Security Vulnerabilities - CVEs Published In February 2023
Information disclosure due to buffer over-read in WLAN while parsing NMF frame.
CVSS Score
8.2
EPSS Score
0.001
Published
2023-02-12
Memory corruption in modem due to buffer copy without checking size of input while receiving WMI command.
CVSS Score
8.4
EPSS Score
0.001
Published
2023-02-12
Memory corruption due to stack based buffer overflow in WLAN having invalid WNM frame length.
CVSS Score
9.8
EPSS Score
0.002
Published
2023-02-12
Memory corruption due to access of uninitialized pointer in Bluetooth HOST while processing the AVRCP packet.
CVSS Score
7.3
EPSS Score
0.001
Published
2023-02-12
Transient DOS due to buffer over-read in WLAN while processing an incoming management frame with incorrectly filled IEs.
CVSS Score
7.5
EPSS Score
0.001
Published
2023-02-12
Transient DOS due to buffer over-read in WLAN Host while parsing frame information.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-02-12
Transient DOS due to improper input validation in WLAN Host while parsing frame during defragmentation.
CVSS Score
7.5
EPSS Score
0.002
Published
2023-02-12
HP Factory Preinstalled Images on certain systems that shipped with Windows 10 versions 20H2 and earlier OS versions might allow escalation of privilege via execution of certain files outside the restricted path. This potential vulnerability was remediated starting with Windows 10 versions 21H2 on October 31, 2021.
CVSS Score
7.8
EPSS Score
0.002
Published
2023-02-12
An open redirect to malicious sites can occur when accessing the "Feedback" action on the manager page.
CVSS Score
8.2
EPSS Score
0.001
Published
2023-02-12
Memory corruption in modem due to improper length check while copying into memory
CVSS Score
9.8
EPSS Score
0.001
Published
2023-02-12