CVE-2024-39343

HIGH Year: 2024
CVSS v3 Score
7.0
High
Weakness Type
CWE-1284
View all →

Vulnerability Description

An issue was discovered in Samsung Mobile Processor and Wearable Processor Exynos 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, Modem 5123, and Modem 5300. The baseband software does not properly check the length specified by the MM (Mobility Management) module, which can lead to Denial of Service.

Related Vulnerabilities

CVE-2024-5102

HIGH
CVSS:7.0(High)

A sym-linked file accessed via the repair function in Avast Antivirus <24.2 on Windows may allow user to elevate privilege to delete arbitrary files or run processes as NT AUTHORITY\SYSTEM. The vulner...

CWE-12842024

CVE-2021-1058

HIGH
CVSS:7.1(High)

NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input data size is not validated, which may lead to tampering of data or denial of service. T...

CWE-12842021

CVE-2021-1062

HIGH
CVSS:7.1(High)

NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x...

CWE-12842021

CVE-2021-45972

HIGH
CVSS:7.1(High)

The giftrans function in giftrans 1.12.2 contains a stack-based buffer overflow because a value inside the input file determines the amount of data to write. This allows an attacker to overwrite up to...

CWE-12842021

CVE-2024-3185

MEDIUM
CVSS:6.8(Medium)

A key used in logging.json does not follow the least privilege principle by default and is exposed to local users in the Rapid7 Platform. This allows an attacker with local access to a machine with th...

CWE-12842024

CVE-2023-38709

HIGH
CVSS:7.3(High)

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58.

CWE-12842023