CVE-2024-2607

HIGH Year: 2024
CVSS v3 Score
8.1
High
Weakness Type
CWE-123
View all →

Vulnerability Description

Return registers were overwritten which could have allowed an attacker to execute arbitrary code. *Note:* This issue only affected Armv7-A systems. Other operating systems are unaffected. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

Related Vulnerabilities

CVE-2022-35408

HIGH
CVSS:8.2(High)

An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. An SMM callout vulnerability in the SMM driver in UsbLegacyControlSmm leads to possible arbitrary code execution in SMM and esc...

CWE-1232022

CVE-2022-40262

HIGH
CVSS:8.2(High)

A potential attacker can execute an arbitrary code at the time of the PEI phase and influence the subsequent boot stages. This can lead to the mitigations bypassing, physical memory contents disclosur...

CWE-1232022

CVE-2024-36877

HIGH
CVSS:8.2(High)

Micro-Star International Z-series motherboards (Z590, Z490, and Z790) and B-series motherboards (B760, B560, B660, and B460) with firmware 7D25v14, 7D25v17 to 7D25v19, and 7D25v1A to 7D25v1H was disco...

CWE-1232024

CVE-2017-6282

HIGH
CVSS:7.8(High)

NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an attacker has the ability to write an arbitrary value to an arbitrary location which may lead to an escalation of privileges. This ...

CWE-1232017

CVE-2018-16962

HIGH
CVSS:7.8(High)

Webroot SecureAnywhere before 9.0.8.34 on macOS mishandles access to the driver by a process that lacks root privileges.

CWE-1232018

CVE-2020-16225

HIGH
CVSS:7.8(High)

Delta Electronics TPEditor Versions 1.97 and prior. A write-what-where condition may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allo...

CWE-1232020