CVSS: -EPSS: 0%CPEs: -EXPL: 0CVE-2024-48986
https://notcve.org/view.php?id=CVE-2024-48986
Its hci parsing software dynamically determines the length of certain hci packets by reading a byte from its header. Certain events cause a callback, the logic for which allocates a buffer (the length of which is determined by looking up the event type in a table). The subsequent write operation, however, copies the amount of data specified in the packet header, which may lead to a buffer overflow. This bug is trivial to exploit for a denial of service but is not certain to suffice to bring the system down and can generally not be exploited further because the exploitable buffer is dynamically allocated. • https://github.com/mbed-ce/mbed-os/blob/54e8693ef4ff7e025018094f290a1d5cf380941f/connectivity/FEATURE_BLE/libraries/cordio_stack/ble-host/sources/hci/dual_chip/hci_evt.c#L3018 https://github.com/mbed-ce/mbed-os/pull/385 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2018-9456
https://notcve.org/view.php?id=CVE-2018-9456
In sdpu_extract_attr_seq of sdp_utils.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-09-01 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2018-9440
https://notcve.org/view.php?id=CVE-2018-9440
In parse of M3UParser.cpp there is a possible resource exhaustion due to improper input validation. This could lead to denial of service with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-09-01 •
CVSS: -EPSS: 0%CPEs: 5EXPL: 0CVE-2018-9412
https://notcve.org/view.php?id=CVE-2018-9412
In removeUnsynchronization of ID3.cpp there is a possible resource exhaustion due to improper input validation. This could lead to denial of service with no additional execution privileges needed. • https://source.android.com/security/bulletin/2018-07-01 •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-45422 – Zoom Apps - Improper Input Validation
https://notcve.org/view.php?id=CVE-2024-45422
Improper input validation in some Zoom Apps before version 6.2.0 may allow an unauthenticated user to conduct a denial of service via network access. • https://www.zoom.com/en/trust/security-bulletin/zsb-24044 • CWE-20: Improper Input Validation •