Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In 2024
CVE-2024-33056
Memory corruption when allocating and accessing an entry in an SMEM partition continuously.
CVSS Score
8.4
EPSS Score
0.0
Published
2024-12-02
CVE-2024-33063
Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-12-02
CVE-2024-43048
Memory corruption when invalid input is passed to invoke GPU Headroom API call.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-12-02
CVE-2024-33037
Information disclosure as NPU firmware can send invalid IPC message to NPU driver as the driver doesn`t validate the IPC message received from the firmware.
CVSS Score
6.1
EPSS Score
0.0
Published
2024-12-02
CVE-2024-33039
Memory corruption when PAL client calls PAL service APIs by passing a random value as handle and the handle is not validated by the service.
CVSS Score
6.7
EPSS Score
0.0
Published
2024-12-02
CVE-2024-33036
Memory corruption while parsing sensor packets in camera driver, user-space variable is used while allocating memory in kernel and parsing which can lead to huge allocation or invalid memory access.
CVSS Score
6.7
EPSS Score
0.0
Published
2024-12-02
CVE-2024-53103
In the Linux kernel, the following vulnerability has been resolved: hv_sock: Initializing vsk->trans to NULL to prevent a dangling pointer When hvs is released, there is a possibility that vsk->trans may not be initialized to NULL, which could lead to a dangling pointer. This issue is resolved by initializing vsk->trans to NULL.
CVSS Score
7.8
EPSS Score
0.0
Published
2024-12-02
CVE-2024-53104
Known exploited
In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming.
CVSS Score
7.8
EPSS Score
0.114
Published
2024-12-02
CVE-2024-20138
In wlan driver, there is a possible out of bound read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08998291; Issue ID: MSV-1604.
CVSS Score
7.5
EPSS Score
0.001
Published
2024-12-02
CVE-2024-20129
In Telephony, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS09289881; Issue ID: MSV-2025.
CVSS Score
7.5
EPSS Score
0.002
Published
2024-12-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved