CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2025-5150 – docarray Web API torch_dataset.py __getitem__ prototype pollution
https://notcve.org/view.php?id=CVE-2025-5150
25 May 2025 — A vulnerability was found in docarray up to 0.40.1. It has been rated as critical. Affected by this issue is the function __getitem__ of the file /docarray/data/torch_dataset.py of the component Web API. The manipulation leads to improperly controlled modification of object prototype attributes ('prototype pollution'). The attack may be launched remotely. • https://gist.github.com/superboy-zjc/56502343bcb12eb653081b426debf2c8 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 1CVE-2025-2953 – PyTorch torch.mkldnn_max_pool2d denial of service
https://notcve.org/view.php?id=CVE-2025-2953
30 Mar 2025 — A vulnerability, which was classified as problematic, has been found in PyTorch 2.6.0+cu124. Affected by this issue is the function torch.mkldnn_max_pool2d. The manipulation leads to denial of service. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. • https://github.com/pytorch/pytorch/issues/149274 • CWE-404: Improper Resource Shutdown or Release •
CVSS: 4.1EPSS: 0%CPEs: 4EXPL: 0CVE-2025-20651
https://notcve.org/view.php?id=CVE-2025-20651
03 Mar 2025 — In da, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291294; Issue ID: MSV-2062. • https://corp.mediatek.com/product-security-bulletin/March-2025 • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 4EXPL: 0CVE-2025-20650
https://notcve.org/view.php?id=CVE-2025-20650
03 Mar 2025 — In da, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09291294; Issue ID: MSV-2061. • https://corp.mediatek.com/product-security-bulletin/March-2025 • CWE-787: Out-of-bounds Write •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2024-20147
https://notcve.org/view.php?id=CVE-2024-20147
03 Feb 2025 — In Bluetooth FW, there is a possible reachable assertion due to improper exception handling. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00389046 (Note: For MT79XX chipsets) / ALPS09136501 (Note: For MT2737, MT3603, MT6XXX, and MT8XXX chipsets); Issue ID: MSV-1797. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-617: Reachable Assertion •
CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0CVE-2025-20635
https://notcve.org/view.php?id=CVE-2025-20635
03 Feb 2025 — In V6 DA, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS09403752; Issue ID: MSV-2434. • https://corp.mediatek.com/product-security-bulletin/February-2025 • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24417
https://notcve.org/view.php?id=CVE-2024-24417
21 Jan 2025 — The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_protocol_configuration_options function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet. • https://cellularsecurity.org/ransacked • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24416
https://notcve.org/view.php?id=CVE-2024-24416
21 Jan 2025 — The Linux Foundation Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) was discovered to contain a buffer overflow in the decode_access_point_name_ie function at /3gpp/3gpp_24.008_sm_ies.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted NAS packet. • https://cellularsecurity.org/ransacked • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-37032
https://notcve.org/view.php?id=CVE-2023-37032
21 Jan 2025 — A Stack-based buffer overflow in the Mobile Management Entity (MME) of Magma versions <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows remote attackers to crash the MME with an unauthenticated cellphone by sending a NAS packet containing an oversized `Emergency Number List` Information Element. • https://cellularsecurity.org/ransacked • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-24421
https://notcve.org/view.php?id=CVE-2024-24421
21 Jan 2025 — A type confusion in the nas_message_decode function of Magma <= 1.8.0 (fixed in v1.9 commit 08472ba98b8321f802e95f5622fa90fec2dea486) allows attackers to execute arbitrary code or cause a Denial of Service (DoS) via a crafted NAS packet. • https://cellularsecurity.org/ransacked • CWE-94: Improper Control of Generation of Code ('Code Injection') •