Vulnerabilities > Marvell > High

DATE CVE VULNERABILITY TITLE RISK
2021-01-08 CVE-2020-5804 Path Traversal vulnerability in Marvell Qconvergeconslole GUI 5.5.0.74
Marvell QConvergeConsole GUI <= 5.5.0.74 is affected by a path traversal vulnerability.
network
low complexity
marvell CWE-22
8.5
2020-12-18 CVE-2020-5803 Path Traversal vulnerability in Marvell Qconvergeconsole 5.5.00.74
Relative Path Traversal in Marvell QConvergeConsole GUI 5.5.0.74 allows a remote, authenticated attacker to delete arbitrary files on disk as SYSTEM or root.
network
low complexity
marvell CWE-22
8.5
2020-08-25 CVE-2020-15645 Unrestricted Upload of File with Dangerous Type vulnerability in Marvell Qconvergeconsole
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64.
network
low complexity
marvell CWE-434
8.8
2020-08-25 CVE-2020-15643 Path Traversal vulnerability in Marvell Qconvergeconsole
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64.
network
low complexity
marvell CWE-22
8.8
2019-11-15 CVE-2019-13582 Out-of-bounds Write vulnerability in Marvell 88W8688 Firmware
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module.
network
low complexity
marvell CWE-787
7.5
2019-11-15 CVE-2019-13581 Out-of-bounds Write vulnerability in Marvell 88W8688 Firmware
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module.
network
low complexity
marvell CWE-787
7.5
2019-01-20 CVE-2019-6496 Out-of-bounds Write vulnerability in Marvell products
The ThreadX-based firmware on Marvell Avastar Wi-Fi devices, models 88W8787, 88W8797, 88W8801, 88W8897, and 88W8997, allows remote attackers to execute arbitrary code or cause a denial of service (block pool overflow) via malformed Wi-Fi packets during identification of available Wi-Fi networks.
low complexity
marvell CWE-787
8.3
2016-07-26 CVE-2015-5738 Information Exposure vulnerability in multiple products
The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy (PFS), makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack.
network
low complexity
marvell f5 CWE-200
7.5
2008-10-14 CVE-2008-4441 Improper Input Validation vulnerability in Linksys Wap400N 1.2.14
The Marvell driver for the Linksys WAP4400N Wi-Fi access point with firmware 1.2.14 on the Marvell 88W8361P-BEM1 chipset, when WEP mode is enabled, does not properly parse malformed 802.11 frames, which allows remote attackers to cause a denial of service (reboot or hang-up) via a malformed association request containing the WEP flag, as demonstrated by a request that is too short, a different vulnerability than CVE-2008-1144 and CVE-2008-1197.
7.1