CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2024-33063 – Integer Overflow or Wraparound in WLAN Host Communication
https://notcve.org/view.php?id=CVE-2024-33063
Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present. DOS transitorio mientras se analiza el ML IE cuando una baliza con una longitud de información común del ML IE es mayor que el ML IE dentro del cual está presente este elemento. • https://docs.qualcomm.com/product/publicresources/securitybulletin/december-2024-bulletin.html • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.4EPSS: 0%CPEs: 4EXPL: 0CVE-2024-10490 – Authentication bypass flaw in several mapp components
https://notcve.org/view.php?id=CVE-2024-10490
An “Authentication Bypass Using an Alternate Path or Channel” vulnerability in the OPC UA Server configuration required for B&R mapp Cockpit before 6.0, B&R mapp View before 6.0, B&R mapp Services before 6.0, B&R mapp Motion before 6.0 and B&R mapp Vision before 6.0 may be used by an unauthenticated network-based attacker to cause information disclosure, unintended change of data, or denial of service conditions. B&R mapp Services is only affected, when mpUserX or mpCodeBox are used in the Automation Studio project. • https://www.br-automation.com/fileadmin/SA22P014-90c4aa35.pdf • CWE-288: Authentication Bypass Using an Alternate Path or Channel •
CVSS: 6.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-20139
https://notcve.org/view.php?id=CVE-2024-20139
In Bluetooth firmware, there is a possible firmware asssert due to improper handling of exceptional conditions. This could lead to local denial of service with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-20137
https://notcve.org/view.php?id=CVE-2024-20137
In wlan driver, there is a possible client disconnection due to improper handling of exceptional conditions. This could lead to remote denial of service with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-248: Uncaught Exception •
CVSS: 7.5EPSS: 0%CPEs: -EXPL: 0CVE-2024-20127
https://notcve.org/view.php?id=CVE-2024-20127
In Telephony, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. • https://corp.mediatek.com/product-security-bulletin/December-2024 • CWE-125: Out-of-bounds Read •