CVSS: 7.5EPSS: 0%CPEs: 8EXPL: 0CVE-2024-8176 – Libexpat: expat: improper restriction of xml entity expansion depth in libexpat
https://notcve.org/view.php?id=CVE-2024-8176
14 Mar 2025 — A stack overflow vulnerability exists in the libexpat library due to the way it handles recursive entity expansion in XML documents. When parsing an XML document with deeply nested entity references, libexpat can be forced to recurse indefinitely, exhausting the stack space and causing a crash. This issue could lead to denial of service (DoS) or, in some cases, exploitable memory corruption, depending on the environment and library usage. • https://access.redhat.com/security/cve/CVE-2024-8176 • CWE-674: Uncontrolled Recursion •
CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-1932 – firefox: Inconsistent comparator in XSLT sorting led to out-of-bounds access
https://notcve.org/view.php?id=CVE-2025-1932
04 Mar 2025 — An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Only affected version 122 and later. This vulnerability affects Firefox < 136 and Firefox ESR < 128.8. An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Only affected version 122 and later. • https://bugzilla.mozilla.org/show_bug.cgi?id=1944313 • CWE-125: Out-of-bounds Read •
CVSS: 10.0EPSS: 0%CPEs: 5EXPL: 1CVE-2025-1009 – firefox: thunderbird: Use-after-free in XSLT
https://notcve.org/view.php?id=CVE-2025-1009
04 Feb 2025 — An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. This vulnerability affects Firefox < 135, Firefox ESR < 115.20, Firefox ESR < 128.7, Thunderbird < 128.7, and Thunderbird < 135. A flaw was found in Firefox. The Mozilla Foundation's Security Advisory describes the following issue: An attacker could have caused a use-after-free via crafted XSLT data, leading to a potentially exploitable crash. Multiple security issues were discovered in Firefox.... • https://packetstorm.news/files/id/189614 • CWE-416: Use After Free •
CVSS: 7.8EPSS: 1%CPEs: 4EXPL: 7CVE-2024-0582 – Kernel: io_uring: page use-after-free vulnerability via buffer ring mmap
https://notcve.org/view.php?id=CVE-2024-0582
16 Jan 2024 — A memory leak flaw was found in the Linux kernel’s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap() it, and then frees it. This flaw allows a local user to crash or potentially escalate their privileges on the system. Se encontró un fallo de pérdida de memoria en la funcionalidad io_uring del kernel de Linux en cómo un usuario registra un anillo de búfer con IORING_REGISTER_PBUF_RING, mmap() y luego lo libera. este fallo permite que un usuario local falle o... • https://bugs.chromium.org/p/project-zero/issues/detail? • CWE-416: Use After Free •
CVSS: 7.8EPSS: 94%CPEs: 444EXPL: 17CVE-2023-44487 – HTTP/2 Rapid Reset Attack Vulnerability
https://notcve.org/view.php?id=CVE-2023-44487
10 Oct 2023 — The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023. El protocolo HTTP/2 permite una denegación de servicio (consumo de recursos del servidor) porque la cancelación de solicitudes puede restablecer muchas transmisiones rápidamente, como se explotó en la naturaleza entre agosto y octubre de 2023. A flaw was found in handling multiplexed streams in the HTTP/2 protocol. ... • https://blog.cloudflare.com/zero-day-rapid-reset-http2-record-breaking-ddos-attack • CWE-400: Uncontrolled Resource Consumption •
CVSS: 5.5EPSS: 12%CPEs: 4EXPL: 0CVE-2023-4211 – Arm Mali GPU Kernel Driver Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2023-4211
01 Oct 2023 — A local non-privileged user can make improper GPU memory processing operations to gain access to already freed memory. Un usuario local sin privilegios puede realizar operaciones inadecuadas de procesamiento de la memoria de la GPU para obtener acceso a la memoria ya liberada. Arm Mali GPU Kernel Driver contains a use-after-free vulnerability that allows a local, non-privileged user to make improper GPU memory processing operations to gain access to already freed memory. • https://developer.arm.com/Arm%20Security%20Center/Mali%20GPU%20Driver%20Vulnerabilities • CWE-416: Use After Free •
CVSS: 10.0EPSS: 0%CPEs: 18EXPL: 1CVE-2023-26072 – Shannon Baseband NrmmMsgCodec Emergency Number List Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2023-26072
13 Mar 2023 — An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Emergency number list. There is a heap buffer overflow in Shannon baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according to debug strin... • https://bugs.chromium.org/p/project-zero/issues/detail?id=2395 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 18EXPL: 1CVE-2023-26073 – Shannon Baseband NrmmMsgCodec Extended Emergency Number List Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2023-26073
13 Mar 2023 — An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the extended emergency number list. There is a heap buffer overflow in Shannon baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according to de... • https://bugs.chromium.org/p/project-zero/issues/detail?id=2396 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 18EXPL: 1CVE-2023-26074 – Shannon Baseband NrmmMsgCodec Access Category Definitions Heap Buffer Overflow
https://notcve.org/view.php?id=CVE-2023-26074
13 Mar 2023 — An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123.. A heap-based buffer overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding operator-defined access category definitions. There is a heap buffer overflow in Shannon Baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon acco... • https://bugs.chromium.org/p/project-zero/issues/detail?id=2397 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 1%CPEs: 18EXPL: 1CVE-2023-26075 – Shannon Baseband NrmmMsgCodec Intra-Object Overflow
https://notcve.org/view.php?id=CVE-2023-26075
10 Mar 2023 — An issue was discovered in Samsung Mobile Chipset and Baseband Modem Chipset for Exynos 850, Exynos 980, Exynos 1080, Exynos 1280, Exynos 2200, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. An intra-object overflow in the 5G MM message codec can occur due to insufficient parameter validation when decoding the Service Area List. There is an intra-object overflow in Shannon Baseband, inside the 5G MM protocol implementation (NrmmMsgCodec as it is called in Shannon according to debug strings), s... • https://bugs.chromium.org/p/project-zero/issues/detail?id=2398 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •