec 4, 2023
CVE-2023-32853 In rpmb, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07648764; Issue ID: ALPS07648764. -- Dec 4, 2023
CVE-2023-32852 In cameraisp, there is a possible information disclosure due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07670971; Issue ID: ALPS07670971. -- Dec 4, 2023
CVE-2023-32851 In decoder, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016652; Issue ID: ALPS08016652. -- Dec 4, 2023
CVE-2023-32850 In decoder, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS08016659; Issue ID: ALPS08016659. -- Dec 4, 2023
The 'Fixed Release' column is displayed if a single product version is selected from the filter. The fixed release is applicable in cases when the CVE has been addressed and fixed for that product version. Requires LTSS - customers must have active LTSS (Long Term Security Shield) Support to receive up-to-date information about vulnerabilities that may affect legacy software. Please contact your Wind River account team or see https://docs.windriver.com/bundle/Support_and_Maintenance_Supplemental_Terms_and_Conditions and https://support2.windriver.com/index.php?page=plc for more information.
Live chat
Online